PopUp Trojaner

millionj0ker · 26.04.2014, 13:50

FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 02
Ran by Simon (administrator) on SIMON-PC on 26-04-2014 14:47:49
Running from C:\Users\Simon\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\PassShow\PassShowM.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
() C:\Program Files (x86)\PassShow\PassShowBJ161.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-26] (Microsoft Corporation)
HKU\S-1-5-21-4146840192-2193111062-978237871-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1826496 2014-04-22] (Valve Corporation)
HKU\S-1-5-21-4146840192-2193111062-978237871-1000\...\MountPoints2: {10513451-9c9b-11e3-8c63-806e6f6e6963} - D:\Bin\ASSETUP.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14131
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB4CBEBC9BE30CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\mxnav4be.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKCU\...\Firefox\Extensions: [{7EE6F548-5077-FE65-5AC4-5E2C1FED72F0}] - C:\Program Files (x86)\PassShow\161.xpi
FF Extension: PassShow - C:\Program Files (x86)\PassShow\161.xpi [2014-04-23]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-02-23] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
R2 PassShow; C:\Program Files (x86)\PassShow\PassShowBJ161.exe [142848 2014-04-23] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-23] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-03] (Disc Soft Ltd)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-03-26] (<Turtle Entertainment>)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 EverestDriver; \??\C:\Users\Simon\AppData\Local\Temp\EverestDriver.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 14:47 - 2014-04-26 14:48 - 00008705 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-04-26 14:47 - 2014-04-26 14:47 - 02061824 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2014-04-26 14:47 - 2014-04-26 14:47 - 00000000 ____D () C:\FRST
2014-04-24 23:03 - 2014-04-24 23:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-24 23:02 - 2014-04-25 00:46 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-24 23:02 - 2014-04-24 23:02 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-04-24 23:02 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-04-24 23:01 - 2014-04-24 23:03 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-24 23:01 - 2014-04-24 23:01 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Simon\Downloads\spybot-2.2.25.exe
2014-04-23 23:08 - 2014-04-23 23:20 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:07 - 2014-04-23 23:07 - 01365865 _____ () C:\Users\Simon\Downloads\AdwCleaner.exe
2014-04-23 14:52 - 2014-04-26 14:42 - 00000380 _____ () C:\Windows\Tasks\PassShow Update.job
2014-04-23 14:52 - 2014-04-26 12:05 - 00000360 _____ () C:\Windows\Tasks\PassShow_wd.job
2014-04-23 14:52 - 2014-04-23 14:52 - 00003028 _____ () C:\Windows\System32\Tasks\PassShow Update
2014-04-23 14:52 - 2014-04-23 14:52 - 00002948 _____ () C:\Windows\System32\Tasks\PassShow_wd
2014-04-23 14:51 - 2014-04-23 14:52 - 00000000 ____D () C:\Program Files (x86)\PassShow
2014-04-18 15:06 - 2014-04-18 15:06 - 28634028 _____ () C:\Users\Simon\Downloads\dance vid.mp4
2014-04-15 20:15 - 2014-04-15 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Microsoft Games
2014-04-12 16:34 - 2014-04-12 16:42 - 00000000 ____D () C:\Users\Simon\Downloads\12.04.14. MUSIK
2014-04-10 12:02 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 12:02 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 12:02 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 12:02 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 12:02 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 12:02 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 12:02 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 12:02 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 12:02 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 12:02 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 12:02 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-07 17:51 - 2014-04-26 12:29 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client
2014-04-07 17:51 - 2014-04-07 17:51 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-06 19:56 - 2014-04-06 21:18 - 00000000 ____D () C:\Users\Simon\Desktop\Vorstell Bilder
2014-04-06 16:33 - 2014-04-06 18:56 - 00000000 ____D () C:\Users\Simon\Desktop\adi cd
2014-04-06 16:23 - 2014-04-06 15:39 - 00000000 ____D () C:\Users\Simon\Downloads\Portfolio
2014-04-05 22:52 - 2014-04-05 22:52 - 00001801 _____ () C:\Users\Simon\Desktop\DJ MONREY INTRO.txt
2014-04-05 20:15 - 2014-04-23 17:22 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\IrfanView
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-04-04 18:59 - 2014-04-04 18:59 - 01192533 _____ () C:\Windows\unins000.exe
2014-04-04 18:59 - 2014-04-04 18:59 - 00018412 _____ () C:\Windows\unins000.dat
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MingGuan
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-04-02 11:33 - 2014-04-02 11:33 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\SynthMaker
2014-03-30 19:10 - 2014-03-30 20:08 - 281961389 _____ () C:\Users\Simon\Downloads\Araab Muzik Drum Kit.rar
2014-03-30 14:54 - 2014-03-30 14:56 - 281636534 _____ () C:\Users\Simon\Downloads\Clean%20Crate.zip
2014-03-30 14:40 - 2014-03-30 14:40 - 00000000 ____D () C:\Users\Simon\Documents\Ubisoft
2014-03-30 12:57 - 2014-03-30 16:33 - 00000000 ____D () C:\Users\Simon\AppData\Local\Ubisoft Game Launcher
2014-03-30 12:57 - 2014-03-30 13:54 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-30 12:57 - 2014-03-30 12:57 - 00001201 _____ () C:\Users\Simon\Desktop\Uplay.lnk
2014-03-30 12:57 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-03-29 22:14 - 2014-03-29 22:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Leadertech
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-28 17:41 - 2014-03-30 21:04 - 00019295 _____ () C:\Windows\LDPINST.LOG
2014-03-28 17:41 - 2014-03-30 21:04 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-28 17:39 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logitech
2014-03-28 17:39 - 2014-03-28 17:40 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logishrd

==================== One Month Modified Files and Folders =======

2014-04-26 14:48 - 2014-04-26 14:47 - 00008705 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-04-26 14:47 - 2014-04-26 14:47 - 02061824 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2014-04-26 14:47 - 2014-04-26 14:47 - 00000000 ____D () C:\FRST
2014-04-26 14:42 - 2014-04-23 14:52 - 00000380 _____ () C:\Windows\Tasks\PassShow Update.job
2014-04-26 14:09 - 2014-02-23 21:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 13:57 - 2014-02-23 19:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-26 13:53 - 2014-02-23 17:04 - 01778805 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 12:47 - 2014-03-19 00:18 - 00000000 ____D () C:\Users\Simon\AppData\Local\ESL Wire Game Client
2014-04-26 12:29 - 2014-04-07 17:51 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client
2014-04-26 12:13 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 12:13 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 12:05 - 2014-04-23 14:52 - 00000360 _____ () C:\Windows\Tasks\PassShow_wd.job
2014-04-26 12:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 12:05 - 2009-07-14 06:51 - 00062759 _____ () C:\Windows\setupact.log
2014-04-25 00:46 - 2014-04-24 23:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-24 23:03 - 2014-04-24 23:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-24 23:03 - 2014-04-24 23:01 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-24 23:02 - 2014-04-24 23:02 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-24 23:02 - 2014-04-24 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-04-24 23:01 - 2014-04-24 23:01 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Simon\Downloads\spybot-2.2.25.exe
2014-04-23 23:20 - 2014-04-23 23:08 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:15 - 2014-03-01 02:24 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Raptr
2014-04-23 23:07 - 2014-04-23 23:07 - 01365865 _____ () C:\Users\Simon\Downloads\AdwCleaner.exe
2014-04-23 17:22 - 2014-04-05 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-04-23 14:52 - 2014-04-23 14:52 - 00003028 _____ () C:\Windows\System32\Tasks\PassShow Update
2014-04-23 14:52 - 2014-04-23 14:52 - 00002948 _____ () C:\Windows\System32\Tasks\PassShow_wd
2014-04-23 14:52 - 2014-04-23 14:51 - 00000000 ____D () C:\Program Files (x86)\PassShow
2014-04-23 14:51 - 2014-02-26 21:38 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-19 22:46 - 2009-07-14 19:58 - 00699318 _____ () C:\Windows\system32\perfh007.dat
2014-04-19 22:46 - 2009-07-14 19:58 - 00149458 _____ () C:\Windows\system32\perfc007.dat
2014-04-19 22:46 - 2009-07-14 07:13 - 01620196 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-19 21:24 - 2014-03-03 19:55 - 00000000 ____D () C:\Users\Simon\Desktop\DJ MONREY 2014
2014-04-18 15:06 - 2014-04-18 15:06 - 28634028 _____ () C:\Users\Simon\Downloads\dance vid.mp4
2014-04-16 16:21 - 2014-02-24 17:48 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HLSW
2014-04-15 20:15 - 2014-04-15 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Microsoft Games
2014-04-15 19:52 - 2014-02-23 17:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 14:33 - 2014-02-23 21:31 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 14:33 - 2014-02-23 21:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 14:33 - 2014-02-23 21:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 14:33 - 2014-02-23 21:31 - 00000000 ____D () C:\Users\Simon\AppData\Local\Adobe
2014-04-14 14:31 - 2014-02-23 17:04 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-12 16:42 - 2014-04-12 16:34 - 00000000 ____D () C:\Users\Simon\Downloads\12.04.14. MUSIK
2014-04-10 12:45 - 2014-02-25 19:09 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 12:45 - 2014-02-25 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 17:51 - 2014-04-07 17:51 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-04-07 17:51 - 2014-04-07 17:51 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-07 17:50 - 2014-02-23 20:29 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-06 21:18 - 2014-04-06 19:56 - 00000000 ____D () C:\Users\Simon\Desktop\Vorstell Bilder
2014-04-06 18:56 - 2014-04-06 16:33 - 00000000 ____D () C:\Users\Simon\Desktop\adi cd
2014-04-06 16:24 - 2014-03-07 21:14 - 00000000 ____D () C:\Users\Simon\Downloads\musikpacks
2014-04-06 15:39 - 2014-04-06 16:23 - 00000000 ____D () C:\Users\Simon\Downloads\Portfolio
2014-04-05 22:52 - 2014-04-05 22:52 - 00001801 _____ () C:\Users\Simon\Desktop\DJ MONREY INTRO.txt
2014-04-05 20:15 - 2014-04-05 20:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\Users\Simon\AppData\Local\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Skype
2014-04-05 20:15 - 2014-04-05 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-04 21:59 - 2014-03-19 00:18 - 00000779 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2014-04-04 21:59 - 2014-03-19 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2014-04-04 21:59 - 2014-02-24 17:41 - 00000000 ____D () C:\Program Files\EslWire
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\IrfanView
2014-04-04 21:42 - 2014-04-04 21:42 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-04-04 19:57 - 2014-02-23 20:38 - 00000000 ____D () C:\Users\Simon\Desktop\DJ Keule - Personal Top 25 May DJ Edits (Serato Ready)
2014-04-04 18:59 - 2014-04-04 18:59 - 01192533 _____ () C:\Windows\unins000.exe
2014-04-04 18:59 - 2014-04-04 18:59 - 00018412 _____ () C:\Windows\unins000.dat
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MingGuan
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-04-04 18:59 - 2014-04-04 18:59 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-04-02 11:33 - 2014-04-02 11:33 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\SynthMaker
2014-03-31 03:16 - 2014-04-10 12:02 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 12:02 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 21:04 - 2014-03-28 17:41 - 00019295 _____ () C:\Windows\LDPINST.LOG
2014-03-30 21:04 - 2014-03-28 17:41 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-30 21:01 - 2014-02-28 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 20:08 - 2014-03-30 19:10 - 281961389 _____ () C:\Users\Simon\Downloads\Araab Muzik Drum Kit.rar
2014-03-30 16:33 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Simon\AppData\Local\Ubisoft Game Launcher
2014-03-30 15:37 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-03-30 14:56 - 2014-03-30 14:54 - 281636534 _____ () C:\Users\Simon\Downloads\Clean%20Crate.zip
2014-03-30 14:40 - 2014-03-30 14:40 - 00000000 ____D () C:\Users\Simon\Documents\Ubisoft
2014-03-30 14:17 - 2014-02-23 20:38 - 00046715 _____ () C:\Windows\DirectX.log
2014-03-30 13:54 - 2014-03-30 12:57 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-30 13:54 - 2014-02-23 19:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-30 12:57 - 2014-03-30 12:57 - 00001201 _____ () C:\Users\Simon\Desktop\Uplay.lnk
2014-03-30 12:57 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-03-29 22:14 - 2014-03-29 22:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Leadertech
2014-03-28 17:42 - 2014-03-28 17:42 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-28 17:42 - 2014-03-28 17:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logitech
2014-03-28 17:40 - 2014-03-28 17:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Logishrd

Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 17:04

==================== End Of Log ============================

--- --- ---

Addition.txt

Zitat:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 02
Ran by Simon at 2014-04-26 14:48:35
Running from C:\Users\Simon\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40223 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0223.2239.40626 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{A081D35B-0AF0-588A-D0D6-259D25C03E50}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0223.2239.40626 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0223.2239.40626 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0223.2239.40626 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0223.2239.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0223.2238.40626 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0223.2239.40626 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
Futuremark SystemInfo (HKLM-x32\...\{991C8DEA-3C01-45B8-A62B-1BB69BDC277D}) (Version: 4.23.255 - Futuremark)
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
PassShow (HKLM-x32\...\B6D5E568-7210-4E6B-1D8D-291886DA9D93) (Version: - PassShow-software) <==== ATTENTION
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0031 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
Scratch Live 2.5.0 (11) (HKLM-x32\...\{EA21EB55-073F-4CF5-A964-0412E755955A}) (Version: 2.5.0 - Serato Inc LP)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{3C51045E-B5F6-43CD-910C-133E0976F4F4}) (Version: 5.0.1353.0 - SmartSoft Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Sylenth1 v2.20 (HKLM-x32\...\Sylenth1_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.03 - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points =========================

07-04-2014 17:42:51 Geplanter Prüfpunkt
10-04-2014 10:44:38 Windows Update
19-04-2014 15:11:24 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0890A6C9-E0A6-4673-9054-B6213676A4E7} - System32\Tasks\PassShow Update => C:\Program Files (x86)\PassShow\PassShowATk.exe [2014-04-23] () <==== ATTENTION
Task: {44878F05-57B9-4375-80B3-B0997E5D8885} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {7D271B0E-8085-4C3C-9B0C-485F7F7CA7DD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {C5E68E4D-45CB-4350-83D4-B50EFECE8C9F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {D586AC82-8E47-453C-9692-4408BC9EE5E9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {E817267D-7C9A-467B-A6B7-9B4500BF5A29} - System32\Tasks\PassShow_wd => C:\Program Files (x86)\PassShow\PassShowM.exe [2014-04-23] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PassShow Update.job => C:\Program Files (x86)\PassShow\PassShowATk.exe <==== ATTENTION
Task: C:\Windows\Tasks\PassShow_wd.job => C:\Program Files (x86)\PassShow\PassShowM.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-04-23 14:51 - 2014-04-23 14:51 - 00077312 _____ () C:\Program Files (x86)\PassShow\PassShowM.exe
2014-02-23 23:42 - 2014-02-23 23:42 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-11-04 16:03 - 2013-11-04 16:03 - 00818688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-11-04 16:03 - 2013-11-04 16:03 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-02-24 17:41 - 2014-01-29 19:14 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2014-02-24 17:41 - 2014-02-06 16:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-04-23 14:51 - 2014-04-23 14:51 - 00142848 _____ () C:\Program Files (x86)\PassShow\PassShowBJ161.exe
2014-02-23 20:43 - 2014-02-23 20:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00577480 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 02868736 _____ () C:\Program Files\EslWire\QtCore4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 10445824 _____ () C:\Program Files\EslWire\QtGui4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 14672896 _____ () C:\Program Files\EslWire\QtWebKit4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 00348160 _____ () C:\Program Files\EslWire\phonon4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 00503296 _____ () C:\Program Files\EslWire\QtDBus4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 00454656 _____ () C:\Program Files\EslWire\QtXml4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 01277440 _____ () C:\Program Files\EslWire\QtNetwork4.dll
2014-03-19 00:18 - 2014-04-02 13:52 - 08657920 _____ () C:\Program Files\EslWire\WireCore.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 00799744 _____ () C:\Program Files\EslWire\QtSql4.dll
2014-03-19 00:18 - 2014-02-06 16:38 - 00214016 _____ () C:\Program Files\EslWire\NocIPC64.dll
2014-03-19 00:18 - 2014-04-02 13:51 - 00607232 _____ () C:\Program Files\EslWire\Linesman.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 00032768 _____ () C:\Program Files\EslWire\imageformats\qgif4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 00237056 _____ () C:\Program Files\EslWire\imageformats\qjpeg4.dll
2014-03-19 00:18 - 2014-01-29 19:14 - 00278528 _____ () C:\Program Files\EslWire\imageformats\qmng4.dll
2014-03-19 00:18 - 2014-02-06 16:39 - 00310272 _____ () C:\Program Files\EslWire\laginspect\laginspect.dll
2014-02-23 20:37 - 2014-02-14 12:00 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-23 19:45 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-23 22:53 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-02-23 19:45 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-02-23 19:45 - 2014-04-22 01:42 - 01135808 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-02-23 19:45 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-02-23 19:45 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-02-23 19:45 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-02-23 19:45 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-04-24 23:02 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-04-24 23:02 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-04-23 14:51 - 2014-04-23 14:51 - 00133120 _____ () C:\Program Files (x86)\PassShow\PassShowBJ161.dll
2014-04-24 23:02 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-04-24 23:02 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-24 23:02 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-03-29 22:14 - 2014-03-29 22:14 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-14 14:33 - 2014-04-14 14:33 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2014 02:52:10 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/22/2014 08:16:25 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/21/2014 06:31:14 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/20/2014 03:34:51 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/19/2014 02:56:33 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/18/2014 09:33:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DotP_D14.exe, Version: 0.0.0.0, Zeitstempel: 0x523982ce
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xdb8
Startzeit der fehlerhaften Anwendung: 0xDotP_D14.exe0
Pfad der fehlerhaften Anwendung: DotP_D14.exe1
Pfad des fehlerhaften Moduls: DotP_D14.exe2
Berichtskennung: DotP_D14.exe3

Error: (04/18/2014 07:40:57 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/18/2014 02:32:04 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/18/2014 02:30:13 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/16/2014 10:57:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 28.0.0.5186, Zeitstempel: 0x5323e5ef
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000119c
ID des fehlerhaften Prozesses: 0x2a80
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

System errors:
=============
Error: (04/26/2014 00:05:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/25/2014 02:40:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/25/2014 02:40:21 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/25/2014 02:39:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/24/2014 11:02:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/24/2014 11:02:37 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/24/2014 08:25:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/23/2014 11:40:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Enumeratordienst für tragbare Geräte" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1115

Error: (04/23/2014 11:40:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Zugriff auf Eingabegeräte" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1115

Error: (04/23/2014 11:40:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Diagnosediensthost" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Microsoft Office Sessions:
=========================
Error: (04/23/2014 02:52:10 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/22/2014 08:16:25 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/21/2014 06:31:14 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/20/2014 03:34:51 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/19/2014 02:56:33 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/18/2014 09:33:16 PM) (Source: Application Error)(User: )
Description: DotP_D14.exe0.0.0.0523982centdll.dll6.1.7601.18247521ea8e7c0000374000ce753db801cf5b3677e0cf8fC:\Program Files (x86)\Steam\steamapps\common\Magic 2014\.\DotP_D14.exeC:\Windows\SysWOW64\ntdll.dll496b4c1a-c730-11e3-b788-50465d9f5061

Error: (04/18/2014 07:40:57 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/18/2014 02:32:04 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/18/2014 02:30:13 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/16/2014 10:57:09 PM) (Source: Application Error)(User: )
Description: plugin-container.exe28.0.0.518653240e5dmozalloc.dll28.0.0.51865323e5ef800000030000119c2a8001cf5998c90d28eeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllac4898d1-c5a9-11e3-8cc0-50465d9f5061

CodeIntegrity Errors:
===================================
Date: 2014-02-23 16:30:48.063
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-02-23 16:30:48.047
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-02-23 16:30:47.876
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-02-23 16:30:47.860
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 8158.5 MB
Available physical RAM: 5524.41 MB
Total Pagefile: 16315.17 MB
Available Pagefile: 13283.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:321.51 GB) NTFS
Drive d: (Drakonia Black) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A6CAE3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

PopUp Trojaner

Plagegeister aller Art und deren Bekämpfung: PopUp Trojaner

PopUp Trojaner

Ähnliche Themen: PopUp Trojaner