| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.09.2013, 09:23
| #16 |
 |  Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Hatte Chrome mal ne Zeitlang offen da kam nix allerdings in der Zeit bei Firefox auch nicht. |
|
05.09.2013, 10:50
| #17 |
| /// the machine /// TB-Ausbilder    | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Also aktuell keine Probleme mehr?
__________________
__________________ |
|
05.09.2013, 20:27
| #18 |
| | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Ja zur Zeit nix mehr.
__________________Hallo es ist jetzt einmal wieder aufgetreten mit ner anderen Seite aber nen Muster lässt sich nicht erkennen war aber wieder Firefox. Chrome nutze ich auch so gut wie garnicht. |
|
06.09.2013, 08:30
| #19 |
| /// the machine /// TB-Ausbilder | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Deinstallier beide Browser mal, behalte keine Datein, und installier beide frisch.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.09.2013, 19:18
| #20 |
| | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! hxxp://www.sehiba.com/LA/LP/WarningW3?w=a20526b&engsec=15 Firefox komplett neuinstalliert fehler immer noch da! |
|
10.09.2013, 07:23
| #21 |
| /// the machine /// TB-Ausbilder | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! frisches FRST Log bitte.
__________________ --> Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! |
|
10.09.2013, 19:17
| #22 |
| | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch!Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.09.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 SiRo-CoOl :: SION [Administrator] 09.09.2013 20:50:07 mbam-log-2013-09-09 (20-50-07).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: Speicher | P2P Durchsuchte Objekte: 267364 Laufzeit: 1 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 c:\users\updatususer\appdata\roaming\microsoft\credentials\firstrun.png (Stolen.Data) -> Löschen bei Neustart. c:\users\updatususer\appdata\roaming\microsoft\credentials\credentials.exe (Trojan.Agent) -> Löschen bei Neustart. (Ende) |
|
11.09.2013, 07:22
| #23 |
| /// the machine /// TB-Ausbilder | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Hi, die Logs bitte in den Thread posten, zur Not in Stücke teilen. Ich kann auf Arbeit keine Anhänge laden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.09.2013, 12:06
| #24 |
| | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch!Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 01 Ran by SiRo-CoOl at 2013-09-10 20:13:45 Running from C:\Users\SiRo-CoOl\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5) Adobe Acrobat 9.5.5 - CPSID_83708 (x32) Adobe After Effects CS4 (x32 Version: 9) Adobe After Effects CS4 Presets (x32 Version: 9) Adobe After Effects CS4 Third Party Content (x32 Version: 9) Adobe AIR (x32 Version: 3.5.0.1060) Adobe Anchor Service CS4 (x32 Version: 2.0) Adobe Anchor Service x64 CS4 (Version: 2.0) Adobe Asset Services CS4 (x32 Version: 4) Adobe Bridge CS4 (x32 Version: 3) Adobe CMaps CS4 (x32 Version: 2.0) Adobe CMaps x64 CS4 (Version: 2.0) Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0) Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0) Adobe Color JA Extra Settings CS4 (x32 Version: 2.0) Adobe Color NA Extra Settings CS4 (x32 Version: 2.0) Adobe Color Video Profiles AE CS4 (x32 Version: 2.0) Adobe Color Video Profiles CS CS4 (x32 Version: 2.0) Adobe Contribute CS4 (x32 Version: 5.0) Adobe Creative Suite 4 Master Collection (x32 Version: 4.0) Adobe CSI CS4 (x32 Version: 1) Adobe CSI CS4 x64 (Version: 1) Adobe Default Language CS4 (x32 Version: 2.0) Adobe Dreamweaver CS4 (x32 Version: 10.0) Adobe Drive CS4 x64 (Version: 1) Adobe Dynamiclink Support (x32 Version: 1) Adobe Encore CS4 Codecs (x32 Version: 4) Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0) Adobe Extension Manager CS4 (x32 Version: 2.0) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Fonts All (x32 Version: 2.0) Adobe Fonts All x64 (Version: 2.0) Adobe Illustrator CS4 (x32 Version: 14.0) Adobe InDesign CS4 (x32 Version: 6.0) Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0) Adobe InDesign CS4 Common Base Files (x32 Version: 6.0) Adobe InDesign CS4 Icon Handler (x32 Version: 6.0) Adobe InDesign CS4 Icon Handler x64 (Version: 6.0) Adobe Linguistics CS4 (x32 Version: 4.0.0) Adobe Linguistics CS4 x64 (Version: 4.0.0) Adobe Media Encoder CS4 (x32 Version: 1.0) Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0) Adobe Media Encoder CS4 Exporter (x32 Version: 1.0) Adobe Media Encoder CS4 Importer (x32 Version: 1.0) Adobe Media Player (x32 Version: 0.0.0) Adobe Media Player (x32 Version: 1.1) Adobe MotionPicture Color Files CS4 (x32 Version: 2.0) Adobe Output Module (x32 Version: 2.0) Adobe PDF Library Files CS4 (x32 Version: 9.0) Adobe PDF Library Files x64 CS4 (Version: 9.0) Adobe Photoshop CS4 (64 Bit) (Version: 11.0) Adobe Photoshop CS4 (x32 Version: 11.0) Adobe Photoshop CS4 Support (x32 Version: 11.0) Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Adobe Search for Help (x32 Version: 1.0) Adobe Service Manager Extension (x32 Version: 1.0) Adobe Setup (x32 Version: 2.0) Adobe SGM CS4 (x32 Version: 3.0) Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112) Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133) Adobe SING CS4 (x32 Version: 2.0) Adobe Soundbooth CS4 Codecs (x32 Version: 2) Adobe Type Support CS4 (x32 Version: 9.0) Adobe Type Support x64 CS4 (Version: 9.0) Adobe Update Manager CS4 (x32 Version: 6.0.0) Adobe Version Cue CS4 Server (x32 Version: 4.0) Adobe WinSoft Linguistics Plugin (x32 Version: 1.1) Adobe WinSoft Linguistics Plugin x64 (Version: 1.1) Adobe XMP Panels CS4 (x32 Version: 2.0) AdobeColorCommonSetCMYK (x32 Version: 2.0) AdobeColorCommonSetRGB (x32 Version: 2.0) AI Suite II (x32 Version: 1.01.14) Aimersoft Blu-ray Ripper(Build 3.0.1.2) (x32) Allgemeine Runtime Files (x86) (Version: 1.0.3.5) AnyDVD (x32 Version: 7.0.5.0) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Assassin's Creed(R) III v1.04 (x32 Version: 1.04) ASUS Ai Charger (x32 Version: 1.00.09) ASUS Phoebus Audio Sound Card (x32 Version: ) Audacity 2.0.3 (x32 Version: 2.0.3) Audiograbber 1.83 SE (x32 Version: 1.83 SE ) Audiograbber MP3-Plugin (64 bit) (x32 Version: 1.0) Battlefield 1942™ (x32 Version: 1.6.20.0) Battlelog Web Plugins (x32 Version: 2.1.7) BF3 Settings Editor (Version: 2.3) Bluetooth Win7 Suite (64) (Version: 7.2.0.40) Bonjour (Version: 3.0.0.10) Borderlands 2 (x32) CCleaner (Version: 4.05) CDBurnerXP (x32 Version: 4.4.2.3442) Connect (x32 Version: 1.0.0.1) Corsair K95 Tastaturtreiber V1.0 (x32 Version: 1.00.00.04) Counter-Strike: Source (x32) CPUID CPU-Z 1.64.0 Crysis® 2 (x32 Version: 1.0.0.0) CrystalDiskInfo 5.0.4 (x32 Version: 5.0.4) Curse Client (HKCU Version: 5.1.1.792) D3DX10 (x32 Version: 15.4.2368.0902) DAEMON Tools Lite (x32 Version: 4.40.2.0131) Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Diablo III (x32 Version: 1.0.8.16603) Dolby Home Theater v4 (x32 Version: 7.2.8000.17) dows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) (Version: 01/19/2011 1.0.0009.0) Duke Nukem 3D (x32 Version: 2.0.0.84) EasyBoost (x32 Version: 1.0.0.1) eReg (x32 Version: 1.20.138.34) ESN Sonar (x32 Version: 0.70.4) Evernote v. 4.6.4 (x32 Version: 4.6.4.8136) Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3) FFmpeg v0.6.2 for Audacity (x32) FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2) FormatFactory 3.0.1 (x32 Version: 3.0.1) Fotogalerie (x32 Version: 16.4.3505.0912) GIGABYTE OC_GURU II (x32 Version: 1.44.0000) GIGABYTE VGA @BIOS (x32 Version: 1.1) Google Chrome (HKCU Version: 29.0.1547.66) Google Earth (x32 Version: 7.1.1.1888) Google Talk Plugin (x32 Version: 4.5.3.14917) Google Update Helper (x32 Version: 1.3.21.153) iCloud (Version: 2.1.2.8) ICQ 8.0 (build 5989, für aktuellen Benutzer) (HKCU Version: 8.0.5989.0) ICQ 8.0 Banner Remover 1.0 (x32) iDevice Manager (x32 Version: 1.9.0.1) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 8.0.2.1410) Intel(R) Network Connections 17.4.95.0 (Version: 17.4.95.0) Intel(R) Rapid Storage Technology (x32 Version: 10.8.0.1003) Intel® Watchdog Timer Driver (Intel® WDT) (x32) iTunes (Version: 11.0.5.5) Java 7 Update 17 (64-bit) (Version: 7.0.170) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) JMicron JMB36X Driver (x32 Version: 1.17.58.2) Junk Mail filter update (x32 Version: 16.4.3505.0912) kuler (x32 Version: 2.0) LAME v3.99.3 (for Windows) (x32) LameXP (x32) Lexware buchhalter 2013 (x32 Version: 18.02.00.0037) Lexware Datenbank plus 2012 (x32 Version: 12.00.00.0116) Lexware Elster (x32 Version: 13.00.00.0027) Lexware Info Service (x32 Version: 2.90.00.0009) Lexware online banking (x32 Version: 14.00.00.0076) Lexware reisekosten plus 2012 (x32 Version: 12.01.00.0137) LightScribe System Software (x32 Version: 1.18.26.7) LightScribe Template Labeler (x32 Version: 1.18.26.7) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) marvell 91xx driver (x32 Version: 1.2.0.1010) Mass Effect™ 3 Demo (x32 Version: 1.0.0.0) Max Payne 3 (x32 Version: 1.0.0.0) Max Payne 3 DLC (x32 Version: 1.0.0.0) Messenger Plus! (x32 Version: 6.00.0.773) Messenger Plus! for Skype (x32 Version: 1.8.0.125) Metro 2033 (x32) Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322) Microsoft .NET Framework 1.1 (x32) Microsoft .NET Framework 1.1 Security Update (KB2698023) (x32) Microsoft .NET Framework 1.1 Security Update (KB2742597) (x32) Microsoft .NET Framework 1.1 Security Update (KB979906) (x32) Microsoft .NET Framework 1.1 SP1 Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Expression Web 4 (x32 Version: 4.0.1460.0) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000) Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Single Image 2010 (Version: 14.0.6029.1000) Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SkyDrive (HKCU Version: 17.0.2003.1112) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) Mp3tag v2.55a (x32 Version: v2.55a) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Netzmanager (Version: 1.071) Netzmanager (x32 Version: 1.071) Norton 360 (x32 Version: 20.4.0.40) Notepad++ (x32 Version: 6.4.5) NVIDIA GeForce Experience 1.5 (Version: 1.5) NVIDIA Grafiktreiber 320.49 (Version: 320.49) NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2) NVIDIA Install Application (Version: 2.1002.131.854) NVIDIA PhysX (x32 Version: 9.13.0604) NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604) NVIDIA Systemsteuerung 320.49 (Version: 320.49) NVIDIA Update 4.11.9 (Version: 4.11.9) NVIDIA Update Components (Version: 4.11.9) OpenAL (x32) Origin (x32 Version: 9.2.1.4399) Paragon Backup & Recovery™ 2012 Free (x32 Version: 90.00.0003) PDF Settings CS4 (x32 Version: 9.0) Photo Gallery (x32 Version: 16.4.3505.0912) Photoshop Camera Raw (x32 Version: 5.0) Photoshop Camera Raw_x64 (Version: 5.0) Pixel Bender Toolkit (x32 Version: 1.0) PS3 Media Server (x32 Version: 1.72.0) QuickTime (x32 Version: 7.74.80.86) RAGE (x32) Realtek Ethernet Controller Driver (x32 Version: 7.31.1025.2010) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0) RocketDock 1.3.5 (x32) Rockstar Games Social Club (x32 Version: 1.1.0.1) SES Driver (Version: 1.0.0) Skype™ 6.3 (x32 Version: 6.3.105) Spotify (HKCU Version: 0.9.1.57.ge7405149) StarCraft II (x32 Version: 2.0.11.26825) Steam (x32 Version: 1.0.0.0) SteelSeries Engine (Version: 2.8.59.30483) Suite Shared Configuration CS4 (x32 Version: 1.0) swMSM (x32 Version: 12.0.0.1) System Requirements Lab for Intel (x32 Version: 4.5.13.0) TAXMAN 2013 (x32 Version: 19.03.00.0001) TeamSpeak 3 Client TeamViewer 7 (x32 Version: 7.0.14563) TechPowerUp GPU-Z (x32) Tukui Update Utility (x32 Version: 1.0.0) Unlocker 1.9.2 (Version: 1.9.2) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Uplay (x32 Version: 2.0) VLC media player 2.0.7 (Version: 2.0.7) Winamp (x32 Version: 5.63 ) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912) World of Warcraft (x32 Version: 5.3.0.17128) XnView 2.00 (x32 Version: 2.00) XnView Shell Extension 3.4.0 (64bits) (x32 Version: 3.4.0) xp-AntiSpy 3.98-2 (x32) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2013-09-06 11:07 - 2013-09-06 11:07 - 00000593 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {1E7CCA58-D03D-4801-9A0E-FCC1C47109D8} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.) Task: {20DE2B8C-E2AF-46CA-9F9C-19F37989AB1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {26E4B18C-8DE7-45BC-8D5E-9D9BD97EF26D} - System32\Tasks\{B7EE85EA-BCA4-4373-B695-3279900C48BD} => C:\Users\SiRo-CoOl\Desktop\aswmbr.exe Task: {28B0C532-14DB-4B17-BE2F-9F25C3655B33} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2267972725-1089021970-2960566764-1000Core => C:\Users\SiRo-CoOl\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-06] (Google Inc.) Task: {2B756CEC-63CD-4211-BD8B-0C119DB88A1B} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {309CDFA6-8533-4A01-A28C-CAB5E9F395C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2267972725-1089021970-2960566764-1000UA => C:\Users\SiRo-CoOl\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-06] (Google Inc.) Task: {3D5E8807-ADEF-4C94-9617-893EAEDA7291} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-06] (Google Inc.) Task: {444376C4-FE43-4AFA-A52D-CF16B6ACBF1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-06] (Google Inc.) Task: {4A096EAC-162D-4801-9CA4-CDEFD9AC6C4D} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-10-13] (ASUSTeK Computer Inc.) Task: {75EB138D-AA2E-456C-B118-1918E0DC6CDC} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2010-10-12] (ASUSTeK Computer Inc.) Task: {ACD89833-1886-46B5-AB25-ADB01A7B7432} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {AFD5FACE-2649-4537-8FD3-E2EA7FA5102F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation) Task: {BDDEAC5F-9D50-4152-90E9-114A9AAB1AE1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {C5151F85-0B37-4F32-B613-1B8BA1803F73} - System32\Tasks\PCMeter\Startup => D:\Users\SiRo-CoOl\Downloads\Programme\Tool Disc\Windows\DesktopBar\PCMeter\PCMeterV0.3.exe [2012-08-25] (AddGadgets) Task: {CC79795F-70B7-4A03-AC24-7B806CD87CB6} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {D4EC44A0-3096-4CBB-B45A-B5B8CC2495CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {F78D17F8-304F-43D6-972B-E8288056F46D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2267972725-1089021970-2960566764-1000Core.job => C:\Users\SiRo-CoOl\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2267972725-1089021970-2960566764-1000UA.job => C:\Users\SiRo-CoOl\AppData\Local\Google\Update\GoogleUpdate.exe Code:
ATTFilter ==================== Loaded Modules (whitelisted) =============
2012-10-14 11:58 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00261624 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00661448 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\MSVCP110.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00828872 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\MSVCR110.dll
2013-06-15 21:25 - 2013-05-29 04:41 - 02656592 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\buShell.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 01060232 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccL120U.dll
2013-06-15 21:25 - 2013-05-23 07:25 - 00114056 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\EFACli64.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00119176 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccVrTrst.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00475528 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccSet.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () F:\FileZilla\fzshellext_64.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00231304 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccIPC.dll
2013-06-15 21:25 - 2013-05-29 04:41 - 00663888 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\buComm.dll
2013-06-15 21:25 - 2013-05-28 19:52 - 01728336 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\BuEng.dll
2012-09-07 12:02 - 2012-08-25 11:40 - 00114688 ____N (AddGadgets) D:\Users\SiRo-CoOl\Downloads\Programme\Tool Disc\Windows\DesktopBar\PCMeter\AddGadgetsLibrary.dll
2012-10-14 11:58 - 2013-06-21 14:06 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-05-23 13:53 - 2013-01-22 16:39 - 00226816 ____N (C-MEDIA Electronics INC.) C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Driver\x64\vista\osConfLib.dll
2013-03-28 22:32 - 2012-08-31 20:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2013-01-20 09:16 - 2013-01-20 09:16 - 00039424 _____ (Orbmu2k) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V2.3.gadget\GPUStatusReader.dll
2013-01-20 09:16 - 2013-01-20 09:16 - 00020480 _____ (Jonathan Abbott) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Network_Meter_V9.1.gadget\netlib.dll
2013-01-20 09:16 - 2013-01-20 09:16 - 00571392 _____ (NVIDIA) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V2.3.gadget\nvsulib64.dll
2013-05-25 12:47 - 2013-05-25 12:47 - 00012520 _____ () C:\Users\SiRo-CoOl\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\CoreTempReader.dll
2013-05-25 12:47 - 2013-05-25 12:47 - 00015080 _____ () C:\Users\SiRo-CoOl\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\GetCoreTempInfoNET.dll
2013-05-25 12:47 - 2013-05-25 12:47 - 00014056 _____ () C:\Users\SiRo-CoOl\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\SystemInfo.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00665088 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2013-09-03 00:49 - 2013-09-03 00:49 - 00089915 ____N () C:\Users\SiRo-CoOl\AppData\Local\Temp\70aeaca4-098f-4bcc-b0fa-e2544fb40678\CliSecureRT64.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00278528 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-07-12 16:55 - 2013-07-12 16:55 - 00053248 _____ ( ) C:\Program Files\SteelSeries\SteelSeries Engine\Interop.BSteelLinkLib.dll
2013-06-25 16:33 - 2013-06-25 16:33 - 00659456 _____ (TODO: <Company name>) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\BSteelLink.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2011-03-28 11:29 - 2011-03-28 11:29 - 00200704 _____ (ICSharpCode.net) C:\Program Files\SteelSeries\SteelSeries Engine\ICSharpCode.SharpZipLib.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 00135168 _____ (Simon Mourier) C:\Program Files\SteelSeries\SteelSeries Engine\HtmlAgilityPack.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 09519104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2012-10-14 11:58 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00164352 _____ (Protolog Systems Ltd.) C:\Program Files\SteelSeries\SteelSeries Engine\PluginAbstract.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00302592 _____ (Protolog Systems Ltd.) C:\Program Files\SteelSeries\SteelSeries Engine\VoicePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00164864 _____ (Protolog Systems Ltd.) C:\Program Files\SteelSeries\SteelSeries Engine\D3HeadsetPlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00173568 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-07-12 16:57 - 2013-07-12 16:57 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2012-08-31 19:22 - 2012-08-31 19:22 - 01080560 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4c.dll
2012-08-31 19:22 - 2012-08-31 19:22 - 00040688 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\Dolby.Interop.dll
2012-08-31 19:21 - 2012-08-31 19:21 - 00020208 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\de\pcee4c.resources.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00705928 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccL120U.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00089480 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccVrTrst.dll
2013-06-15 21:25 - 2013-05-23 07:25 - 00086408 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\EFACli.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00157576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvc.dll
2013-06-15 21:25 - 2013-05-21 06:40 - 00410576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\srtsp32.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00159624 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccIPC.dll
2013-06-15 21:25 - 2013-06-04 06:42 - 00548688 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\NPCTRAY.DLL
2013-06-15 21:25 - 2013-05-21 06:44 - 00345480 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSet.dll
2013-06-15 21:25 - 2013-06-04 06:43 - 00962384 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\uiMain.dll
2013-06-15 21:25 - 2013-05-28 09:42 - 02430800 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SYMHTMDX.DLL
2013-06-15 21:25 - 2013-05-30 03:22 - 00320816 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diStRptr.dll
2013-06-15 21:25 - 2013-05-30 04:13 - 01337136 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\MClnTask.dll
2013-07-10 12:05 - 2013-06-28 07:17 - 01849168 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\isDataPr.dll
2013-06-15 21:25 - 2013-06-04 06:42 - 00548176 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\ASHELPER.DLL
2013-06-15 21:25 - 2013-05-21 00:50 - 00932176 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\cltPE.dll
2013-07-10 05:38 - 2013-07-03 23:42 - 00821552 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\naHelper.dll
2013-06-15 21:25 - 2013-06-04 06:42 - 00579408 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\ASOEHOOK.DLL
2013-06-15 21:25 - 2013-06-04 06:42 - 00537424 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\AVPAPP32.DLL
2013-06-15 21:25 - 2013-05-29 04:41 - 00263504 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\BUUIPLG.DLL
2013-06-15 21:25 - 2013-05-21 00:50 - 01035088 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\cltLMS.dll
2013-06-15 21:25 - 2013-05-24 04:09 - 00502664 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\AVIfc.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00401288 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccJobMgr.dll
2013-06-15 21:25 - 2013-05-31 03:46 - 00999760 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coDataPr.dll
2013-06-15 21:25 - 2013-05-31 03:48 - 00551760 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coShdObj.dll
2013-06-15 21:25 - 2013-05-21 06:44 - 00289160 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccGEvt.dll
2013-06-15 21:25 - 2013-06-04 06:42 - 00145744 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\isPwd.dll
2013-06-15 21:25 - 2013-05-21 00:50 - 02651472 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\CLTALDIS.DLL
2013-06-15 21:25 - 2013-06-04 06:42 - 00528208 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\FWSESAL.DLL
2013-06-19 02:00 - 2013-06-10 19:10 - 00629072 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\MUI\20.4.0.40\07\01\cltRes.loc
2013-06-15 21:25 - 2013-05-31 03:48 - 01397584 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\COACTMGR.DLL
2013-06-15 21:25 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll
2013-06-15 21:25 - 2013-06-04 06:42 - 00502608 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\NUEX.DLL
2013-06-15 21:25 - 2013-05-30 04:13 - 01078576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\DataStor.dll
2013-06-15 21:25 - 2013-05-30 04:13 - 00965936 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Comm.dll
2013-06-15 21:25 - 2013-06-04 06:43 - 00243024 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\QSPLUGIN.DLL
2013-06-15 21:25 - 2012-05-15 03:27 - 00588216 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\SDKCMN.DLL
2013-06-15 21:25 - 2013-06-04 06:43 - 00916304 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\UIALERT.DLL
2013-06-15 21:25 - 2013-05-30 04:13 - 00028464 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\USERCTXT.DLL
2013-06-15 21:25 - 2013-05-29 04:41 - 00272208 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\buDataCl.dll
2013-06-15 21:25 - 2013-05-29 04:41 - 00442192 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\buComm.dll
2013-06-15 21:25 - 2013-05-28 19:52 - 01439056 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\BuEng.dll
2013-06-15 21:25 - 2013-04-23 11:02 - 00115536 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\tuDataPr.dll
2013-06-15 21:25 - 2013-06-04 06:42 - 00408400 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\AvScnTsk.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSPOOL.DRV
2013-03-01 15:59 - 2012-04-27 18:29 - 00086016 ____N () C:\Windows\SysWOW64\ExSrv.dll
2012-09-06 00:12 - 2007-09-02 13:57 - 00069632 _____ () F:\RocketDock\RocketDock.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-05 20:18 - 2012-09-05 20:18 - 00096904 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2012-07-06 07:43 - 2012-07-06 07:43 - 00284160 _____ (Evernote Corporation) F:\Programme\Evernote\Evernote\encrashrep.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () F:\Programme\Evernote\Evernote\libxml2.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00258048 _____ (Evernote Corporation, 333 West Evelyn Avenue, Mountain View, CA 94041) F:\Programme\Evernote\Evernote\LibPCRE.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () F:\Programme\Evernote\Evernote\libtidy.dll
2013-03-19 15:47 - 2013-03-19 15:47 - 00435200 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programme\Evernote\Evernote\Intl\EvernoteClipper.de-DE.dll
2013-08-14 17:03 - 2013-08-14 17:03 - 00491520 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\914b102327a5f48542af50a6e5c1f8ab\IAStorUtil.ni.dll
2013-07-10 21:53 - 2013-07-10 21:53 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9806320368a8f23f1f6c5de66ebb29d0\IAStorCommon.ni.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2013-09-02 17:15 - 2012-05-14 12:39 - 00043008 _____ () C:\Program Files (x86)\Corsair\K95 Keyboard\hidGetKey.dll
2012-09-07 05:22 - 2010-11-16 10:37 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2012-09-07 05:22 - 2010-10-07 16:45 - 00204800 _____ (TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\MPKey.dll
2012-09-07 05:22 - 2010-07-30 11:28 - 00670208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll
2012-09-07 05:22 - 2010-07-15 20:04 - 00661504 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2012-09-07 05:22 - 2010-07-15 20:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2012-09-07 05:22 - 2010-07-15 20:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2012-09-07 05:22 - 2007-10-31 11:51 - 00061440 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2012-09-07 05:23 - 2010-02-24 10:56 - 00661504 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2012-09-07 05:22 - 2010-11-11 03:09 - 00703488 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2012-09-07 05:22 - 2010-06-23 05:54 - 00114688 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2012-09-07 05:23 - 2010-10-07 10:45 - 00204800 ____R (TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\MPKey.dll
2012-09-07 05:22 - 2010-09-15 03:03 - 00200704 ____R (TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\KeyboardFun.dll
2009-07-14 02:09 - 2009-07-14 03:38 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\irprops.cpl
2012-09-07 05:24 - 2009-05-21 04:14 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2012-09-07 05:24 - 2009-05-21 10:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2012-09-05 20:30 - 2012-09-05 20:29 - 00662016 ____N () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMLib.dll
2012-09-07 05:22 - 2010-12-02 17:28 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-09-07 05:22 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-09-07 05:22 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-09-07 05:23 - 2010-10-15 17:40 - 01031680 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2012-09-07 05:22 - 2010-11-19 10:53 - 00963584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-09-07 05:23 - 2010-12-30 22:15 - 01656320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2012-09-07 05:23 - 2010-12-01 12:33 - 01244672 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-09-07 05:23 - 2010-12-03 16:12 - 01027072 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-09-07 05:22 - 2010-09-27 20:51 - 00881664 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-09-07 05:22 - 2010-09-27 20:51 - 01607168 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-09-07 05:22 - 2010-11-19 10:55 - 01246208 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-09-07 05:22 - 2010-08-06 18:11 - 00850944 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-09-07 05:22 - 2010-08-06 18:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-09-07 05:22 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2013-09-06 21:33 - 2013-08-14 19:55 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00222712 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00534480 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\MSVCP110.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00862664 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\MSVCR110.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00542712 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\Telemetry.dll
2012-11-16 15:53 - 2012-11-16 15:53 - 00039432 _____ (Microsoft Corporation) C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\logging.dll
2013-07-10 05:40 - 2013-07-10 05:40 - 16166280 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/10/2013 08:09:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/10/2013 08:09:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Name des fehlerhaften Moduls: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013d40
ID des fehlerhaften Prozesses: 0x14b0
Startzeit der fehlerhaften Anwendung: 0xMonitorService.exe0
Pfad der fehlerhaften Anwendung: MonitorService.exe1
Pfad des fehlerhaften Moduls: MonitorService.exe2
Berichtskennung: MonitorService.exe3
Error: (09/10/2013 08:05:52 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (09/10/2013 00:36:24 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Name des fehlerhaften Moduls: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013d40
ID des fehlerhaften Prozesses: 0x1578
Startzeit der fehlerhaften Anwendung: 0xMonitorService.exe0
Pfad der fehlerhaften Anwendung: MonitorService.exe1
Pfad des fehlerhaften Moduls: MonitorService.exe2
Berichtskennung: MonitorService.exe3
Error: (09/10/2013 00:31:37 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (09/10/2013 06:22:14 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Name des fehlerhaften Moduls: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013d40
ID des fehlerhaften Prozesses: 0x1314
Startzeit der fehlerhaften Anwendung: 0xMonitorService.exe0
Pfad der fehlerhaften Anwendung: MonitorService.exe1
Pfad des fehlerhaften Moduls: MonitorService.exe2
Berichtskennung: MonitorService.exe3
Error: (09/10/2013 06:22:14 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (09/09/2013 08:54:06 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (09/09/2013 08:54:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Name des fehlerhaften Moduls: MonitorService.exe, Version: 1.0.12.108, Zeitstempel: 0x50ecc918
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013d40
ID des fehlerhaften Prozesses: 0x14f8
Startzeit der fehlerhaften Anwendung: 0xMonitorService.exe0
Pfad der fehlerhaften Anwendung: MonitorService.exe1
Pfad des fehlerhaften Moduls: MonitorService.exe2
Berichtskennung: MonitorService.exe3
Error: (09/09/2013 08:48:57 PM) (Source: Microsoft-Windows-User Profiles Service) (User: SION)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\UpdatusUser. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
System errors:
=============
Error: (09/10/2013 08:09:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 08:09:21 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ATLMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/10/2013 08:04:04 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Uim_VIM
Error: (09/10/2013 08:03:56 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (09/10/2013 00:36:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 00:36:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ATLMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/10/2013 00:29:50 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Uim_VIM
Error: (09/10/2013 00:29:41 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (09/10/2013 06:22:20 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 06:22:15 AM) (Source: Service Control Manager) (User: )
Description: Dienst "ATLMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (09/10/2013 08:09:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\SiRo-CoOl\Downloads\Programme\Tool Disc\Antiviren Toolkits\esetsmartinstaller_enu.exe
Error: (09/10/2013 08:09:21 PM) (Source: Application Error)(User: )
Description: MonitorService.exe1.0.12.10850ecc918MonitorService.exe1.0.12.10850ecc918c000000500013d4014b001ceae50df981ca7C:\Windows\system\MonitorService.exeC:\Windows\system\MonitorService.exe1d5a2397-1a44-11e3-8663-f46d04966880
Error: (09/10/2013 08:05:52 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/10/2013 00:36:24 PM) (Source: Application Error)(User: )
Description: MonitorService.exe1.0.12.10850ecc918MonitorService.exe1.0.12.10850ecc918c000000500013d40157801ceae1198a4acd7C:\Windows\system\MonitorService.exeC:\Windows\system\MonitorService.exed6667549-1a04-11e3-878b-f46d04966880
Error: (09/10/2013 00:31:37 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/10/2013 06:22:14 AM) (Source: Application Error)(User: )
Description: MonitorService.exe1.0.12.10850ecc918MonitorService.exe1.0.12.10850ecc918c000000500013d40131401ceaddd53daa352C:\Windows\system\MonitorService.exeC:\Windows\system\MonitorService.exe919bfe62-19d0-11e3-bc34-f46d04966880
Error: (09/10/2013 06:22:14 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/09/2013 08:54:06 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/09/2013 08:54:06 PM) (Source: Application Error)(User: )
Description: MonitorService.exe1.0.12.10850ecc918MonitorService.exe1.0.12.10850ecc918c000000500013d4014f801cead8df5ca4aa5C:\Windows\system\MonitorService.exeC:\Windows\system\MonitorService.exe338a07a7-1981-11e3-8c98-00268313f3f8
Error: (09/09/2013 08:48:57 PM) (Source: Microsoft-Windows-User Profiles Service)(User: SION)
Description: C:\Users\UpdatusUserDas Verzeichnis ist nicht leer.
CodeIntegrity Errors:
===================================
Date: 2013-09-03 12:29:08.209
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-03 12:29:08.192
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-03 12:29:08.174
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-03 12:29:08.156
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-02 17:36:59.870
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-02 17:36:59.850
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-23 13:53:45.239
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\CMEffectLFX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-23 13:53:45.223
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\CMEffectGFX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-23 13:53:14.576
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\CMEffectLFX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-23 13:53:14.560
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\CMEffectGFX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 17%
Total physical RAM: 16351.14 MB
Available physical RAM: 13489.31 MB
Total Pagefile: 16349.32 MB
Available Pagefile: 13187.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:111.79 GB) (Free:64.85 GB) NTFS
Drive d: (Eigene Dateien) (Fixed) (Total:931.51 GB) (Free:336.69 GB) NTFS
Drive e: (Spiele) (Fixed) (Total:310.41 GB) (Free:65.54 GB) NTFS
Drive f: (Programme) (Fixed) (Total:310.5 GB) (Free:308.36 GB) NTFS
Drive g: (Backup) (Fixed) (Total:310.5 GB) (Free:310.37 GB) NTFS
Drive i: (My Book) (Fixed) (Total:954.14 GB) (Free:278.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 34F36929)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 05945792)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=310 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=311 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=311 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 059457F7)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00064002)
Partition 1: (Active) - (Size=954 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=909 GB) - (Type=BC)
==================== End Of Log ===================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by SiRo-CoOl (administrator) on SION on 10-09-2013 20:13:26
Running from C:\Users\SiRo-CoOl\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Deutsche Telekom AG) F:\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(AddGadgets) D:\Users\SiRo-CoOl\Downloads\Programme\Tool Disc\Windows\DesktopBar\PCMeter\PCMeterV0.3.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Windows\SysWOW64\ExMgr.exe
() C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() F:\RocketDock\RocketDock.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programme\Evernote\Evernote\EvernoteClipper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\K95 Keyboard\K95Hid.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\K95 Keyboard\CorsTra.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Cmedia Electronics Inc.) C:\Windows\system\ATLOISAService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [PheobusEX] - C:\Windows\syswow64\ExMgr.exe [204800 2011-02-25] ()
HKLM\...\Run: [GamecomSound] - C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe [2364928 2013-01-25] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [RocketDock] - F:\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [xp-AntiSpy Profile Check] - F:\xp-AntiSpy\xp-AntiSpy.exe [434176 2012-01-29] (Tiger-IT.de)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKCU\...\Run: [SteelSeries Engine] - C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-07-12] (SteelSeries ApS)
HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKCU\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2012-09-05] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ASUS Ai Charger] - C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2010-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-10-17] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [LexwareInfoService] - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [Corsair K95] - C:\Program Files (x86)\Corsair\K95 Keyboard\K95Hid.exe [1780736 2013-05-24] (Corsair Components Inc)
HKU\Administrator\...\Run: [RocketDock] - F:\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\Administrator\...\Run: [Google Update] - C:\Users\SiRo-CoOl\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-09-06] (Google Inc.)
HKU\Administrator\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKU\Administrator\...\Run: [xp-AntiSpy Profile Check] - F:\xp-AntiSpy\xp-AntiSpy.exe [434176 2012-01-29] (Tiger-IT.de)
HKU\Administrator\...\Run: [icq] - C:\Users\Administrator\AppData\Roaming\ICQM\icq.exe -CU
HKU\Administrator\...\Run: [ewfwfw] - C:\ProgramData\weegfw.exe
HKU\Administrator\...\RunOnce: [Uninstall C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKU\Administrator\...\RunOnce: [Uninstall C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SiRo-CoOl\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TaskManager.lnk
ShortcutTarget: TaskManager.lnk -> C:\Windows\System32\taskmgr.exe (Microsoft Corporation)
Startup: C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> F:\Programme\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - F:\Programme\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - F:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - f:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - f:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - f:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\SiRo-CoOl\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\SiRo-CoOl\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - E:\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GFACE Experience Plugin - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\ich@maltegoetz.de
FF Extension: Flagfox - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: FT DeepDark - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
FF Extension: guiconfig - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\guiconfig@slosd.net.xpi
FF Extension: No Name - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\Firefox\Profiles\xjqn8g4h.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\SiRo-CoOl\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\SiRo-CoOl\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\SiRo-CoOl\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Norton Identity Safe) - C:\Users\SiRo-CoOl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.1.36_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - F:\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Extension: (Angry Birds) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe\1.0.8_0
CHR Extension: (Google Maps) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (MaxDark Theme (AERO)) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapjapllioihmnbmmbflnndnmambmbpl\7.2_0
CHR Extension: (Norton Identity Protection) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0
CHR Extension: (Download) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccjoeeljedbmkidebclpoabijggpbdp\0.1.7_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Open Bookmark Manager) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalceheiomajabalbakkoeiheiokhdbd\1.3_0
CHR Extension: (Gmail) - C:\Users\SIRO-C~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx
Code:
ATTFilter ==================== Services (Whitelisted) =================
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2012-09-05] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S3 ATLMonitorService; C:\Windows\system\MonitorService.exe [650752 2013-01-09] (Cmedia Electronics Inc)
R3 ATLOISAService; C:\Windows\system\ATLOISAService.exe [489472 2012-01-03] (Cmedia Electronics Inc.)
R2 Lexware_Datenbank_Plus; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2011-06-29] (iAnywhere Solutions, Inc.)
R2 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 Netzmanager Service; F:\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-18] ()
==================== Drivers (Whitelisted) ====================
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-05-02] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-04] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-04] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R3 CmHdAudAddService; C:\Windows\System32\DRIVERS\CMHDAudioV64.sys [62464 2012-12-25] (C-Media Electronics Inc.)
R3 CORK95; C:\Windows\System32\drivers\CORK95.sys [25600 2012-10-31] ( )
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2013-06-29] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [39728 2011-11-17] (Paragon Software Group)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130907.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130907.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130909.016\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130909.016\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130909.016\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130909.016\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-06-25] (SteelSeries Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 TelekomNM6; F:\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [x]
U5 UnlockerDriver5; F:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WinRing0_1_2_0; \??\C:\Users\SiRo-CoOl\AppData\Local\Temp\tmp1592.tmp [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-10 20:12 - 2013-09-10 20:12 - 01949196 _____ (Farbar) C:\Users\SiRo-CoOl\Downloads\FRST64.exe
2013-09-10 20:09 - 2013-09-10 20:09 - 00000000 ___RD C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-09-09 20:53 - 2013-09-09 20:53 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-07 11:17 - 2013-09-10 20:04 - 00001064 _____ C:\Windows\setupact.log
2013-09-07 11:17 - 2013-09-07 11:17 - 00000000 _____ C:\Windows\setuperr.log
2013-09-07 10:57 - 2013-09-09 12:37 - 00000000 ____D C:\ProgramData\GFACE
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-04 16:26 - 2007-02-02 11:28 - 00130048 _____ (Hewlett-Packard Company) C:\Windows\system32\hpz3l4v2.dll
2013-09-04 16:18 - 2013-09-04 16:18 - 00000000 ____H C:\Users\SiRo-CoOl\Documents\Default.rdp
2013-09-04 15:51 - 2013-09-04 15:51 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-04 15:51 - 2013-09-04 15:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-04 15:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-03 13:09 - 2013-09-03 13:09 - 00000000 ___HD C:\archive_db
2013-09-03 13:02 - 2013-09-03 13:02 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-02 17:31 - 2013-09-02 17:37 - 00000000 ____D C:\Windows\erdnt
2013-09-02 17:25 - 2013-09-02 17:25 - 00033375 _____ C:\Windows\unins003.dat
2013-09-02 17:25 - 2013-09-02 17:24 - 01198055 _____ C:\Windows\unins003.exe
2013-09-02 17:19 - 2013-09-02 17:19 - 01198055 _____ C:\Windows\unins002.exe
2013-09-02 17:19 - 2013-09-02 17:19 - 00000000 _____ C:\Windows\unins002.dat
2013-09-02 17:15 - 2013-09-02 17:15 - 01198055 _____ C:\Windows\unins001.exe
2013-09-02 17:15 - 2013-09-02 17:15 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Corsair Vengeance
2013-09-02 17:15 - 2013-09-02 17:15 - 00000000 ____D C:\Program Files (x86)\Corsair
2013-09-02 17:15 - 2013-09-02 17:15 - 00000000 _____ C:\Windows\unins001.dat
2013-09-02 17:15 - 2012-10-31 16:59 - 00025600 _____ ( ) C:\Windows\system32\Drivers\CORK95.sys
2013-09-02 17:07 - 2013-09-02 17:07 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\SteelSeries
2013-09-02 17:07 - 2013-09-02 17:07 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\SteelSeries_ApS
2013-09-02 17:06 - 2013-09-02 17:06 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2013-09-02 17:06 - 2013-09-02 17:06 - 00000000 ____D C:\ProgramData\SteelSeries
2013-09-02 17:06 - 2013-09-02 17:06 - 00000000 ____D C:\Program Files\SteelSeries
2013-09-02 16:10 - 2013-09-02 16:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 09:54 - 2013-09-01 10:01 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\NPE
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\Program Files\iPod
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 14:54 - 2013-08-18 14:54 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\NVIDIA
2013-08-14 07:00 - 2013-08-14 07:01 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 06:59 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 06:59 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 06:59 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 06:59 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 06:59 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 06:59 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 06:59 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 06:59 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 06:59 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 06:59 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 06:59 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 06:59 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 06:59 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 06:59 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 06:59 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 06:59 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 06:59 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 06:59 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 06:59 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 06:59 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 06:59 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 06:59 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-14 06:59 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-14 06:59 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 06:59 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 06:59 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 06:59 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 06:59 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-14 06:59 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-14 06:59 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 06:59 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 06:59 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-14 05:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 05:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 05:15 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 05:15 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 05:15 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 05:15 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 05:15 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 05:15 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 05:15 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 05:15 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 05:15 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 05:15 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 05:15 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 05:15 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 05:15 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 05:15 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 05:15 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 05:15 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 05:15 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 05:15 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 05:15 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 05:15 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 05:15 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 05:15 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 05:15 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 05:15 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 05:15 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-10 20:12 - 2013-09-10 20:12 - 01949196 _____ (Farbar) C:\Users\SiRo-CoOl\Downloads\FRST64.exe
2013-09-10 20:11 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 20:11 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-10 20:09 - 2013-09-10 20:09 - 00000000 ___RD C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-09-10 20:09 - 2012-09-06 11:39 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-10 20:09 - 2012-09-05 20:14 - 00000035 ____H C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-09-10 20:08 - 2010-11-21 08:50 - 00710502 _____ C:\Windows\system32\perfh007.dat
2013-09-10 20:08 - 2010-11-21 08:50 - 00154832 _____ C:\Windows\system32\perfc007.dat
2013-09-10 20:08 - 2009-07-14 07:13 - 01651750 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-10 20:07 - 2012-09-05 19:50 - 01517626 _____ C:\Windows\WindowsUpdate.log
2013-09-10 20:04 - 2013-09-07 11:17 - 00001064 _____ C:\Windows\setupact.log
2013-09-10 20:04 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-10 12:47 - 2012-09-06 11:39 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-10 12:37 - 2012-09-06 10:50 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\Windows Live
2013-09-09 23:21 - 2012-09-06 08:45 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2267972725-1089021970-2960566764-1000UA.job
2013-09-09 23:21 - 2012-09-05 21:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 20:53 - 2013-09-09 20:53 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-09 19:06 - 2013-02-16 05:41 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-09 19:06 - 2012-09-06 16:33 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-09 19:06 - 2012-09-06 16:14 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-09 12:37 - 2013-09-07 10:57 - 00000000 ____D C:\ProgramData\GFACE
2013-09-08 14:23 - 2012-09-05 20:34 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\CrashDumps
2013-09-07 11:17 - 2013-09-07 11:17 - 00000000 _____ C:\Windows\setuperr.log
2013-09-07 10:06 - 2012-11-26 11:46 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Notepad++
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-06 21:33 - 2012-09-05 21:20 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Mozilla
2013-09-04 16:18 - 2013-09-04 16:18 - 00000000 ____H C:\Users\SiRo-CoOl\Documents\Default.rdp
2013-09-04 16:02 - 2012-09-07 17:12 - 00007598 _____ C:\Users\SIRO-C~1\AppData\Local\resmon.resmoncfg
2013-09-04 15:51 - 2013-09-04 15:51 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-04 15:51 - 2013-09-04 15:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-03 13:09 - 2013-09-03 13:09 - 00000000 ___HD C:\archive_db
2013-09-03 13:02 - 2013-09-03 13:02 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-03 12:45 - 2012-09-06 00:04 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Local\Apps\2.0
2013-09-03 12:32 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-03 12:29 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-03 03:21 - 2012-09-06 08:45 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2267972725-1089021970-2960566764-1000Core.job
2013-09-02 17:37 - 2013-09-02 17:31 - 00000000 ____D C:\Windows\erdnt
2013-09-02 17:25 - 2013-09-02 17:25 - 00033375 _____ C:\Windows\unins003.dat
2013-09-02 17:24 - 2013-09-02 17:25 - 01198055 _____ C:\Windows\unins003.exe
2013-09-02 17:19 - 2013-09-02 17:19 - 01198055 _____ C:\Windows\unins002.exe
2013-09-02 17:19 - 2013-09-02 17:19 - 00000000 _____ C:\Windows\unins002.dat
2013-09-02 17:15 - 2013-09-02 17:15 - 01198055 _____ C:\Windows\unins001.exe
2013-09-02 17:15 - 2013-09-02 17:15 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Corsair Vengeance
2013-09-02 17:15 - 2013-09-02 17:15 - 00000000 ____D C:\Program Files (x86)\Corsair
2013-09-02 17:15 - 2013-09-02 17:15 - 00000000 _____ C:\Windows\unins001.dat
2013-09-02 17:07 - 2013-09-02 17:07 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\SteelSeries
2013-09-02 17:07 - 2013-09-02 17:07 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\SteelSeries_ApS
2013-09-02 17:06 - 2013-09-02 17:06 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2013-09-02 17:06 - 2013-09-02 17:06 - 00000000 ____D C:\ProgramData\SteelSeries
2013-09-02 17:06 - 2013-09-02 17:06 - 00000000 ____D C:\Program Files\SteelSeries
2013-09-02 17:05 - 2013-02-05 21:02 - 00000000 ____D C:\Users\SiRo-CoOl\Documents\Bluetooth Folder
2013-09-02 16:25 - 2013-02-16 05:05 - 00000000 ____D C:\ProgramData\Logitech
2013-09-02 16:25 - 2012-09-05 20:44 - 00000000 ____D C:\ProgramData\Logishrd
2013-09-02 16:10 - 2013-09-02 16:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 10:08 - 2012-09-23 12:37 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Winamp
2013-09-01 10:07 - 2012-09-09 12:30 - 00000000 ____D C:\Program Files\CCleaner
2013-09-01 10:05 - 2012-09-30 16:37 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-01 10:01 - 2013-09-01 09:54 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\NPE
2013-09-01 09:54 - 2012-09-05 21:05 - 00000000 ____D C:\ProgramData\Norton
2013-08-29 13:17 - 2013-04-07 09:58 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\Spotify
2013-08-29 08:27 - 2013-04-07 09:58 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\Spotify
2013-08-29 03:13 - 2013-04-23 12:43 - 00000000 ____D C:\ProgramData\Netzmanager
2013-08-27 18:46 - 2012-09-09 13:31 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\TS3Client
2013-08-27 18:22 - 2012-12-28 02:36 - 00000000 ____D C:\Users\SIRO-C~1\AppData\Local\Deployment
2013-08-21 18:21 - 2012-09-05 21:28 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 18:21 - 2012-09-05 21:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 18:21 - 2012-09-05 21:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\Program Files\iPod
2013-08-19 13:46 - 2013-08-19 13:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 14:54 - 2013-08-18 14:54 - 00000000 ____D C:\Users\SiRo-CoOl\AppData\Roaming\NVIDIA
2013-08-14 18:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-14 07:01 - 2013-08-14 07:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 07:00 - 2012-09-05 21:05 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\SIRO-C~1\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\SIRO-C~1\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 05:56
==================== End Of Log ============================
|
|
11.09.2013, 16:56
| #25 |
| /// the machine /// TB-Ausbilder | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Wieviele User Accounts gibt es auf dem Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.09.2013, 20:13
| #26 |
| | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Nur einen eigentlich, Gast ist auch deaktiviert. |
|
12.09.2013, 09:42
| #27 | |
| /// the machine /// TB-Ausbilder | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch!Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.09.2013, 11:56
| #28 |
| | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Ne wenn nicht vom System angelegt was ist das dann? |
|
12.09.2013, 13:48
| #29 |
| /// the machine /// TB-Ausbilder | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! Update mal MBAM, findet der das immer noch?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.09.2013, 19:06
| #30 |
| | Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch!Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.12.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 SiRo-CoOl :: SION [Administrator] 12.09.2013 20:00:49 mbam-log-2013-09-12 (20-00-49).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: Speicher | P2P Durchsuchte Objekte: 272451 Laufzeit: 1 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
| Themen zu Windows 7 - Firefox - popcash.net öffnet sich einfach immer sporadisch! |
| adobe, bonjour, browser, computer, error, excel, firefox, flash player, google, home, homepage, mozilla, photoshop, problem, registry, scan, security, services.exe, software, svchost.exe, symantec, system, usb, vista, windows |
Linear-Darstellung
