| |
| |||||||
Log-Analyse und Auswertung: Windows 7; BKA-Virus; wie bekomme ich es los?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.10.2013, 16:17
| #1 |
| |  Windows 7; BKA-Virus; wie bekomme ich es los? Vorgestern habe ich mir das BKA- Virus eingefangen. Ich habe im abgesicherten Modus gestartet und mit CCleaner gereinigt und auch in der Regestry alle Fehler behoben. Hat aber nichts gebracht. Danach wollte ich auf einen Systemwiederherstellungspunkt setzen, aber da kam eine Fehlermeldung dass es nicht möglich sei. Tja, und nun bin ich ratlos Eben habe ich festgestellt dass sich mein Avira nicht starten lässt, vielleicht liegt das am abgesicherten Modus? Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:39 on 30/10/2013 (sprenger)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013
Ran by sprenger (administrator) on SPRENGER-NB on 30-10-2013 15:42:39
Running from C:\Users\sprenger\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) =================
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\sprenger\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Copernic Desktop Search - Home] - C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [1648600 2011-11-22] (Copernic Inc.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [E1F9ED930B5B5562177970F98D225C456F39D4D9._service_run] - C:\Users\sprenger\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-06-17] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\sprenger\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-28] (Google Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_4CFB5579FD3A9BD9B937BE47D176FD3B] - C:\Users\sprenger\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1508408 2011-12-16] (Nokia)
MountPoints2: {29c1fb60-eb7e-11e0-b885-00158307ce46} - E:\EasySuite.exe
MountPoints2: {385b6a4c-6b45-11e1-bd1c-f46d04919ee9} - E:\EasySuite.exe
MountPoints2: {778520aa-9764-11e0-8e16-806e6f6e6963} - D:\zdata\cobi.exe
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [534880 2011-08-17] (Spigot, Inc.)
HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-09-03] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [MailCheck IE Broker] - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Broker.exe [1728064 2013-10-16] (1und1 Mail und Media GmbH)
Startup: C:\Users\sprenger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwfr1j6bfr.lnk
ShortcutTarget: jwfr1j6bfr.lnk -> C:\PROGRA~3\rfb6j1rfwj.dss (Sekizenkan Company)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.gmx.net/tb/ie_startpage
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD068B3A3F72CCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {438CB363-A94D-4AE3-8F99-E93393D46036} URL = hxxp://www.bing.com/?cc=de
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {50742086-32D3-4D7F-A73C-DDB2FBE0C4B3} URL = hxxp://www.bing.com/?cc=de
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=119998&babsrc=SP_ss&mntrId=6cae971d000000000000f46d04919ee9
SearchScopes: HKCU - {1D707FA1-25EA-48B5-96D8-8C9C0B3B9FF8} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {1FF52428-C6C9-43F7-83D3-E5FD4E6C040E} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {42AA5B07-4282-4319-A63C-EF1B93C7455F} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {A29ACC83-1969-4B51-8F53-A8D0F234DE09} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {EFF6EC7D-C9DB-45E5-9792-C4E1ADD850F1} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: GMX MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: GMX MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - GMX MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - GMX MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - GMX MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
Handler-x32: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
Winsock: Catalog9 01 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 02 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 03 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 04 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 16 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380152] (GfK)
Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380152] (GfK)
Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380152] (GfK)
Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380152] (GfK)
Winsock: Catalog9-x64 16 C:\Windows\system32\GfKLSPService64.DLL [380152] (GfK)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
FireFox:
========
FF ProfilePath: C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: https://apps.facebook.com/candycrush/?fb_source=bookmark_apps&ref=bookmarks&count=1&fb_bmpos=2_1
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\sprenger\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\sprenger\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: firebug - C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: toolbar - C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\Extensions\toolbar@gmx.net.xpi
FF Extension: defaults - C:\Users\sprenger\AppData\Roaming\Mozilla\Firefox\Profiles\kapjm7bc.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
FF Extension: pdfforge - C:\Program Files (x86)\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com
FF Extension: wtxpcom - C:\Program Files (x86)\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com
FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - [INSTALLDIR]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor
FF HKCU\...\Firefox\Extensions: [{df340737-4d2d-473e-a376-cc713ef560ba}] - C:\Program Files (x86)\Copernic Desktop Search - Home\Firefox70Connector
FF Extension: Verbindung zu Copernic Desktop Search - Home - C:\Program Files (x86)\Copernic Desktop Search - Home\Firefox70Connector
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_deDE436
CHR DefaultSuggestURL: (Google) - "suggest_url": "",
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\sprenger\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\sprenger\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\sprenger\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Gacela Plugin) - C:\Users\sprenger\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkejcihojcegdmifcnlkhmnelneogef\11.3.1009_0\plugin/npgacela.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\sprenger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\sprenger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (GfK Internet-Monitor) - C:\Users\sprenger\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkejcihojcegdmifcnlkhmnelneogef\12.8.346_0
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\sprenger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\sprenger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\sprenger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [igkejcihojcegdmifcnlkhmnelneogef] - C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\extension.crx
CHR StartMenuInternet: Google Chrome - C:\Users\sprenger\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
S2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
S2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3019752 2013-09-03] ()
S2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-09-03] ()
S2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-09-03] (GfK)
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}\Installer\InstallerService.exe [118784 2012-07-24] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
==================== Drivers (Whitelisted) ====================
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-07] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-07] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-30 15:42 - 2013-10-30 15:42 - 00000000 ____D C:\FRST
2013-10-30 15:41 - 2013-10-30 15:41 - 01956614 _____ (Farbar) C:\Users\sprenger\Desktop\FRST64.exe
2013-10-30 15:39 - 2013-10-30 15:39 - 00000478 _____ C:\Users\sprenger\Desktop\defogger_disable.log
2013-10-30 15:39 - 2013-10-30 15:39 - 00000000 _____ C:\Users\sprenger\defogger_reenable
2013-10-30 15:38 - 2013-10-30 15:38 - 00050477 _____ C:\Users\sprenger\Downloads\Defogger(2).exe
2013-10-30 15:36 - 2013-10-30 15:36 - 00050477 _____ C:\Users\sprenger\Downloads\Defogger(1).exe
2013-10-30 15:35 - 2013-10-30 15:35 - 00050477 _____ C:\Users\sprenger\Desktop\Defogger.exe
2013-10-29 19:31 - 2013-10-29 19:31 - 00000056 _____ C:\Windows\setupact.log
2013-10-29 19:31 - 2013-10-29 19:31 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 19:25 - 2013-10-29 19:25 - 00028104 _____ C:\Users\sprenger\Documents\cc_20131029_192534.reg
2013-10-29 13:14 - 2013-10-29 19:31 - 00000297 _____ C:\ProgramData\jwfr1j6bfr.reg
2013-10-29 11:53 - 2013-10-29 19:32 - 95025368 ____T C:\ProgramData\jwfr1j6bfr.bxx
2013-10-29 11:53 - 2013-10-29 19:31 - 00000000 _____ C:\ProgramData\jwfr1j6bfr.fvv
2013-10-29 11:53 - 2013-10-29 11:53 - 00139264 _____ (Sekizenkan Company) C:\ProgramData\rfb6j1rfwj.dss
2013-10-29 11:53 - 2013-10-29 11:53 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\jwfr1j6bfr.pss
2013-10-29 05:10 - 2013-10-29 05:10 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D9C39181-AAC3-4229-BED2-0FD904F153AF}
2013-10-28 05:10 - 2013-10-28 05:10 - 00000000 ____D C:\Users\sprenger\AppData\Local\{DFBE46AB-BB47-425E-A21A-F0F96D8C89A2}
2013-10-27 07:15 - 2013-10-27 07:16 - 00000000 ____D C:\Users\sprenger\AppData\Local\{13429153-39A9-4425-B5BB-7E433FEA0A38}
2013-10-26 13:50 - 2013-10-26 13:50 - 00012738 _____ C:\Users\sprenger\Downloads\opa kündigung versicherung.odt
2013-10-25 03:16 - 2013-10-25 03:16 - 00000000 ____D C:\Users\sprenger\AppData\Local\{41E2A39A-E665-4279-AEFC-DBCD92B22620}
2013-10-24 04:07 - 2013-10-24 04:07 - 00000000 ____D C:\Users\sprenger\AppData\Local\{DA10A5D2-BB7D-4B2F-915A-578682B8A954}
2013-10-23 15:45 - 2013-10-23 15:45 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D288AA2C-C915-493F-A98B-31D4FCEBCECC}
2013-10-23 03:13 - 2013-10-23 03:14 - 00000000 ____D C:\Users\sprenger\AppData\Local\{B611C558-BCCA-4954-A2AA-E86A28A0B2AC}
2013-10-21 16:18 - 2013-10-21 16:19 - 00000000 ____D C:\Users\sprenger\AppData\Local\{87D734C1-77C8-4A61-8DB3-D01FB2AE54F8}
2013-10-21 03:19 - 2013-10-21 03:19 - 00000000 ____D C:\Users\sprenger\AppData\Local\{9B8B9E5A-17C5-4832-B22E-330E34B17DFB}
2013-10-20 08:25 - 2013-10-20 08:25 - 00000000 ____D C:\Program Files\GMX MailCheck
2013-10-20 06:46 - 2013-10-20 06:46 - 00000000 ____D C:\ProgramData\UUdb
2013-10-20 06:42 - 2013-10-20 06:42 - 00000000 ____D C:\Users\sprenger\AppData\Local\{57E7AD44-074E-433C-99D6-919C4603D6FB}
2013-10-19 02:18 - 2013-10-19 02:18 - 00000000 ____D C:\Users\sprenger\AppData\Local\{80A18242-3DED-40AF-AD98-C52250CB59CD}
2013-10-18 02:24 - 2013-10-18 02:24 - 00000000 ____D C:\Users\sprenger\AppData\Local\{4C8F1177-8303-449E-BEEB-59BC4D252E4E}
2013-10-17 03:21 - 2013-10-17 03:22 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D768EC32-CD1F-47DD-94FC-5B7796E39FCF}
2013-10-16 04:30 - 2013-10-16 04:30 - 00000000 ____D C:\ProgramData\1&1 Mail & Media GmbH
2013-10-16 02:32 - 2013-10-16 02:32 - 00000000 ____D C:\Users\sprenger\AppData\Local\{EBFE0640-4E31-4A63-BAF0-FE1DCE3CA406}
2013-10-15 03:46 - 2013-10-15 03:46 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D2A17322-44BB-4213-8CC2-34BE7CF2EB0E}
2013-10-14 03:02 - 2013-10-14 03:03 - 00000000 ____D C:\Users\sprenger\AppData\Local\{09E320CB-E86B-4227-ABC6-AE9FA337B022}
2013-10-13 07:59 - 2013-10-13 07:59 - 00000162 ____H C:\Users\sprenger\Documents\~$papa.odt
2013-10-13 06:41 - 2013-10-13 06:41 - 00000000 ____D C:\Users\sprenger\AppData\Local\{5C2541FA-E091-4A00-A2FA-342F8D753B0D}
2013-10-12 08:39 - 2013-10-12 08:39 - 00000000 ____D C:\Users\sprenger\AppData\Local\{DBC561F3-F232-4256-9FD8-73CB39BF8D43}
2013-10-11 16:02 - 2013-10-11 16:02 - 00000000 ____D C:\Users\sprenger\AppData\Local\{C142820A-28FC-47F0-97E7-D6BC898359D0}
2013-10-10 21:20 - 2013-10-10 21:20 - 00000000 ____D C:\Users\sprenger\AppData\Local\{30EBFE26-5C05-4BB4-90B9-61D05B35E4FF}
2013-10-10 21:20 - 2013-09-03 15:54 - 00381928 _____ (GfK) C:\Windows\SysWOW64\GfKLSPService64.dll
2013-10-10 21:20 - 2013-09-03 15:54 - 00314344 _____ (GfK) C:\Windows\SysWOW64\GfKLSPService.dll
2013-10-10 04:57 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 04:57 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 04:57 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 04:57 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 04:57 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 04:57 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 04:57 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 04:57 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 04:57 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 04:57 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 04:57 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 04:57 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 04:23 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 04:23 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 04:23 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 04:23 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 04:23 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 04:23 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 04:23 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 04:23 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 04:23 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 04:23 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 04:23 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 04:23 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 04:23 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 04:23 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 04:23 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 04:23 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 04:23 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 04:23 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 04:23 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 04:23 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 04:23 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 04:23 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 04:23 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 04:23 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 04:23 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 04:23 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 04:23 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 04:23 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 04:23 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 04:23 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 04:23 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 04:23 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 04:23 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 04:23 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 04:23 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 04:23 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 04:23 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 04:23 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 04:23 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 04:23 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 04:23 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 04:23 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 04:23 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 04:23 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 04:23 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 04:23 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 04:07 - 2013-10-10 04:07 - 00001939 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-10 04:07 - 2013-10-10 04:07 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-10 04:01 - 2013-10-10 04:01 - 00000000 ____D C:\Users\sprenger\AppData\Local\{CCC83050-7697-4BBF-893D-B60BFCB33131}
2013-10-09 09:00 - 2013-10-09 09:00 - 00000000 ____D C:\Users\sprenger\AppData\Local\{2A5A83B8-0A3B-4517-B1CA-C73D1C765254}
2013-10-08 16:31 - 2013-10-08 16:31 - 00000000 ____D C:\Users\sprenger\AppData\Local\{B0DDDC19-68D2-4EC1-B422-8E18DDE3E121}
2013-10-08 03:16 - 2013-10-08 03:17 - 00000000 ____D C:\Users\sprenger\AppData\Local\{9191F3CF-1BED-42D8-844F-29A536724EEC}
2013-10-07 03:22 - 2013-10-07 03:22 - 00000000 ____D C:\Users\sprenger\AppData\Local\{053DEB09-F833-47BB-9886-EFEBBE2890C2}
2013-10-06 06:46 - 2013-10-06 06:46 - 00000000 ____D C:\Users\sprenger\AppData\Local\{459C6852-CFDE-4EED-9FFE-90FFA17AF2ED}
2013-10-05 02:22 - 2013-10-05 02:22 - 00000000 ____D C:\Users\sprenger\AppData\Local\{7B270EC2-E310-4181-91B9-118FF420B0F8}
2013-10-04 02:40 - 2013-10-04 02:40 - 00000000 ____D C:\Users\sprenger\AppData\Local\{53B65F64-E456-4027-8FA6-9F8A73F1ED17}
2013-10-04 02:38 - 2013-10-04 04:50 - 99176917 _____ C:\Windows\SysWOW64\儱브J
2013-10-03 10:35 - 2013-10-03 10:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-03 07:57 - 2013-10-03 07:57 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D7CEE0B2-22A7-4CF0-8027-6B9002A7E7B6}
2013-10-02 16:53 - 2013-10-02 16:53 - 00000000 ____D C:\Users\sprenger\AppData\Local\{96554FC7-D4F1-44DB-A1F6-28BB328611EB}
2013-10-02 04:32 - 2013-10-02 04:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 17:53 - 2013-10-01 17:53 - 00000000 ____D C:\Users\sprenger\AppData\Local\{55987969-F72C-43EC-AE63-23705A48A67C}
2013-10-01 02:34 - 2013-10-01 02:34 - 00000000 ____D C:\Users\sprenger\AppData\Local\{B9E4761B-C44A-4780-8C5A-200CCA17867F}
2013-09-30 02:21 - 2013-09-30 02:21 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D724B756-82B2-47C4-9DB7-96D6C9CBD4B0}
==================== One Month Modified Files and Folders =======
2013-10-30 15:42 - 2013-10-30 15:42 - 00000000 ____D C:\FRST
2013-10-30 15:41 - 2013-10-30 15:41 - 01956614 _____ (Farbar) C:\Users\sprenger\Desktop\FRST64.exe
2013-10-30 15:39 - 2013-10-30 15:39 - 00000478 _____ C:\Users\sprenger\Desktop\defogger_disable.log
2013-10-30 15:39 - 2013-10-30 15:39 - 00000000 _____ C:\Users\sprenger\defogger_reenable
2013-10-30 15:39 - 2011-06-17 14:37 - 00000000 ____D C:\Users\sprenger
2013-10-30 15:38 - 2013-10-30 15:38 - 00050477 _____ C:\Users\sprenger\Downloads\Defogger(2).exe
2013-10-30 15:36 - 2013-10-30 15:36 - 00050477 _____ C:\Users\sprenger\Downloads\Defogger(1).exe
2013-10-30 15:35 - 2013-10-30 15:35 - 00050477 _____ C:\Users\sprenger\Desktop\Defogger.exe
2013-10-30 15:29 - 2010-11-21 07:50 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-10-30 15:29 - 2010-11-21 07:50 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-10-30 15:29 - 2009-07-14 06:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-29 19:32 - 2013-10-29 11:53 - 95025368 ____T C:\ProgramData\jwfr1j6bfr.bxx
2013-10-29 19:32 - 2012-05-25 16:51 - 00000000 ____D C:\Program Files (x86)\GfKLSPService
2013-10-29 19:31 - 2013-10-29 19:31 - 00000056 _____ C:\Windows\setupact.log
2013-10-29 19:31 - 2013-10-29 19:31 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 19:31 - 2013-10-29 13:14 - 00000297 _____ C:\ProgramData\jwfr1j6bfr.reg
2013-10-29 19:31 - 2013-10-29 11:53 - 00000000 _____ C:\ProgramData\jwfr1j6bfr.fvv
2013-10-29 19:31 - 2012-05-25 16:53 - 00000000 ____D C:\Program Files (x86)\GfK Internet-Monitor
2013-10-29 19:31 - 2011-06-17 15:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 19:31 - 2011-05-16 00:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-29 19:31 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 19:25 - 2013-10-29 19:25 - 00028104 _____ C:\Users\sprenger\Documents\cc_20131029_192534.reg
2013-10-29 19:23 - 2012-09-13 03:21 - 00000000 ____D C:\Windows\Minidump
2013-10-29 13:11 - 2011-06-29 04:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-10-29 13:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-10-29 12:10 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-29 11:53 - 2013-10-29 11:53 - 00139264 _____ (Sekizenkan Company) C:\ProgramData\rfb6j1rfwj.dss
2013-10-29 11:53 - 2013-10-29 11:53 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\jwfr1j6bfr.pss
2013-10-29 05:10 - 2013-10-29 05:10 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D9C39181-AAC3-4229-BED2-0FD904F153AF}
2013-10-28 05:12 - 2011-06-18 18:20 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{60D806E1-AFB6-452F-BE1B-BF01AE944F94}
2013-10-28 05:12 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-28 05:12 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-28 05:10 - 2013-10-28 05:10 - 00000000 ____D C:\Users\sprenger\AppData\Local\{DFBE46AB-BB47-425E-A21A-F0F96D8C89A2}
2013-10-27 09:59 - 2012-04-11 07:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-27 09:50 - 2012-11-28 04:18 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000UA.job
2013-10-27 07:35 - 2011-06-17 15:31 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 07:16 - 2013-10-27 07:15 - 00000000 ____D C:\Users\sprenger\AppData\Local\{13429153-39A9-4425-B5BB-7E433FEA0A38}
2013-10-26 13:50 - 2013-10-26 13:50 - 00012738 _____ C:\Users\sprenger\Downloads\opa kündigung versicherung.odt
2013-10-26 13:39 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-25 03:16 - 2013-10-25 03:16 - 00000000 ____D C:\Users\sprenger\AppData\Local\{41E2A39A-E665-4279-AEFC-DBCD92B22620}
2013-10-24 04:07 - 2013-10-24 04:07 - 00000000 ____D C:\Users\sprenger\AppData\Local\{DA10A5D2-BB7D-4B2F-915A-578682B8A954}
2013-10-23 15:45 - 2013-10-23 15:45 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D288AA2C-C915-493F-A98B-31D4FCEBCECC}
2013-10-23 03:14 - 2013-10-23 03:13 - 00000000 ____D C:\Users\sprenger\AppData\Local\{B611C558-BCCA-4954-A2AA-E86A28A0B2AC}
2013-10-22 14:50 - 2012-11-28 04:18 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000Core.job
2013-10-21 16:19 - 2013-10-21 16:18 - 00000000 ____D C:\Users\sprenger\AppData\Local\{87D734C1-77C8-4A61-8DB3-D01FB2AE54F8}
2013-10-21 03:19 - 2013-10-21 03:19 - 00000000 ____D C:\Users\sprenger\AppData\Local\{9B8B9E5A-17C5-4832-B22E-330E34B17DFB}
2013-10-20 08:25 - 2013-10-20 08:25 - 00000000 ____D C:\Program Files\GMX MailCheck
2013-10-20 08:25 - 2012-10-05 04:13 - 00000000 ____D C:\Program Files (x86)\GMX MailCheck
2013-10-20 06:46 - 2013-10-20 06:46 - 00000000 ____D C:\ProgramData\UUdb
2013-10-20 06:46 - 2012-02-24 05:05 - 00003884 _____ C:\Windows\System32\Tasks\Registration 1und1 Task
2013-10-20 06:46 - 2012-02-24 05:05 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung
2013-10-20 06:42 - 2013-10-20 06:42 - 00000000 ____D C:\Users\sprenger\AppData\Local\{57E7AD44-074E-433C-99D6-919C4603D6FB}
2013-10-19 02:18 - 2013-10-19 02:18 - 00000000 ____D C:\Users\sprenger\AppData\Local\{80A18242-3DED-40AF-AD98-C52250CB59CD}
2013-10-18 02:24 - 2013-10-18 02:24 - 00000000 ____D C:\Users\sprenger\AppData\Local\{4C8F1177-8303-449E-BEEB-59BC4D252E4E}
2013-10-17 03:22 - 2013-10-17 03:21 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D768EC32-CD1F-47DD-94FC-5B7796E39FCF}
2013-10-16 04:30 - 2013-10-16 04:30 - 00000000 ____D C:\ProgramData\1&1 Mail & Media GmbH
2013-10-16 02:32 - 2013-10-16 02:32 - 00000000 ____D C:\Users\sprenger\AppData\Local\{EBFE0640-4E31-4A63-BAF0-FE1DCE3CA406}
2013-10-15 03:46 - 2013-10-15 03:46 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D2A17322-44BB-4213-8CC2-34BE7CF2EB0E}
2013-10-14 03:03 - 2013-10-14 03:02 - 00000000 ____D C:\Users\sprenger\AppData\Local\{09E320CB-E86B-4227-ABC6-AE9FA337B022}
2013-10-13 17:55 - 2012-04-10 19:17 - 00000000 ____D C:\Users\sprenger\AppData\Roaming\AlawarEntertainment
2013-10-13 16:55 - 2012-01-31 18:08 - 00000000 ____D C:\Users\sprenger\AppData\Roaming\LestaStudio
2013-10-13 15:49 - 2011-08-18 17:17 - 00000000 ____D C:\Users\sprenger\AppData\Roaming\Orneon
2013-10-13 12:45 - 2011-07-05 16:31 - 00000000 ____D C:\Users\sprenger\AppData\Roaming\SoftGrid Client
2013-10-13 07:59 - 2013-10-13 07:59 - 00000162 ____H C:\Users\sprenger\Documents\~$papa.odt
2013-10-13 06:41 - 2013-10-13 06:41 - 00000000 ____D C:\Users\sprenger\AppData\Local\{5C2541FA-E091-4A00-A2FA-342F8D753B0D}
2013-10-12 14:45 - 2012-11-28 04:18 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000UA
2013-10-12 14:45 - 2012-11-28 04:18 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000Core
2013-10-12 08:39 - 2013-10-12 08:39 - 00000000 ____D C:\Users\sprenger\AppData\Local\{DBC561F3-F232-4256-9FD8-73CB39BF8D43}
2013-10-11 16:02 - 2013-10-11 16:02 - 00000000 ____D C:\Users\sprenger\AppData\Local\{C142820A-28FC-47F0-97E7-D6BC898359D0}
2013-10-11 07:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-11 07:02 - 2011-06-17 15:31 - 00000000 ____D C:\Users\sprenger\AppData\Local\Google
2013-10-11 03:59 - 2012-05-25 16:51 - 00003848 _____ C:\Windows\SysWOW64\GfKLSPService.ini
2013-10-11 03:59 - 2012-05-25 16:51 - 00002640 _____ C:\Windows\SysWOW64\GacelaLSPServiceOff.ini
2013-10-11 03:59 - 2011-12-26 17:02 - 00002640 _____ C:\Windows\system32\GacelaLSPServiceOff.ini
2013-10-10 21:20 - 2013-10-10 21:20 - 00000000 ____D C:\Users\sprenger\AppData\Local\{30EBFE26-5C05-4BB4-90B9-61D05B35E4FF}
2013-10-10 06:47 - 2009-07-14 05:45 - 00294344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 06:44 - 2012-05-15 02:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 06:44 - 2012-05-15 02:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 04:53 - 2013-08-15 07:00 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 04:47 - 2011-06-27 04:45 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 04:07 - 2013-10-10 04:07 - 00001939 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-10 04:07 - 2013-10-10 04:07 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-10 04:01 - 2013-10-10 04:01 - 00000000 ____D C:\Users\sprenger\AppData\Local\{CCC83050-7697-4BBF-893D-B60BFCB33131}
2013-10-09 09:00 - 2013-10-09 09:00 - 00000000 ____D C:\Users\sprenger\AppData\Local\{2A5A83B8-0A3B-4517-B1CA-C73D1C765254}
2013-10-09 08:01 - 2012-10-11 11:00 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-10-09 08:01 - 2012-04-11 07:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 08:01 - 2012-04-11 07:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 08:01 - 2011-06-17 15:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 04:30 - 2011-06-17 15:31 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 04:30 - 2011-06-17 15:31 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 16:31 - 2013-10-08 16:31 - 00000000 ____D C:\Users\sprenger\AppData\Local\{B0DDDC19-68D2-4EC1-B422-8E18DDE3E121}
2013-10-08 03:17 - 2013-10-08 03:16 - 00000000 ____D C:\Users\sprenger\AppData\Local\{9191F3CF-1BED-42D8-844F-29A536724EEC}
2013-10-07 12:15 - 2013-05-06 11:18 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-07 12:15 - 2013-03-30 07:02 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-07 12:15 - 2013-03-30 07:02 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-07 12:15 - 2013-03-30 07:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-07 03:22 - 2013-10-07 03:22 - 00000000 ____D C:\Users\sprenger\AppData\Local\{053DEB09-F833-47BB-9886-EFEBBE2890C2}
2013-10-06 06:46 - 2013-10-06 06:46 - 00000000 ____D C:\Users\sprenger\AppData\Local\{459C6852-CFDE-4EED-9FFE-90FFA17AF2ED}
2013-10-05 02:22 - 2013-10-05 02:22 - 00000000 ____D C:\Users\sprenger\AppData\Local\{7B270EC2-E310-4181-91B9-118FF420B0F8}
2013-10-04 04:50 - 2013-10-04 02:38 - 99176917 _____ C:\Windows\SysWOW64\儱브J
2013-10-04 02:40 - 2013-10-04 02:40 - 00000000 ____D C:\Users\sprenger\AppData\Local\{53B65F64-E456-4027-8FA6-9F8A73F1ED17}
2013-10-03 10:35 - 2013-10-03 10:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-03 07:57 - 2013-10-03 07:57 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D7CEE0B2-22A7-4CF0-8027-6B9002A7E7B6}
2013-10-03 06:12 - 2012-07-01 06:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-02 16:55 - 2012-07-26 04:13 - 00000000 ____D C:\Users\sprenger\AppData\Local\Mozilla
2013-10-02 16:53 - 2013-10-02 16:53 - 00000000 ____D C:\Users\sprenger\AppData\Local\{96554FC7-D4F1-44DB-A1F6-28BB328611EB}
2013-10-02 04:32 - 2013-10-02 04:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 17:53 - 2013-10-01 17:53 - 00000000 ____D C:\Users\sprenger\AppData\Local\{55987969-F72C-43EC-AE63-23705A48A67C}
2013-10-01 02:34 - 2013-10-01 02:34 - 00000000 ____D C:\Users\sprenger\AppData\Local\{B9E4761B-C44A-4780-8C5A-200CCA17867F}
2013-09-30 02:21 - 2013-09-30 02:21 - 00000000 ____D C:\Users\sprenger\AppData\Local\{D724B756-82B2-47C4-9DB7-96D6C9CBD4B0}
Files to move or delete:
====================
C:\Users\sprenger\AppData\Roaming\settings.ini
C:\ProgramData\jwfr1j6bfr.reg
C:\ProgramData\ofeaq.pad
C:\ProgramData\qaefo.dat
C:\ProgramData\rfb6j1rfwj.dss
C:\Users\sprenger\AppData\Roaming\i.ini
Some content of TEMP:
====================
C:\Users\sprenger\AppData\Local\Temp\avgnt.exe
C:\Users\sprenger\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-26 09:31
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2013
Ran by sprenger at 2013-10-30 15:43:39
Running from C:\Users\sprenger\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Airwave (x32 Version: 1.00.0000)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Amulet of Time: Shadow of la Rochelle (x32)
Artifacts of the Past: Mysterien der Antike (x32)
Ashley Jones – Reise Ins Alte Ägypten (x32 Version: 1.0.0.0)
ATI Catalyst Install Manager (Version: 3.0.816.0)
Avira Free Antivirus (x32 Version: 14.0.0.383)
Babylon toolbar on IE (x32)
Big Fish: Game Manager (x32 Version: 3.2.0.6)
Bing Bar (x32 Version: 7.3.107.0)
Catalyst Control Center InstallProxy (x32 Version: 2011.0308.2325.42017)
CCleaner (Version: 3.07)
CDBurnerXP (Version: 4.3.8.2523)
Columbus: Der Geist im Stein (x32)
Copernic Desktop Search - Home (x32)
CVE-2012-4969
D3DX10 (x32 Version: 15.4.2368.0902)
Dark Tales: Der schwarze Kater von Edgar Allan Poe (x32)
Das Vermächtnis der Insel (x32 Version: 1.0.0.0)
Das Vermächtnis der Insel 2 (x32 Version: 1.0.0.0)
Depths of Betrayal (x32)
Der Exorzist II (x32 Version: 1.0.0.0)
Der Gesandte des Königs (x32 Version: 1.0.0.0)
Deutschland Spielt - Spiele Post (x32 Version: 1.0.3.0)
DEUTSCHLAND SPIELT GAME CENTER (x32 Version: 1.0.0.46)
Die Fisch-Oase 3 (x32 Version: 1.0.0.0)
Die Jade-Münze (x32 Version: 1.0.0.0)
Die Schatzsucher 4 - Das Ende ist Nahe (x32)
Die Wiege Roms 2 (x32 Version: 1.0.0.0)
Die*Sims™*3 (x32 Version: 1.0.631)
Dr. Jekyll & Mr. Hyde (x32)
Dracula: Tödliche Liebe (x32)
Dungeon Rider (x32 Version: 1.1)
Edna Bricht Aus (x32 Version: 1.0)
ElsterFormular für Privatanwender (x32 Version: 13.2.0.8623p)
Empress of the Deep 2: Der Gesang des Blauwals (x32)
Empress of the Deep: Das dunkle Geheimnis (x32)
Epic Adventures: La Jangada (x32 Version: 1.0.0.0)
Fabled Legends: Die Rückkehr des Rattenfängers (x32)
Fairy Tale Mysteries: Der Puppenspieler (x32)
Foxit Reader 5.0 (x32 Version: 5.0.1.0527)
Free YouTube to MP3 Converter version 3.11.32.918 (x32 Version: 3.11.32.918)
Geheime Fälle: Vermisst in Rom (x32 Version: 1.0.0.0)
GfK Internet-Monitor (x32 Version: 12.1.59)
GMX MailCheck für Internet Explorer (x32 Version: 2.4.0.0)
GMX MailCheck für Mozilla Firefox (x32 Version: 2.1.4.1300)
GMX Softwareaktualisierung (x32 Version: 3.0.0.55)
Goin Downtown (x32 Version: 1.00.0000)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
Grim Tales: Das Vermächtnis (x32)
Hallowed Legends: Das Schiff aus Knochen (x32)
Haunted Halls: Das Grauen von Green Hills (x32)
Haunted Legends: Der Bronzene Reiter (x32)
Haunted Manor: Die Königin des Todes (x32)
Haus der 1000 Türen - Die Feuerschlangen (x32)
Haus der 1000 Türen - Familiengeheimnisse (x32)
Hidden Mysteries®: Vampire Secrets (x32)
Hidden Mysteries: Salem Secrets (x32)
Hidden Object Crosswords (x32)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2266)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
Jane Angel (x32 Version: 1.0.0.0)
Java(TM) 6 Update 27 (64-bit) (Version: 6.0.270)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Land der Magie (x32 Version: 1.0.0.0)
Love Story: Das Strandhaus (x32)
Macabre Mysteries: Der Fluch des Nightingale (x32)
Maestro: Die Symphonie des Todes (x32)
Margrave: Die Tochter des Schmieds (x32)
McAfee Security Scan Plus (Version: 3.8.130.8)
Mein Gartenparadies: Frühlingserwachen (x32 Version: 1.0.0.0)
Meine Boutique 2 (x32 Version: 1.0.0.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Mysteries of Magic Island (x32)
Mysteries of the Mind: Koma (x32)
Mystery Case Files®: Shadow Lake (x32)
Mystery Chronicles: Mord unter Freunden (x32)
Mystery Trackers: Raincliff (x32)
Nightmare Adventures: Das Verlies der Hexe (x32)
Nightmare Realm: Am Ende... (x32)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia PC Suite (x32 Version: 7.1.180.46)
Nokia Suite (x32 Version: 3.4.49.0)
NVIDIA 3D Vision Treiber 270.61 (Version: 270.61)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA ForceWare Network Access Manager (x32 Version: 1.00.7325.0)
NVIDIA Grafiktreiber 270.61 (Version: 270.61)
NVIDIA HD-Audiotreiber 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.270.54.0)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.7061)
NVIDIA Systemsteuerung 270.61 (Version: 270.61)
OpenAL (x32)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Origin (x32 Version: 8.2.5.2532)
Otherworld: Omen des Sommers (x32)
Our Worst Fears: Blumen des Todes (x32)
PC Connectivity Solution (x32 Version: 12.0.17.0)
PDF Converter (HKCU)
PDFCreator (x32 Version: 1.2.2)
pdfforge Toolbar v4.6 (x32 Version: 4.6)
Platform (x32 Version: 1.34)
PuppetShow: Die Seelen der Unschuldigen (x32)
PuppetShow: Die verlorene Stadt (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.37.1229.2010)
Redemption Cemetery: Die Not der Kinder Sammleredition (x32)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0)
Ritter Arthur (x32 Version: 1.0.0.0)
Sandra Fleming Chronicles – Crystal Skulls (x32 Version: 1.0.0.0)
Schatz der Azteken (x32 Version: 1.00.0000)
Schuld und Sühne: Raskolnikov (x32 Version: 1.0.0.0)
Secrets of the Dark - Geheimnis des Familienanwesens (x32)
Shades of Death: Blaues Blut (x32)
Shiver: Die verschollene Tramperin (x32)
Silent Nights: Die Wunderkinder (x32)
Sinister City (x32 Version: 1.0.0.0)
Sonya (x32)
Spirit Seasons - Kleine Geistergeschichte (x32)
Spuk im Wirtshaus (x32)
Surface: Die fliegende Stadt (x32)
Tales of Lagoona: Waisen des Ozeans (x32 Version: 1.0.0.0)
The Agency of Anomalies: Unglück im Waisenhaus (x32)
The Fool (x32)
Timeless: Das vergessene Schloss (x32)
Tödliche Sonate: Ein Dana Knightstone-Roman (x32)
Trial of the Gods: Ariadnes Odyssee (x32)
Twilight Phenomena: Die Mieter aus Nr. 13 (x32)
Twisted Lands: Schlaflos (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Vampireville (x32 Version: 1.0.0.0)
Verschleierte Wirklichkeit (x32 Version: 1.0.0.0)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
W&G - Urlaub Unter Tage (x32 Version: 1.0.0.15)
Whispered Secrets: Die Geschichte von Tideville (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
WinRAR 4.00 (64-Bit) (Version: 4.00.0)
Witches' Legacy: Der Fluch der Hexen (x32)
WMV9/VC-1 Video Playback (Version: 1.00.0000)
XAMPP 1.8.1-0 (x32 Version: 1.8.1-0)
Youda Legend (x32)
==================== Restore Points =========================
07-10-2013 02:28:21 Windows-Sicherung
10-10-2013 03:10:10 Windows Update
10-10-2013 03:42:29 Windows Update
13-10-2013 17:00:27 Windows-Sicherung
16-10-2013 01:32:23 Windows Update
21-10-2013 02:10:14 Windows-Sicherung
23-10-2013 02:16:26 Windows Update
26-10-2013 07:25:41 Windows Update
28-10-2013 04:15:15 Windows-Sicherung
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {040CBE33-96A7-44B0-A7D6-153EB385270D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {0E9C1424-7866-4683-B647-340B24CBCE8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17] (Google Inc.)
Task: {0EFE8BD8-4DF7-4DC6-A2E1-B82B66985C11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17] (Google Inc.)
Task: {420427BB-99B7-4608-A3C2-557416BC4689} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)
Task: {51612E7F-F744-4044-B6BB-B606DA9D2BB5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000Core => C:\Users\sprenger\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: {5EB181A6-BDE1-4C2A-B97D-189CDD3B866A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000UA => C:\Users\sprenger\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: {855CC4CE-C4A8-432E-A075-A9CF8B19F441} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {9B48FC61-6E8D-4E7B-8903-D5C0A989891B} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {A60EE680-96CD-460B-B509-A1FA1EDCF8AB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000Core.job => C:\Users\sprenger\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2260964575-2753946872-1401531445-1000UA.job => C:\Users\sprenger\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-05-07 01:08 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-10-02 04:32 - 2013-10-02 04:32 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-07 20:54 - 2011-04-07 20:54 - 00239720 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:00D99749
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:0168CC60
AlternateDataStreams: C:\ProgramData\TEMP:01F9D1B4
AlternateDataStreams: C:\ProgramData\TEMP:021703B2
AlternateDataStreams: C:\ProgramData\TEMP:036AA5DD
AlternateDataStreams: C:\ProgramData\TEMP:0410A323
AlternateDataStreams: C:\ProgramData\TEMP:041C0562
AlternateDataStreams: C:\ProgramData\TEMP:0696EC8E
AlternateDataStreams: C:\ProgramData\TEMP:08E5EE32
AlternateDataStreams: C:\ProgramData\TEMP:092BD83A
AlternateDataStreams: C:\ProgramData\TEMP:0AC32449
AlternateDataStreams: C:\ProgramData\TEMP:0BACBDD9
AlternateDataStreams: C:\ProgramData\TEMP:0BBF232A
AlternateDataStreams: C:\ProgramData\TEMP:0BCD47A5
AlternateDataStreams: C:\ProgramData\TEMP:0ED1C542
AlternateDataStreams: C:\ProgramData\TEMP:0F64164E
AlternateDataStreams: C:\ProgramData\TEMP:109734F6
AlternateDataStreams: C:\ProgramData\TEMP:10B970A9
AlternateDataStreams: C:\ProgramData\TEMP:10CB85CA
AlternateDataStreams: C:\ProgramData\TEMP:114C90CA
AlternateDataStreams: C:\ProgramData\TEMP:11590865
AlternateDataStreams: C:\ProgramData\TEMP:120B3AFD
AlternateDataStreams: C:\ProgramData\TEMP:12258D63
AlternateDataStreams: C:\ProgramData\TEMP:1234ADAE
AlternateDataStreams: C:\ProgramData\TEMP:12383CAE
AlternateDataStreams: C:\ProgramData\TEMP:124B94C0
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B
AlternateDataStreams: C:\ProgramData\TEMP:13CDB0E0
AlternateDataStreams: C:\ProgramData\TEMP:140AD176
AlternateDataStreams: C:\ProgramData\TEMP:1416AAA6
AlternateDataStreams: C:\ProgramData\TEMP:14A1BBE3
AlternateDataStreams: C:\ProgramData\TEMP:14B2E0BD
AlternateDataStreams: C:\ProgramData\TEMP:15734396
AlternateDataStreams: C:\ProgramData\TEMP:1604D047
AlternateDataStreams: C:\ProgramData\TEMP:160ADF0B
AlternateDataStreams: C:\ProgramData\TEMP:164561C8
AlternateDataStreams: C:\ProgramData\TEMP:16A4620C
AlternateDataStreams: C:\ProgramData\TEMP:183A9046
AlternateDataStreams: C:\ProgramData\TEMP:18A25CF1
AlternateDataStreams: C:\ProgramData\TEMP:18B5F839
AlternateDataStreams: C:\ProgramData\TEMP:18DEBC51
AlternateDataStreams: C:\ProgramData\TEMP:195E8317
AlternateDataStreams: C:\ProgramData\TEMP:1999DD0A
AlternateDataStreams: C:\ProgramData\TEMP:1A5822A3
AlternateDataStreams: C:\ProgramData\TEMP:1A8854EC
AlternateDataStreams: C:\ProgramData\TEMP:1B389835
AlternateDataStreams: C:\ProgramData\TEMP:1CDEDE11
AlternateDataStreams: C:\ProgramData\TEMP:1DB77A89
AlternateDataStreams: C:\ProgramData\TEMP:1E2D49E0
AlternateDataStreams: C:\ProgramData\TEMP:1EAB6298
AlternateDataStreams: C:\ProgramData\TEMP:1FA4C06F
AlternateDataStreams: C:\ProgramData\TEMP:2043337E
AlternateDataStreams: C:\ProgramData\TEMP:217A2324
AlternateDataStreams: C:\ProgramData\TEMP:2211E7A0
AlternateDataStreams: C:\ProgramData\TEMP:2339C9FD
AlternateDataStreams: C:\ProgramData\TEMP:23834E1E
AlternateDataStreams: C:\ProgramData\TEMP:24164710
AlternateDataStreams: C:\ProgramData\TEMP:24C072FF
AlternateDataStreams: C:\ProgramData\TEMP:254AD2ED
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:2727F067
AlternateDataStreams: C:\ProgramData\TEMP:27974442
AlternateDataStreams: C:\ProgramData\TEMP:27A88EF2
AlternateDataStreams: C:\ProgramData\TEMP:27D1368B
AlternateDataStreams: C:\ProgramData\TEMP:282CE153
AlternateDataStreams: C:\ProgramData\TEMP:28BE9DE0
AlternateDataStreams: C:\ProgramData\TEMP:28DFF83F
AlternateDataStreams: C:\ProgramData\TEMP:29F0CA7D
AlternateDataStreams: C:\ProgramData\TEMP:2A874675
AlternateDataStreams: C:\ProgramData\TEMP:2ABB51D4
AlternateDataStreams: C:\ProgramData\TEMP:2AC146B9
AlternateDataStreams: C:\ProgramData\TEMP:2AD33723
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9
AlternateDataStreams: C:\ProgramData\TEMP:2B9555D8
AlternateDataStreams: C:\ProgramData\TEMP:2BFCDF84
AlternateDataStreams: C:\ProgramData\TEMP:2C250258
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2D1AE3BE
AlternateDataStreams: C:\ProgramData\TEMP:2D3CB929
AlternateDataStreams: C:\ProgramData\TEMP:2E33E4A6
AlternateDataStreams: C:\ProgramData\TEMP:2E3F04BC
AlternateDataStreams: C:\ProgramData\TEMP:2F360FB3
AlternateDataStreams: C:\ProgramData\TEMP:2F474C84
AlternateDataStreams: C:\ProgramData\TEMP:2F8138B7
AlternateDataStreams: C:\ProgramData\TEMP:31C9BA96
AlternateDataStreams: C:\ProgramData\TEMP:32289BE8
AlternateDataStreams: C:\ProgramData\TEMP:329BA65B
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4
AlternateDataStreams: C:\ProgramData\TEMP:363E775E
AlternateDataStreams: C:\ProgramData\TEMP:36FFA2FB
AlternateDataStreams: C:\ProgramData\TEMP:371060CE
AlternateDataStreams: C:\ProgramData\TEMP:37C279BE
AlternateDataStreams: C:\ProgramData\TEMP:3969ACF7
AlternateDataStreams: C:\ProgramData\TEMP:3ABC38E6
AlternateDataStreams: C:\ProgramData\TEMP:3B454A5C
AlternateDataStreams: C:\ProgramData\TEMP:3DB6F365
AlternateDataStreams: C:\ProgramData\TEMP:3E200C29
AlternateDataStreams: C:\ProgramData\TEMP:3EC5BC08
AlternateDataStreams: C:\ProgramData\TEMP:3F266659
AlternateDataStreams: C:\ProgramData\TEMP:401CAF8F
AlternateDataStreams: C:\ProgramData\TEMP:40EE25BB
AlternateDataStreams: C:\ProgramData\TEMP:43301D1D
AlternateDataStreams: C:\ProgramData\TEMP:43CBFAB2
AlternateDataStreams: C:\ProgramData\TEMP:43F5FA9D
AlternateDataStreams: C:\ProgramData\TEMP:45912F61
AlternateDataStreams: C:\ProgramData\TEMP:45F3AD49
AlternateDataStreams: C:\ProgramData\TEMP:460638C7
AlternateDataStreams: C:\ProgramData\TEMP:46283136
AlternateDataStreams: C:\ProgramData\TEMP:48862C37
AlternateDataStreams: C:\ProgramData\TEMP:48BCFDB6
AlternateDataStreams: C:\ProgramData\TEMP:491270B8
AlternateDataStreams: C:\ProgramData\TEMP:4A8EB1C4
AlternateDataStreams: C:\ProgramData\TEMP:4C6F9D77
AlternateDataStreams: C:\ProgramData\TEMP:4C9782FB
AlternateDataStreams: C:\ProgramData\TEMP:4D551822
AlternateDataStreams: C:\ProgramData\TEMP:4D8FCBEF
AlternateDataStreams: C:\ProgramData\TEMP:4DDE401B
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:4EE95FE7
AlternateDataStreams: C:\ProgramData\TEMP:4F7FE589
AlternateDataStreams: C:\ProgramData\TEMP:4F852702
AlternateDataStreams: C:\ProgramData\TEMP:4FE30352
AlternateDataStreams: C:\ProgramData\TEMP:5080697C
AlternateDataStreams: C:\ProgramData\TEMP:512E1728
AlternateDataStreams: C:\ProgramData\TEMP:5133A494
AlternateDataStreams: C:\ProgramData\TEMP:5164A01F
AlternateDataStreams: C:\ProgramData\TEMP:517EFA90
AlternateDataStreams: C:\ProgramData\TEMP:51E66512
AlternateDataStreams: C:\ProgramData\TEMP:51F17BB8
AlternateDataStreams: C:\ProgramData\TEMP:52641FBE
AlternateDataStreams: C:\ProgramData\TEMP:53BA2DF6
AlternateDataStreams: C:\ProgramData\TEMP:53F09A92
AlternateDataStreams: C:\ProgramData\TEMP:54403233
AlternateDataStreams: C:\ProgramData\TEMP:5453E5AF
AlternateDataStreams: C:\ProgramData\TEMP:553056F1
AlternateDataStreams: C:\ProgramData\TEMP:5539129F
AlternateDataStreams: C:\ProgramData\TEMP:561B1D2B
AlternateDataStreams: C:\ProgramData\TEMP:57176330
AlternateDataStreams: C:\ProgramData\TEMP:574F975B
AlternateDataStreams: C:\ProgramData\TEMP:57B374AB
AlternateDataStreams: C:\ProgramData\TEMP:583FE1DA
AlternateDataStreams: C:\ProgramData\TEMP:587F3582
AlternateDataStreams: C:\ProgramData\TEMP:59465B40
AlternateDataStreams: C:\ProgramData\TEMP:59540531
AlternateDataStreams: C:\ProgramData\TEMP:598E0FFA
AlternateDataStreams: C:\ProgramData\TEMP:5A068EE1
AlternateDataStreams: C:\ProgramData\TEMP:5A2E8BBF
AlternateDataStreams: C:\ProgramData\TEMP:5A9F1AE5
AlternateDataStreams: C:\ProgramData\TEMP:5C5F2761
AlternateDataStreams: C:\ProgramData\TEMP:5E73E1C2
AlternateDataStreams: C:\ProgramData\TEMP:5F56E7C1
AlternateDataStreams: C:\ProgramData\TEMP:5FC043A8
AlternateDataStreams: C:\ProgramData\TEMP:5FD47318
AlternateDataStreams: C:\ProgramData\TEMP:60E755E6
AlternateDataStreams: C:\ProgramData\TEMP:62AF94A0
AlternateDataStreams: C:\ProgramData\TEMP:64170090
AlternateDataStreams: C:\ProgramData\TEMP:66FC2E6F
AlternateDataStreams: C:\ProgramData\TEMP:69AF9D20
AlternateDataStreams: C:\ProgramData\TEMP:6AF6BB0E
AlternateDataStreams: C:\ProgramData\TEMP:6B709AD7
AlternateDataStreams: C:\ProgramData\TEMP:6B7447D4
AlternateDataStreams: C:\ProgramData\TEMP:6DD124E2
AlternateDataStreams: C:\ProgramData\TEMP:6E2D80C8
AlternateDataStreams: C:\ProgramData\TEMP:6E65510A
AlternateDataStreams: C:\ProgramData\TEMP:6ED8B881
AlternateDataStreams: C:\ProgramData\TEMP:6EE8565A
AlternateDataStreams: C:\ProgramData\TEMP:6EFFF8B9
AlternateDataStreams: C:\ProgramData\TEMP:6FF14C72
AlternateDataStreams: C:\ProgramData\TEMP:702A7F20
AlternateDataStreams: C:\ProgramData\TEMP:70989864
AlternateDataStreams: C:\ProgramData\TEMP:710768C7
AlternateDataStreams: C:\ProgramData\TEMP:71612023
AlternateDataStreams: C:\ProgramData\TEMP:7254CF01
AlternateDataStreams: C:\ProgramData\TEMP:72A1B66A
AlternateDataStreams: C:\ProgramData\TEMP:737160C1
AlternateDataStreams: C:\ProgramData\TEMP:754E278B
AlternateDataStreams: C:\ProgramData\TEMP:762408BA
AlternateDataStreams: C:\ProgramData\TEMP:769BB147
AlternateDataStreams: C:\ProgramData\TEMP:774C075A
AlternateDataStreams: C:\ProgramData\TEMP:77B64C59
AlternateDataStreams: C:\ProgramData\TEMP:78E0DF72
AlternateDataStreams: C:\ProgramData\TEMP:795F6DEC
AlternateDataStreams: C:\ProgramData\TEMP:79875988
AlternateDataStreams: C:\ProgramData\TEMP:7A032A04
AlternateDataStreams: C:\ProgramData\TEMP:7ADB695A
AlternateDataStreams: C:\ProgramData\TEMP:7B52659E
AlternateDataStreams: C:\ProgramData\TEMP:7BB20DE8
AlternateDataStreams: C:\ProgramData\TEMP:7BFAAE70
AlternateDataStreams: C:\ProgramData\TEMP:7C8AA9A6
AlternateDataStreams: C:\ProgramData\TEMP:7D9B1030
AlternateDataStreams: C:\ProgramData\TEMP:7DC5D762
AlternateDataStreams: C:\ProgramData\TEMP:7E0B06B5
AlternateDataStreams: C:\ProgramData\TEMP:7EB93F0E
AlternateDataStreams: C:\ProgramData\TEMP:7FD60FAD
AlternateDataStreams: C:\ProgramData\TEMP:8075370B
AlternateDataStreams: C:\ProgramData\TEMP:80FA23CA
AlternateDataStreams: C:\ProgramData\TEMP:823606DE
AlternateDataStreams: C:\ProgramData\TEMP:834DD57E
AlternateDataStreams: C:\ProgramData\TEMP:848CC150
AlternateDataStreams: C:\ProgramData\TEMP:869C6B4A
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:8855A119
AlternateDataStreams: C:\ProgramData\TEMP:8AE92FD3
AlternateDataStreams: C:\ProgramData\TEMP:8B480195
AlternateDataStreams: C:\ProgramData\TEMP:8BE7A048
AlternateDataStreams: C:\ProgramData\TEMP:8C12CFCD
AlternateDataStreams: C:\ProgramData\TEMP:8E11CC80
AlternateDataStreams: C:\ProgramData\TEMP:905BCB57
AlternateDataStreams: C:\ProgramData\TEMP:90C320E1
AlternateDataStreams: C:\ProgramData\TEMP:9195103F
AlternateDataStreams: C:\ProgramData\TEMP:91A12471
AlternateDataStreams: C:\ProgramData\TEMP:922DA2DB
AlternateDataStreams: C:\ProgramData\TEMP:9254F782
AlternateDataStreams: C:\ProgramData\TEMP:927EC486
AlternateDataStreams: C:\ProgramData\TEMP:9338F136
AlternateDataStreams: C:\ProgramData\TEMP:943971F5
AlternateDataStreams: C:\ProgramData\TEMP:94A31742
AlternateDataStreams: C:\ProgramData\TEMP:94B25DF5
AlternateDataStreams: C:\ProgramData\TEMP:94B46CA2
AlternateDataStreams: C:\ProgramData\TEMP:95198126
AlternateDataStreams: C:\ProgramData\TEMP:952245B1
AlternateDataStreams: C:\ProgramData\TEMP:9603033A
AlternateDataStreams: C:\ProgramData\TEMP:961B84C5
AlternateDataStreams: C:\ProgramData\TEMP:96AFAB10
AlternateDataStreams: C:\ProgramData\TEMP:9720EBEF
AlternateDataStreams: C:\ProgramData\TEMP:97C4F81F
AlternateDataStreams: C:\ProgramData\TEMP:98CD9221
AlternateDataStreams: C:\ProgramData\TEMP:98DFF516
AlternateDataStreams: C:\ProgramData\TEMP:99515FFA
AlternateDataStreams: C:\ProgramData\TEMP:9968F0E2
AlternateDataStreams: C:\ProgramData\TEMP:9BB8C675
AlternateDataStreams: C:\ProgramData\TEMP:9C7A32BB
AlternateDataStreams: C:\ProgramData\TEMP:9E05DEB0
AlternateDataStreams: C:\ProgramData\TEMP:9E3E060F
AlternateDataStreams: C:\ProgramData\TEMP:9EDA68BD
AlternateDataStreams: C:\ProgramData\TEMP:9F3CEEE6
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE
AlternateDataStreams: C:\ProgramData\TEMP:A0921B2C
AlternateDataStreams: C:\ProgramData\TEMP:A4076A3B
AlternateDataStreams: C:\ProgramData\TEMP:A4241298
AlternateDataStreams: C:\ProgramData\TEMP:A42FABF7
AlternateDataStreams: C:\ProgramData\TEMP:A4AF8D0D
AlternateDataStreams: C:\ProgramData\TEMP:A4E7D25F
AlternateDataStreams: C:\ProgramData\TEMP:A6345BDA
AlternateDataStreams: C:\ProgramData\TEMP:A6D6E537
AlternateDataStreams: C:\ProgramData\TEMP:A6D89509
AlternateDataStreams: C:\ProgramData\TEMP:A6F30843
AlternateDataStreams: C:\ProgramData\TEMP:A73595DE
AlternateDataStreams: C:\ProgramData\TEMP:A76A1B1B
AlternateDataStreams: C:\ProgramData\TEMP:A798AA1A
AlternateDataStreams: C:\ProgramData\TEMP:A8185163
AlternateDataStreams: C:\ProgramData\TEMP:A819A132
AlternateDataStreams: C:\ProgramData\TEMP:A88BE334
AlternateDataStreams: C:\ProgramData\TEMP:A900C3A3
AlternateDataStreams: C:\ProgramData\TEMP:A9056F42
AlternateDataStreams: C:\ProgramData\TEMP:A9223B61
AlternateDataStreams: C:\ProgramData\TEMP:A9562832
AlternateDataStreams: C:\ProgramData\TEMP:A9ABA3FF
AlternateDataStreams: C:\ProgramData\TEMP:AAA06E15
AlternateDataStreams: C:\ProgramData\TEMP:AC95B5ED
AlternateDataStreams: C:\ProgramData\TEMP:AC9F291E
AlternateDataStreams: C:\ProgramData\TEMP:AD020DC3
AlternateDataStreams: C:\ProgramData\TEMP:AECF4772
AlternateDataStreams: C:\ProgramData\TEMP:AED33A42
AlternateDataStreams: C:\ProgramData\TEMP:AED4A2B7
AlternateDataStreams: C:\ProgramData\TEMP:B0A727D1
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B3C7433B
AlternateDataStreams: C:\ProgramData\TEMP:B4F0E275
AlternateDataStreams: C:\ProgramData\TEMP:B504E4C2
AlternateDataStreams: C:\ProgramData\TEMP:B61767F5
AlternateDataStreams: C:\ProgramData\TEMP:B6E58523
AlternateDataStreams: C:\ProgramData\TEMP:B6E6C4EA
AlternateDataStreams: C:\ProgramData\TEMP:B8791731
AlternateDataStreams: C:\ProgramData\TEMP:BACC4A79
AlternateDataStreams: C:\ProgramData\TEMP:BACD3198
AlternateDataStreams: C:\ProgramData\TEMP:BBC9C1EB
AlternateDataStreams: C:\ProgramData\TEMP:BD27B7FC
AlternateDataStreams: C:\ProgramData\TEMP:BD34FFC5
AlternateDataStreams: C:\ProgramData\TEMP:BD414E4B
AlternateDataStreams: C:\ProgramData\TEMP:BD50071F
AlternateDataStreams: C:\ProgramData\TEMP:BE40C8A2
AlternateDataStreams: C:\ProgramData\TEMP:BEE39E9B
AlternateDataStreams: C:\ProgramData\TEMP:BEF18713
AlternateDataStreams: C:\ProgramData\TEMP:BF6C81B2
AlternateDataStreams: C:\ProgramData\TEMP:C07A6A6B
AlternateDataStreams: C:\ProgramData\TEMP:C0BCE04B
AlternateDataStreams: C:\ProgramData\TEMP:C178954A
AlternateDataStreams: C:\ProgramData\TEMP:C22674B6
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C30487EE
AlternateDataStreams: C:\ProgramData\TEMP:C36B1175
AlternateDataStreams: C:\ProgramData\TEMP:C370B84F
AlternateDataStreams: C:\ProgramData\TEMP:C37283B5
AlternateDataStreams: C:\ProgramData\TEMP:C3A047E3
AlternateDataStreams: C:\ProgramData\TEMP:C48905F4
AlternateDataStreams: C:\ProgramData\TEMP:C48A983C
AlternateDataStreams: C:\ProgramData\TEMP:C49A5AD1
AlternateDataStreams: C:\ProgramData\TEMP:C6104C4F
AlternateDataStreams: C:\ProgramData\TEMP:C6920A5D
AlternateDataStreams: C:\ProgramData\TEMP:C82CA1C0
AlternateDataStreams: C:\ProgramData\TEMP:C8E3A625
AlternateDataStreams: C:\ProgramData\TEMP:C900B47A
AlternateDataStreams: C:\ProgramData\TEMP:C9B27A06
AlternateDataStreams: C:\ProgramData\TEMP:CA7E8F16
AlternateDataStreams: C:\ProgramData\TEMP:CAC06C34
AlternateDataStreams: C:\ProgramData\TEMP:CB8C8B5D
AlternateDataStreams: C:\ProgramData\TEMP:CBAF0C30
AlternateDataStreams: C:\ProgramData\TEMP:CCB49694
AlternateDataStreams: C:\ProgramData\TEMP:CE3AADB7
AlternateDataStreams: C:\ProgramData\TEMP:CE506F23
AlternateDataStreams: C:\ProgramData\TEMP:D026A5A4
AlternateDataStreams: C:\ProgramData\TEMP:D086B88D
AlternateDataStreams: C:\ProgramData\TEMP:D1FE35E7
AlternateDataStreams: C:\ProgramData\TEMP:D4558A0B
AlternateDataStreams: C:\ProgramData\TEMP:D4DD372D
AlternateDataStreams: C:\ProgramData\TEMP:D5BF78B4
AlternateDataStreams: C:\ProgramData\TEMP:D6D084A5
AlternateDataStreams: C:\ProgramData\TEMP:D7D0B4AF
AlternateDataStreams: C:\ProgramData\TEMP:D8A1AC56
AlternateDataStreams: C:\ProgramData\TEMP:D9656460
AlternateDataStreams: C:\ProgramData\TEMP:D987CB43
AlternateDataStreams: C:\ProgramData\TEMP:D9F34335
AlternateDataStreams: C:\ProgramData\TEMP:DBEF355E
AlternateDataStreams: C:\ProgramData\TEMP:DD04902E
AlternateDataStreams: C:\ProgramData\TEMP:DE875C30
AlternateDataStreams: C:\ProgramData\TEMP:DF0BC727
AlternateDataStreams: C:\ProgramData\TEMP:DF5ABA3D
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E11D90D0
AlternateDataStreams: C:\ProgramData\TEMP:E153075C
AlternateDataStreams: C:\ProgramData\TEMP:E31EDFDE
AlternateDataStreams: C:\ProgramData\TEMP:E402E439
AlternateDataStreams: C:\ProgramData\TEMP:E40AB54F
AlternateDataStreams: C:\ProgramData\TEMP:E47BBD7B
AlternateDataStreams: C:\ProgramData\TEMP:E4E83517
AlternateDataStreams: C:\ProgramData\TEMP:E4EE99EF
AlternateDataStreams: C:\ProgramData\TEMP:E51234A9
AlternateDataStreams: C:\ProgramData\TEMP:E5496666
AlternateDataStreams: C:\ProgramData\TEMP:E5AF754F
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:E690114B
AlternateDataStreams: C:\ProgramData\TEMP:E6BEADB7
AlternateDataStreams: C:\ProgramData\TEMP:E87AB4E3
AlternateDataStreams: C:\ProgramData\TEMP:E894A3ED
AlternateDataStreams: C:\ProgramData\TEMP:E8AEB2BF
AlternateDataStreams: C:\ProgramData\TEMP:E8B61305
AlternateDataStreams: C:\ProgramData\TEMP:E94FA418
AlternateDataStreams: C:\ProgramData\TEMP:EB4FEEF5
AlternateDataStreams: C:\ProgramData\TEMP:ECCE99EF
AlternateDataStreams: C:\ProgramData\TEMP:ED51D3ED
AlternateDataStreams: C:\ProgramData\TEMP:EDC744FB
AlternateDataStreams: C:\ProgramData\TEMP:EE2DD6CC
AlternateDataStreams: C:\ProgramData\TEMP:EE69D7DF
AlternateDataStreams: C:\ProgramData\TEMP:EEB25EAE
AlternateDataStreams: C:\ProgramData\TEMP:EF0BD3A1
AlternateDataStreams: C:\ProgramData\TEMP:F1174C93
AlternateDataStreams: C:\ProgramData\TEMP:F135A76C
AlternateDataStreams: C:\ProgramData\TEMP:F2B81C2E
AlternateDataStreams: C:\ProgramData\TEMP:F33C37D5
AlternateDataStreams: C:\ProgramData\TEMP:F52DB269
AlternateDataStreams: C:\ProgramData\TEMP:F53B274A
AlternateDataStreams: C:\ProgramData\TEMP:F56BE392
AlternateDataStreams: C:\ProgramData\TEMP:F5B51004
AlternateDataStreams: C:\ProgramData\TEMP:F5D01D7C
AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE
AlternateDataStreams: C:\ProgramData\TEMP:F68CB1A4
AlternateDataStreams: C:\ProgramData\TEMP:F6A0889A
AlternateDataStreams: C:\ProgramData\TEMP:F7BF538D
AlternateDataStreams: C:\ProgramData\TEMP:F7FFE8AF
AlternateDataStreams: C:\ProgramData\TEMP:F84B8DB5
AlternateDataStreams: C:\ProgramData\TEMP:F8C2E3B9
AlternateDataStreams: C:\ProgramData\TEMP:F9F58B80
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002
AlternateDataStreams: C:\ProgramData\TEMP:FBD274CF
AlternateDataStreams: C:\ProgramData\TEMP:FC70A22A
AlternateDataStreams: C:\ProgramData\TEMP:FCBEDCFD
AlternateDataStreams: C:\ProgramData\TEMP:FD11E093
AlternateDataStreams: C:\ProgramData\TEMP:FD6D11C9
AlternateDataStreams: C:\ProgramData\TEMP:FD6DB82C
AlternateDataStreams: C:\ProgramData\TEMP:FD786DCA
AlternateDataStreams: C:\ProgramData\TEMP:FD7DCDA6
AlternateDataStreams: C:\ProgramData\TEMP:FDEE14AC
AlternateDataStreams: C:\ProgramData\TEMP:FFC3922F
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/30/2013 03:26:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 07:31:20 PM) (Source: ESENT) (User: )
Description: taskhost (2184) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\sprenger\AppData\Local\Microsoft\Windows\WebCache\V010063F.log.
Error: (10/29/2013 07:21:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 07:20:20 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070017.
Error: (10/29/2013 07:17:29 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070017.
Error: (10/29/2013 07:14:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 00:12:02 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start
Error: (10/29/2013 00:06:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 11:58:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BingBar.exe, Version: 7.3.107.0, Zeitstempel: 0x52214f7a
Name des fehlerhaften Moduls: BingBar.exe, Version: 7.3.107.0, Zeitstempel: 0x52214f7a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003ea14
ID des fehlerhaften Prozesses: 0x16cc
Startzeit der fehlerhaften Anwendung: 0xBingBar.exe0
Pfad der fehlerhaften Anwendung: BingBar.exe1
Pfad des fehlerhaften Moduls: BingBar.exe2
Berichtskennung: BingBar.exe3
Error: (10/29/2013 11:58:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/30/2013 03:42:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:42:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/30/2013 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (10/30/2013 03:26:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 07:31:20 PM) (Source: ESENT)(User: )
Description: taskhost2184WebCacheLocal: C:\Users\sprenger\AppData\Local\Microsoft\Windows\WebCache\V010063F.log-1811
Error: (10/29/2013 07:21:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 07:20:20 PM) (Source: System Restore)(User: )
Description: Windows Update0x80070017
Error: (10/29/2013 07:17:29 PM) (Source: System Restore)(User: )
Description: Windows Update0x80070017
Error: (10/29/2013 07:14:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 00:12:02 PM) (Source: ATIeRecord)(User: )
Description:
Error: (10/29/2013 00:06:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 11:58:57 AM) (Source: Application Error)(User: )
Description: BingBar.exe7.3.107.052214f7aBingBar.exe7.3.107.052214f7ac00000050003ea1416cc01ced495c50aebf0C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingBar.exeC:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingBar.exe1b449ed0-4089-11e3-aae5-f46d04919ee9
Error: (10/29/2013 11:58:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 4095.23 MB
Available physical RAM: 3273.61 MB
Total Pagefile: 8188.63 MB
Available Pagefile: 7415.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.74 MB
==================== Drives ================================
Drive c: (Windows7) (Fixed) (Total:1397.17 GB) (Free:1331.2 GB) NTFS
Drive d: (BROTHERHOOD) (CDROM) (Total:5.64 GB) (Free:0 GB) UDF
Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:701.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: EFF19647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-698827669504) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 00053470)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-30 16:06:25
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000005f WDC_WD15 rev.51.0 1397,27GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\sprenger\AppData\Local\Temp\awddrpow.sys
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [2864:2944] 000007fef4439688
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158307ce46
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158307ce46@0021ab870ffc 0xB4 0xCD 0xBD 0xC6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158307ce46@a87b39e82a15 0x93 0xDE 0xBF 0x30 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158307ce46@ace87b95d5d2 0x55 0x81 0xD6 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158307ce46@303855bd22c6 0xBA 0x0D 0x67 0x0A ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158307ce46 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158307ce46@0021ab870ffc 0xB4 0xCD 0xBD 0xC6 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158307ce46@a87b39e82a15 0x93 0xDE 0xBF 0x30 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158307ce46@ace87b95d5d2 0x55 0x81 0xD6 0x2D ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158307ce46@303855bd22c6 0xBA 0x0D 0x67 0x0A ...
---- EOF - GMER 2.1 ----
|
| Themen zu Windows 7; BKA-Virus; wie bekomme ich es los? |
| agency, antivir, antivirus, avira, bingbar, browser, chrome extension, converter, error, failed, farbar, farbar recovery scan tool, firefox, flash player, gereinigt, google, helper, home, homepage, mozilla, mp3, newtab, nicht möglich, object, pdfforge toolbar, plug-in, registry, scan, secrets, security, software, starten, svchost.exe, virus, windows, windows xp |
Baum-Darstellung