| Hjalfnar | 14.09.2014 15:41 |
Alles klar!
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Hjalfnar at 2014-09-14 15:45:41
Running from C:\Users\Hjalfnar\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACW 3.0 Brothers vs Brothers Music (HKLM-x32\...\ACW 3.0 Brothers vs Brothers Music(only)) (Version: (only) - ACW mod Team)
ACW Brothers vs Brothers (HKLM-x32\...\ACW Brothers vs Brothers3.3) (Version: 3.3 - ACW mod Team)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{142be4a8-895b-4ed9-b1ff-11c76357e3df}) (Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
calibre 64bit (HKLM\...\{2B73426A-9499-4875-BAE9-8DD729009399}) (Version: 1.47.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Codename Panzers Cold War (HKLM\...\Codename Panzers Cold War_is1) (Version: - )
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darkest Hour A Hearts of Iron Game (HKCU\...\Darkest Hour A Hearts of Iron Game) (Version: - Paradox Interactive AB)
DarthMod: Shogun II (HKLM-x32\...\DarthMod: Shogun II) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.671.10 - Electronic Arts Inc.)
Dragon Age Redesigned © Morrigan (HKCU\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned Oghren© (HKCU\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKCU\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKCU\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKCU\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKCU\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKCU\...\Dragon Age Redesigned© Wynne) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
Fallout 2 (HKLM-x32\...\Fallout 2_is1) (Version: - GOG.com)
File Type Advisor 1.4 (HKLM-x32\...\File Type Advisor_is1) (Version: - filetypeadvisor.com)
FO2 Restoration Project 2.3.2 (HKLM-x32\...\Fallout 2 Restoration Project_is1) (Version: - killap)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version: - Paradox Development Studio)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Panzer Corps (HKLM-x32\...\Steam App 268400) (Version: - Flashback Games)
Panzer Corps Collection version 1.14 + ALL DLC (HKLM-x32\...\Panzer Corps Collection_is1) (Version: 1.14 + ALL DLC - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.6 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Setup - The SIMS 4 Deluxe Edition ... (HKLM-x32\...\Setup - The SIMS 4 Deluxe Edition ...) (Version: ... - Electronic Arts)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.05.0000 - Ubisoft)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SOUP - Share-Online Uploader (HKCU\...\ab1af244d47f0c33) (Version: 1.0.0.26 - Xlice Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version: - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Sims™ 3 Кино Каталог (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Wargame: AirLand Battle (HKLM-x32\...\Steam App 222750) (Version: - Eugen Systems)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version: - MachineGames)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-09-2014 06:07:54 Windows Update
11-09-2014 07:57:07 Removed LogMeIn Hamachi
11-09-2014 07:59:03 Installed LogMeIn Hamachi
12-09-2014 01:00:11 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-09-14 10:07 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {010D6386-90CF-4816-AB6D-2A22D69AFD2D} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {22B8B89F-437F-4B87-B6FA-BA1CEA4EEEBD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {2692649C-5804-43B8-8B2B-95F1B4A4828D} - System32\Tasks\Origin => C:\Users\Hjalfnar\AppData\Roaming\Origin\update.vbe [2014-09-06] () <==== ATTENTION
Task: {69246FFB-17AF-4332-9C22-C2FC5F9ED3BE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {8E58DDBA-D122-4CF5-9EBE-444988935D6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-20] (Adobe Systems Incorporated)
Task: {8FA49973-C018-4B07-A511-E548137CC028} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {9A062267-36A6-45A0-98C3-46C95E08DB16} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com )
Task: {F19AA483-C0AB-4A34-9F2A-6CC46EAE63C5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-07-15 15:50 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2014-04-15 15:33 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-31 08:42 - 2014-05-31 08:42 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-31 08:42 - 2014-05-31 08:42 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-14 15:41 - 2014-09-14 15:41 - 00050477 _____ () C:\Users\Hjalfnar\Downloads\Defogger.exe
2014-07-18 06:05 - 2014-05-13 12:04 - 00109400 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-18 06:05 - 2014-05-13 12:04 - 00416600 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-18 06:05 - 2014-05-13 12:04 - 00167768 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-18 06:05 - 2012-08-23 10:38 - 00574840 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-18 06:05 - 2012-04-03 17:06 - 00565640 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-12 21:20 - 2014-09-12 21:20 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-15 14:32 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-28 23:57 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 23:57 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 23:57 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-04-15 16:31 - 2014-08-21 00:38 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 00:49 - 2014-08-28 13:48 - 02224320 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 23:57 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 23:57 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-04-15 16:31 - 2014-08-28 13:48 - 00678080 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-04-15 16:31 - 2014-08-21 00:38 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-14 22:46 - 2014-08-21 00:38 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-08-20 10:47 - 2014-08-20 10:47 - 09496576 _____ () C:\Users\Hjalfnar\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2014-05-08 13:21 - 2014-05-08 13:21 - 00305520 _____ () D:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2014-08-20 10:47 - 2014-08-20 10:47 - 00014336 _____ () C:\Users\Hjalfnar\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Hjalfnar\Desktop\Selbstauskunft_Fam.Weiberg.jpeg:�3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Hjalfnar\Desktop\Selbstauskunft_Fam.Weiberg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "D:\Spiele\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDFPrint => D:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2014 10:07:16 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (09/14/2014 10:05:49 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (09/14/2014 10:05:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2014 10:05:49 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (09/14/2014 09:35:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2014 09:35:55 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (09/14/2014 09:35:54 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (09/14/2014 08:52:46 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (09/14/2014 08:52:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2014 08:52:14 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
System errors:
=============
Error: (09/14/2014 08:52:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/14/2014 08:52:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (09/14/2014 00:59:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/14/2014 00:59:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (09/14/2014 00:59:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 14.09.2014 um 00:58:20 unerwartet heruntergefahren.
Error: (09/13/2014 11:08:03 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (09/12/2014 07:15:19 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (09/11/2014 09:59:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/11/2014 09:59:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (09/11/2014 09:59:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (09/14/2014 10:07:16 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe.Config0
Error: (09/14/2014 10:05:49 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (09/14/2014 10:05:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2014 10:05:49 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe.Config0
Error: (09/14/2014 09:35:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2014 09:35:55 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe.Config0
Error: (09/14/2014 09:35:54 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (09/14/2014 08:52:46 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (09/14/2014 08:52:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2014 08:52:14 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe.Config0
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 32%
Total physical RAM: 8130.72 MB
Available physical RAM: 5528.03 MB
Total Pagefile: 16259.62 MB
Available Pagefile: 13139.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.47 GB) (Free:67.46 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:190.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (Volume) (Fixed) (Total:279.46 GB) (Free:260.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: E253E6B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 760ACF0C)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 279.5 GB) (Disk ID: FFE99422)
Partition 1: (Not Active) - (Size=279.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-14 16:05:25
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000073 Crucial_ rev.MU03 223,57GB
Running: 30gyot8r.exe; Driver: C:\Users\Hjalfnar\AppData\Local\Temp\kxldykod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031a4000 45 bytes [00, 00, 13, 02, 49, 72, 70, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800031a402f 17 bytes [00, E0, 37, 91, 0A, 80, FA, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[1948] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000070381a22 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1948] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000070381ad0 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1948] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000070381b08 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1948] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000070381bba 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1948] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000070381bda 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrB.exe[2056] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000070381a22 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrB.exe[2056] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000070381ad0 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrB.exe[2056] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000070381b08 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrB.exe[2056] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000070381bba 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrB.exe[2056] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000070381bda 2 bytes [38, 70]
.text C:\Windows\SysWOW64\PnkBstrB.exe[2056] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text C:\Windows\SysWOW64\PnkBstrB.exe[2056] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2080] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2080] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[1576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[1576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text C:\Program Files (x86)\Steam\Steam.exe[2708] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text C:\Program Files (x86)\Steam\Steam.exe[2708] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
.text D:\Program Files (x86)\Skype\Phone\Skype.exe[2704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076c11465 2 bytes [C1, 76]
.text D:\Program Files (x86)\Skype\Phone\Skype.exe[2704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076c114bb 2 bytes [C1, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\SysWOW64\ntdll.dll [1800:1804] 0000000000fdc18f
Thread C:\Windows\SysWOW64\ntdll.dll [1800:3112] 000000006fa45880
Thread C:\Windows\SysWOW64\ntdll.dll [1800:3116] 000000006fa45880
Thread C:\Windows\SysWOW64\ntdll.dll [1800:3120] 000000006fa45880
Thread C:\Windows\SysWOW64\ntdll.dll [1800:3124] 000000006fa43520
Thread C:\Windows\SysWOW64\ntdll.dll [1800:3148] 0000000071ba34b0
Thread C:\Windows\SysWOW64\ntdll.dll [1800:5388] 000000007253e69f
Thread C:\Windows\SysWOW64\ntdll.dll [1800:3744] 00000000721a5570
Thread C:\Windows\SysWOW64\ntdll.dll [1800:2392] 00000000721a5d50
Thread C:\Windows\SysWOW64\ntdll.dll [1800:4844] 0000000071d662ee
Thread C:\Windows\SysWOW64\ntdll.dll [2032:2036] 00000000009387b2
Thread C:\Windows\SysWOW64\ntdll.dll [2032:2156] 00000000008cd800
Thread C:\Windows\SysWOW64\ntdll.dll [2032:2164] 00000000008d2560
---- EOF - GMER 2.1 ----
|
Lesestoff:
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
