Hallo liebe Trojaner-Boardler,
und zwar wurde mein Pc auffallend langsam und es öffneten sich vermehrt fragwürdige Popups.
Sophos Antivirus und
SUPERAntiSpyware konnten nichts finden....
Also habe ich AntiMalwarebytes benutzt was auch einiges gefunden hat, aber das Problem nicht lösen konnte. Auch SophosVirusRemoval und KaserperskyVirusRemvoal Tool konnten nichts finden.
Eset Online Scanner hat dann endlich einiges gefunden und auch die Probleme gelöst....
Allerdings ist mir heute aufgefallen, dass die CPU-Auslaustung permanent über 45% liegt, was anscheinend an svchost.exe liegt.
Defogger:
Code:
Alles auswählen Aufklappen ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:18 on 19/12/2013 (Sven)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 05
Ran by Sven (administrator) on SVEN-LAPTOP on 19-12-2013 15:19:20
Running from C:\Users\Sven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(TeamViewer GmbH) D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Josip Medved) D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe
(Juniper Networks, Inc.) C:\Users\Sven\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) D:\Programme\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-10-08] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Sven\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6562584 2013-12-17] (SUPERAntiSpyware)
MountPoints2: {2bdd528a-51a2-11e2-afd2-b870f4a79856} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295744 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe [900160 2012-12-05] (Sophos Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - "D:\Programme\avast\AvastUI.exe" /nogui
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [20131121] - D:\Programme\avast\setup\emupdate\3893ed93-022f-4200-b602-0bfc7dc3e7fd.exe /check
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [218256 2012-12-05] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL [221840 2012-12-05] (Sophos Limited)
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.129.28.9 192.129.27.9
Tcpip\..\Interfaces\{1DA15487-6B00-4BCF-BC25-8F503F330EAE}: [NameServer]192.129.28.9 10.11.0.9
Tcpip\..\Interfaces\{D5056649-9BF4-4246-BBAA-70EFEA6D0FF4}: [NameServer]192.129.28.9 10.11.0.9
FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Flash and Video Download - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: Embedded Objects - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\firefox@red-cog.com.xpi
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.facebook.com/", "hxxp://www.hs-coburg.de/"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Pushbullet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd\11_0
CHR Extension: (Weebly - Website Builder) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0
CHR Extension: (Google Search) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (UNITY Mobile Websites) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\djmhcnaclgamnihgioaciekfkbkeeelm\3.5.0_0
CHR Extension: (MightyText - Send/Receive SMS Text Messages) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi\10.1_0
CHR Extension: (FoxyProxy Standard) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp\2.9_0
CHR Extension: (AdBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (BrowserTexting) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa\1.49_0
CHR Extension: (Session Manager) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.6_0
CHR Extension: (Fiabee HTML5 Viewer) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpodmhlhciagihcjpdggoihakcahf\1.0.0.71_0
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (SiteBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj\0.2.3_0
CHR Extension: (Gmail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2013-09-24] (Connectify)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [216640 2013-01-06] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [139840 2012-12-05] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [232512 2012-12-05] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-12-05] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2869824 2013-01-06] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [1998400 2013-01-06] (Sophos Limited)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-08] (soft Xpansion)
R2 TeamViewer8; D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 VhdAttach; D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe [276376 2013-05-12] (Josip Medved)
==================== Drivers (Whitelisted) ====================
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [35352 2013-10-01] (Connectify)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-08] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [8456 2011-07-29] ()
R3 jnprna; C:\Windows\System32\DRIVERS\jnprna6.sys [518992 2011-10-14] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [26480 2011-10-14] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2011-10-14] (Juniper Networks, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [144672 2012-12-05] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2012-12-05] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2012-12-05] (Sophos Plc)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2013-01-31] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WinRing0_1_2_0; D:\Programme\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-19 15:20 - 2013-12-19 15:20 - 00377856 _____ C:\Users\Sven\Desktop\gmer_2.1.19163.exe
2013-12-19 15:19 - 2013-12-19 15:19 - 00024196 _____ C:\Users\Sven\Desktop\FRST.txt
2013-12-19 15:19 - 2013-12-19 15:19 - 00000000 ____D C:\FRST
2013-12-19 15:18 - 2013-12-19 15:19 - 02192805 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2013-12-19 15:18 - 2013-12-19 15:18 - 00000470 _____ C:\Users\Sven\Desktop\defogger_disable.log
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 15:16 - 2013-12-19 15:16 - 00050477 _____ C:\Users\Sven\Desktop\Defogger.exe
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:45 - 2013-12-19 14:45 - 00350080 _____ (AVAST Software) C:\Users\Sven\Desktop\avastclear_9.0.2007.exe
2013-12-19 14:09 - 2013-12-19 14:35 - 442725258 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_02-15_pro7_40_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:09 - 2013-12-19 14:29 - 420275960 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_01-25_pro7_50_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-18 23:26 - 2013-12-18 23:26 - 00400076 _____ C:\Users\Sven\Desktop\stwk1 (1).zip
2013-12-18 23:26 - 2013-12-18 23:26 - 00218346 _____ C:\Users\Sven\Desktop\st2-90m.zip
2013-12-18 23:25 - 2013-12-18 23:26 - 00400076 _____ C:\Users\Sven\Desktop\stwk1.zip
2013-12-18 23:24 - 2013-12-18 23:24 - 00000962 _____ C:\Users\Sven\Desktop\links.txt
2013-12-18 23:21 - 2013-12-18 23:22 - 367268614 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 23:00 - 2013-12-18 23:01 - 440475348 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Desktop\JRT.txt
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:04 - 2013-12-18 21:04 - 02347384 _____ (ESET) C:\Users\Sven\Desktop\esetsmartinstaller_deu.exe
2013-12-18 21:03 - 2013-12-18 21:03 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Sven\Desktop\rkill.com
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:56 - 2013-12-19 14:52 - 00000168 _____ C:\Windows\setupact.log
2013-12-18 20:56 - 2013-12-18 20:56 - 00000324 _____ C:\Windows\PFRO.log
2013-12-18 20:56 - 2013-12-18 20:56 - 00000000 _____ C:\Windows\setuperr.log
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Desktop\OptiFine 1.6.4.jar
2013-12-18 18:06 - 2013-12-18 19:05 - 00015251 _____ C:\Users\Sven\Desktop\tabelle Kerbschlag.xlsx
2013-12-18 17:28 - 2013-12-18 17:28 - 00000043 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:07 - 2013-12-18 17:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Desktop\OptiFine_1.6.2.zip
2013-12-18 15:59 - 2013-12-18 15:59 - 01034531 _____ (Thisisu) C:\Users\Sven\Desktop\JRT_6.0.8.exe
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:23 - 2013-12-19 13:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-18 13:20 - 2013-12-18 13:28 - 130229176 _____ C:\Users\Sven\Desktop\setup_11.0.1.1245.x01_2013_12_16_15_35.exe
2013-12-17 21:52 - 2013-12-17 21:53 - 00000000 ____D C:\Users\Sven\Desktop\CamScanner
2013-12-17 21:03 - 2013-12-17 21:03 - 00001780 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-17 21:02 - 2013-12-17 21:02 - 00001121 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:49 - 2013-12-17 19:55 - 139245339 _____ C:\Users\Sven\Desktop\cm-9.1.0-tf201.zip
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-11 19:25 - 2013-12-11 19:24 - 00259373 _____ C:\Users\Sven\Desktop\CaxUe2-PiSv1100.zip
2013-12-11 13:57 - 2013-12-12 21:34 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-04 12:05 - 2013-12-04 12:07 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk
2013-11-25 21:42 - 2013-11-25 21:42 - 00000804 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\VHD Attach.lnk
2013-11-25 21:36 - 2013-11-25 21:37 - 00000000 ____D C:\scripts
2013-11-21 22:44 - 2013-11-25 20:57 - 00000000 ____D C:\Users\Sven\AppData\Local\BEETmobile
==================== One Month Modified Files and Folders =======
2013-12-19 15:20 - 2013-12-19 15:20 - 00377856 _____ C:\Users\Sven\Desktop\gmer_2.1.19163.exe
2013-12-19 15:19 - 2013-12-19 15:19 - 00024196 _____ C:\Users\Sven\Desktop\FRST.txt
2013-12-19 15:19 - 2013-12-19 15:19 - 00000000 ____D C:\FRST
2013-12-19 15:19 - 2013-12-19 15:18 - 02192805 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2013-12-19 15:18 - 2013-12-19 15:18 - 00000470 _____ C:\Users\Sven\Desktop\defogger_disable.log
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 15:18 - 2012-12-05 01:02 - 00000000 ____D C:\Users\Sven
2013-12-19 15:16 - 2013-12-19 15:16 - 00050477 _____ C:\Users\Sven\Desktop\Defogger.exe
2013-12-19 15:15 - 2012-12-05 20:37 - 00007617 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-19 15:03 - 2013-02-20 15:07 - 00000000 ____D C:\Users\Sven\AppData\Roaming\vlc
2013-12-19 15:03 - 2013-01-27 00:50 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-19 15:02 - 2012-12-05 15:59 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Dropbox
2013-12-19 15:01 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-19 15:01 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-19 14:57 - 2012-12-05 00:06 - 01554792 _____ C:\Windows\WindowsUpdate.log
2013-12-19 14:56 - 2012-12-05 15:59 - 00000000 ___RD C:\Users\Sven\Google Drive
2013-12-19 14:55 - 2013-10-30 19:27 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-19 14:55 - 2012-12-05 16:01 - 00000000 ___RD C:\Users\Sven\Dropbox
2013-12-19 14:53 - 2012-12-05 14:58 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-19 14:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-19 14:52 - 2013-12-18 20:56 - 00000168 _____ C:\Windows\setupact.log
2013-12-19 14:52 - 2013-10-27 15:30 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:45 - 2013-12-19 14:45 - 00350080 _____ (AVAST Software) C:\Users\Sven\Desktop\avastclear_9.0.2007.exe
2013-12-19 14:42 - 2013-10-17 19:37 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA.job
2013-12-19 14:35 - 2013-12-19 14:09 - 442725258 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_02-15_pro7_40_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:29 - 2013-12-19 14:09 - 420275960 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_01-25_pro7_50_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:22 - 2012-12-05 14:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-19 14:03 - 2013-11-13 16:18 - 00004144 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-19 13:56 - 2013-12-18 13:23 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 23:26 - 2013-12-18 23:26 - 00400076 _____ C:\Users\Sven\Desktop\stwk1 (1).zip
2013-12-18 23:26 - 2013-12-18 23:26 - 00218346 _____ C:\Users\Sven\Desktop\st2-90m.zip
2013-12-18 23:26 - 2013-12-18 23:25 - 00400076 _____ C:\Users\Sven\Desktop\stwk1.zip
2013-12-18 23:24 - 2013-12-18 23:24 - 00000962 _____ C:\Users\Sven\Desktop\links.txt
2013-12-18 23:22 - 2013-12-18 23:21 - 367268614 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 23:01 - 2013-12-18 23:00 - 440475348 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 22:35 - 2012-12-04 14:46 - 00000000 ____D C:\Users\Sven\Documents\mofa
2013-12-18 22:11 - 2012-12-05 08:59 - 00700800 _____ C:\Windows\system32\perfh007.dat
2013-12-18 22:11 - 2012-12-05 08:59 - 00149668 _____ C:\Windows\system32\perfc007.dat
2013-12-18 22:11 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Desktop\JRT.txt
2013-12-18 21:13 - 2013-07-30 02:11 - 00000000 _____ C:\Windows\system32\vireng.log
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:04 - 2013-12-18 21:04 - 02347384 _____ (ESET) C:\Users\Sven\Desktop\esetsmartinstaller_deu.exe
2013-12-18 21:03 - 2013-12-18 21:03 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Sven\Desktop\rkill.com
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:56 - 2013-12-18 20:56 - 00000324 _____ C:\Windows\PFRO.log
2013-12-18 20:56 - 2013-12-18 20:56 - 00000000 _____ C:\Windows\setuperr.log
2013-12-18 20:42 - 2013-10-17 19:37 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core.job
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Desktop\OptiFine 1.6.4.jar
2013-12-18 19:05 - 2013-12-18 18:06 - 00015251 _____ C:\Users\Sven\Desktop\tabelle Kerbschlag.xlsx
2013-12-18 17:36 - 2013-01-06 02:08 - 00000000 ____D C:\Users\Sven\AppData\Local\CrashDumps
2013-12-18 17:28 - 2013-12-18 17:28 - 00000043 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:06 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Desktop\OptiFine_1.6.2.zip
2013-12-18 16:05 - 2012-12-05 01:04 - 00000000 ___RD C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 16:01 - 2013-11-05 16:34 - 00000000 ____D C:\AdwCleaner
2013-12-18 15:59 - 2013-12-18 15:59 - 01034531 _____ (Thisisu) C:\Users\Sven\Desktop\JRT_6.0.8.exe
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 15:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:28 - 2013-12-18 13:20 - 130229176 _____ C:\Users\Sven\Desktop\setup_11.0.1.1245.x01_2013_12_16_15_35.exe
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-17 21:53 - 2013-12-17 21:52 - 00000000 ____D C:\Users\Sven\Desktop\CamScanner
2013-12-17 21:03 - 2013-12-17 21:03 - 00001780 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-17 21:02 - 2013-12-17 21:02 - 00001121 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:55 - 2013-12-17 19:49 - 139245339 _____ C:\Users\Sven\Desktop\cm-9.1.0-tf201.zip
2013-12-16 22:13 - 2011-05-31 10:44 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-13 00:17 - 2012-12-05 14:58 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-13 00:17 - 2012-12-05 14:58 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-12 22:39 - 2012-12-05 21:02 - 00000000 ____D C:\ProgramData\IObit
2013-12-12 21:34 - 2013-12-11 13:57 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-11 19:24 - 2013-12-11 19:25 - 00259373 _____ C:\Users\Sven\Desktop\CaxUe2-PiSv1100.zip
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-10 20:11 - 2013-02-27 15:04 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-10 18:42 - 2013-02-27 15:04 - 00000000 ____D C:\Users\Sven\AppData\Roaming\MediaMonkey
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-05 11:41 - 2009-07-14 06:08 - 00026318 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-04 12:07 - 2013-12-04 12:05 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk
2013-11-28 13:44 - 2012-12-05 01:05 - 00000000 ____D C:\Users\Sven\AppData\Local\Adobe
2013-11-26 20:56 - 2013-10-23 17:24 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-26 20:55 - 2013-10-27 15:39 - 00000000 ____D C:\Users\Sven\AppData\Local\Microsoft Help
2013-11-25 21:42 - 2013-11-25 21:42 - 00000804 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\VHD Attach.lnk
2013-11-25 21:37 - 2013-11-25 21:36 - 00000000 ____D C:\scripts
2013-11-25 20:57 - 2013-11-21 22:44 - 00000000 ____D C:\Users\Sven\AppData\Local\BEETmobile
2013-11-20 21:11 - 2013-02-01 18:08 - 00000000 ____D C:\Windows\pss
Some content of TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-03 12:03
==================== End Of Log ============================
Addition:
Code:
Alles auswählen Aufklappen ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-12-2013 05
Ran by Sven at 2013-12-19 15:20:35
Running from C:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Sophos Anti-Virus (Enabled - Up to date) {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Sophos Anti-Virus (Enabled - Up to date) {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32)
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.3.9130)
Adobe Community Help (x32 Version: 3.2.1)
Adobe Community Help (x32 Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Photoshop Elements 9 (x32 Version: 9.0)
Adobe Premiere Elements 9 (x32 Version: 9.0)
Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5)
Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95)
Backup Manager V3 (x32 Version: 3.0.0.90)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2)
Cartes du Ciel V3.8 (x32)
CCleaner (Version: 3.25)
CDBurnerXP (x32 Version: 4.4.2.3442)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6021.5000)
Connectify (Version: 7.0.0.28979)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95)
CyberLink MediaEspresso (x32 Version: 6.5.1615_36053b)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
Dropbox (HKCU Version: 2.0.22)
EASEUS Partition Master 9.1.1 Home Edition (x32)
Elements 9 Organizer (x32 Version: 9.0)
Elements STI Installer (x32 Version: 1.0)
ESET Online Scanner v3 (x32)
ETDWare PS/2-X64 8.0.6.0_WHQL (Version: 8.0.6.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FATE (x32 Version: 2.2.0.95)
ffdshow v1.1.3800 [2011-03-28] (x32 Version: 1.1.3800.0)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Free YouTube to MP3 Converter version 3.12.8.717 (x32 Version: 3.12.8.717)
FreeMat (x32 Version: 4.2)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Game Booster 3 (x32 Version: 3.4)
GNU Octave 2.1.50 (x32)
Google Chrome (x32 Version: 31.0.1650.63)
Google Drive (x32 Version: 1.13.5782.599)
Google Update Helper (x32 Version: 1.3.22.3)
Guild Wars 2 (x32)
Identity Card (x32 Version: 1.00.3006)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2372)
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046)
Java 7 Update 21 (x32 Version: 7.0.210)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
John Deere Drive Green (x32 Version: 2.2.0.95)
Juniper Installer Service (x32 Version: 7.1.0.19757)
Juniper Networks, Inc. Setup Client (HKCU Version: 7.1.5.14305)
Juniper Networks, Inc. Setup Client Activex Control (x32 Version: 2.1.1.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Junos Pulse (Version: 2.1.14305)
Junos Pulse 2.1 (x32 Version: 2.1.14305)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Metro 2033 (x32)
Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme (x32 Version: 12.0.4518.1014)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6215.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 18.0.1 (x86 de) (x32 Version: 18.0.1)
Mozilla Firefox 25.0.1 (x86 de) (HKCU Version: 25.0.1)
Mozilla Thunderbird 17.0 (x86 de) (x32 Version: 17.0)
Mozilla Thunderbird 24.1.0 (x86 de) (HKCU Version: 24.1.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Nero Control Center 10 (x32 Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Core Components 10 (x32 Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (x32 Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Express 10 (x32 Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10300)
Nero StartSmart 10 (x32 Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Update (x32 Version: 1.0.0018)
Notepad++ (x32 Version: 6.5)
NVIDIA Grafiktreiber 268.00 (Version: 268.00)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA PhysX (x32 Version: 9.10.0514)
NVIDIA Systemsteuerung 268.00 (Version: 268.00)
NVIDIA Update Components (Version: 1.0.21)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
Packard Bell Games (x32 Version: 1.0.2.4)
Packard Bell MyBackup (x32 Version: 3.0.0.90)
Packard Bell Power Management (x32 Version: 6.00.3007)
Packard Bell Recovery Management (x32 Version: 5.00.3004)
Packard Bell Registration (x32 Version: 1.04.3501)
Packard Bell ScreenSaver (x32 Version: 1.1.0811.2010)
Packard Bell Social Networks (x32 Version: 2.0.2913)
Packard Bell Updater (x32 Version: 1.02.3500)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Bowler (x32 Version: 2.2.0.95)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
PS3 Xploder Ultimate Edition (x32)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6329)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0)
Samsung Kies (x32 Version: 2.5.2.13021_10)
Samsung ML-1640 Series (x32)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)
scilab-5.4.1 (64-bit)
Shutdown Timer (x32 Version: 3.1)
Siemens NX 8.5 (Version: 8.5.0.23)
Slingo Deluxe (x32 Version: 2.2.0.95)
Sophos Anti-Virus (x32 Version: 10.0.11)
Sophos Virus Removal Tool (x32 Version: 2.4)
Steam (x32 Version: 1.0.0.0)
Stellarium 0.12.2 (x32 Version: 0.12.2)
SUPERAntiSpyware (Version: 5.7.1012)
TeamViewer 8 (x32 Version: 8.0.22298)
Texmaker (x32)
Torchlight (x32 Version: 2.2.0.95)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Unlocker 1.9.2 (Version: 1.9.2)
Update Installer for WildTangent Games App (x32)
VC8 CRT (Version: 8.0.50727.762)
VHD Attach 3.80 (Version: 3.80)
Video Web Camera (x32 Version: 1.0.1523)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
VLC media player 2.0.5 (Version: 2.0.5)
Web Version 7.0 - February 2007 (No expiration) (x32)
Wedding Dash (x32 Version: 2.2.0.95)
Welcome Center (x32 Version: 1.02.3501)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.3.57)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Windows Utils (x32)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
==================== Restore Points =========================
14-11-2013 15:16:20 Geplanter Prüfpunkt
21-11-2013 21:43:43 Installed BEETmobile
25-11-2013 20:11:34 Gerätetreiber-Paketinstallation: Khalil Azzouzi Netzwerkdienst
25-11-2013 20:39:59 Removed Virtual Router v1.0
25-11-2013 23:28:36 Removed BEETmobile
26-11-2013 19:56:59 Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme wird installiert
09-12-2013 16:00:24 Removed Sophos Anti-Virus
09-12-2013 16:09:35 Removed Sophos Anti-Virus
18-12-2013 16:03:08 Removed Java 7 Update 11 (64-bit)
18-12-2013 16:06:13 Installed Java 7 Update 45 (64-bit)
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-12-19 15:03 - 00000937 ____A C:\Windows\system32\Drivers\etc\hosts
05.12.2013 18:59:56 00000EC4: Started, Log = 1
05.12.2013 18:59:56 00000EC4: Build 9.0.2006
05.12.2013 18:59:56 00000EC4: OS Windows 7 Workstation (Service Pack 1)
05.12.2013 18:59:57 00000EC4: AutoRedirect 1
05.12.2013 18:59:57 00000EC4: POP RedirectPort: 110
05.12.2013 18:59:57 00000EC4: SMTP RedirectPort: 25,587
05.12.2013 18:59:57 00000EC4: IMAP RedirectPort: 143
05.12.2013 18:59:57 00000EC4: NNTP RedirectPort: 119
05.12.2013 18:59:57 00000EC4: POPs RedirectPort: 995
05.12.2013 18:59:57 00000EC4: SMTPs RedirectPort: 465
05.12.2013 18:59:57 00000EC4: IMAPs RedirectPort: 993
05.12.2013 18:59:57 00000EC4: NNTPs RedirectPort: 563
05.12.2013 18:59:57 00000EC4: IgnoreLocalhost 1
05.12.2013 18:59:57 00000EC4: ScanSSL 1
05.12.2013 18:59:57 00000EC4: POP Start: 1
05.12.2013 18:59:57 00000EC4: POP RedirectPort: 110
05.12.2013 18:59:57 00000EC4: SMTP Start: 1
05.12.2013 18:59:57 0
==================== Scheduled Tasks (whitelisted) =============
Task: {093F0EC7-3A23-4875-A605-1EA312B7A0F7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-17] (Facebook Inc.)
Task: {21F83C8D-CF13-41CD-89AD-CDC1C29F523E} - \Plus-HD-3.8-firefoxinstaller No Task File
Task: {22E8E550-14C6-4C37-8B70-49607B786B7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05] (Google Inc.)
Task: {2D44C8D5-1493-4FD0-ABB2-53F895D5E3CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {7389EB03-0EB1-4F14-A528-837D5D81548A} - \Plus-HD-3.8-updater No Task File
Task: {92AAFBFC-6298-4F73-924F-01CAEEBC4AB9} - System32\Tasks\avast! Emergency Update => D:\Programme\avast\AvastEmUpdate.exe
Task: {9D3E7254-941A-4865-A71B-29421223E458} - \Plus-HD-3.8-enabler No Task File
Task: {9E07D57F-FC4E-4700-956B-AC19341E56E5} - \Plus-HD-3.8-codedownloader No Task File
Task: {AC70C8FD-9522-4517-B0CD-A0AB66811136} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-17] (Facebook Inc.)
Task: {C5E64FA7-8F3A-433B-B759-A3612F569B69} - \Plus-HD-3.8-chromeinstaller No Task File
Task: {D9132E74-8C03-44B7-9E07-CE96B05E00FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05] (Google Inc.)
Task: {EBDE08C5-ED62-40E5-8E54-59FE7423A989} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-04-15] (CyberLink)
Task: {F28DC74E-71CC-482A-B2B9-260CFD806E8A} - System32\Tasks\Game_Booster_AutoUpdate => D:\Programme\Game Booster 3\Autoupdate.exe [2013-10-24] ()
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core.job => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA.job => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Programme\Unlocker\UnlockerCOM.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () D:\Programme\Notepad\Notepad++\NppShell_05.dll
2011-05-31 11:11 - 2011-04-15 18:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-16 11:27 - 2012-12-16 11:27 - 00150528 _____ () D:\Programme\VLC\libvlc.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 02344960 _____ () D:\Programme\VLC\libvlccore.dll
2012-12-05 00:11 - 2011-03-30 23:05 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00306176 _____ () D:\Programme\VLC\plugins\access\libdshow_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00088064 _____ () D:\Programme\VLC\plugins\audio_output\libaout_directx_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00089088 _____ () D:\Programme\VLC\plugins\audio_output\libwaveout_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00115712 _____ () D:\Programme\VLC\plugins\video_output\libdirectx_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00076288 _____ () D:\Programme\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00231936 _____ () D:\Programme\VLC\plugins\access\liblibbluray_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00139264 _____ () D:\Programme\VLC\plugins\access\libaccess_bd_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00299008 _____ () D:\Programme\VLC\plugins\access\libdvdnav_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00083456 _____ () D:\Programme\VLC\plugins\access\libaccess_vdr_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00084480 _____ () D:\Programme\VLC\plugins\access\libfilesystem_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00528896 _____ () D:\Programme\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00876544 _____ () D:\Programme\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00077824 _____ () D:\Programme\VLC\plugins\access\libstream_filter_rar_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00128512 _____ () D:\Programme\VLC\plugins\access\libzip_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00144384 _____ () D:\Programme\VLC\plugins\demux\libplaylist_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01996800 _____ () D:\Programme\VLC\plugins\meta_engine\libtaglib_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00344064 _____ () D:\Programme\VLC\plugins\lua\liblua_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01498624 _____ () D:\Programme\VLC\plugins\misc\libxml_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00089600 _____ () D:\Programme\VLC\plugins\control\libhotkeys_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00077312 _____ () D:\Programme\VLC\plugins\control\libglobalhotkeys_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 11936768 _____ () D:\Programme\VLC\plugins\gui\libqt4_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00219648 _____ () D:\Programme\VLC\plugins\demux\libmp4_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00119808 _____ () D:\Programme\VLC\plugins\demux\libavi_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00109568 _____ () D:\Programme\VLC\plugins\demux\libasf_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00083456 _____ () D:\Programme\VLC\plugins\demux\libflacsys_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00084480 _____ () D:\Programme\VLC\plugins\demux\libes_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00139264 _____ () D:\Programme\VLC\plugins\demux\libmpc_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00081408 _____ () D:\Programme\VLC\plugins\demux\libnuv_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00075776 _____ () D:\Programme\VLC\plugins\demux\libtta_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079872 _____ () D:\Programme\VLC\plugins\demux\libwav_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01149440 _____ () D:\Programme\VLC\plugins\demux\libsid_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00128000 _____ () D:\Programme\VLC\plugins\services_discovery\libsap_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01565184 _____ () D:\Programme\VLC\plugins\demux\libmkv_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00762880 _____ () D:\Programme\VLC\plugins\demux\liblive555_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00142336 _____ () D:\Programme\VLC\plugins\demux\libogg_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\demux\libdirac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079872 _____ () D:\Programme\VLC\plugins\demux\libsmf_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\demux\librawvid_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\meta_engine\libfolder_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00131072 _____ () D:\Programme\VLC\plugins\access\libaccess_http_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00377856 _____ () D:\Programme\VLC\plugins\codec\libtheora_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00076288 _____ () D:\Programme\VLC\plugins\codec\librawvideo_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00218112 _____ () D:\Programme\VLC\plugins\codec\libspeex_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01816576 _____ () D:\Programme\VLC\plugins\codec\libvorbis_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00076288 _____ () D:\Programme\VLC\plugins\codec\libaes3_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00080384 _____ () D:\Programme\VLC\plugins\codec\liblpcm_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00080896 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00087040 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00081408 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00087552 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00097792 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00077312 _____ () D:\Programme\VLC\plugins\codec\libsvcdsub_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079872 _____ () D:\Programme\VLC\plugins\codec\libspudec_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00086016 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00084480 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\codec\libcvdsub_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00128512 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\codec\libmpeg_audio_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00251904 _____ () D:\Programme\VLC\plugins\codec\libpng_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079360 _____ () D:\Programme\VLC\plugins\codec\libcdg_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01548288 _____ () D:\Programme\VLC\plugins\codec\libschroedinger_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00089600 _____ () D:\Programme\VLC\plugins\codec\libaraw_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\codec\libdts_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00460288 _____ () D:\Programme\VLC\plugins\codec\libfaad_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00302592 _____ () D:\Programme\VLC\plugins\codec\libflac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01103360 _____ () D:\Programme\VLC\plugins\codec\liblibass_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00421376 _____ () D:\Programme\VLC\plugins\codec\libopus_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00233984 _____ () D:\Programme\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00124928 _____ () D:\Programme\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00166400 _____ () D:\Programme\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01562624 _____ () D:\Programme\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00075776 _____ () D:\Programme\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074240 _____ () D:\Programme\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00075264 _____ () D:\Programme\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074240 _____ () D:\Programme\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00087552 _____ () D:\Programme\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00073728 _____ () D:\Programme\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079360 _____ () D:\Programme\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-10-01 13:06 - 2013-09-24 15:37 - 00352544 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2013-10-01 13:05 - 2013-09-24 15:37 - 03147040 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2013-10-01 13:06 - 2013-09-24 15:37 - 00714016 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2013-10-01 13:06 - 2013-09-24 15:37 - 00353568 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2011-03-09 18:13 - 2011-03-09 18:13 - 00465640 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll
2011-03-09 18:12 - 2011-03-09 18:12 - 01081664 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\ACE.dll
2011-03-09 18:12 - 2011-03-09 18:12 - 00125760 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\MailConverter32.dll
2013-12-19 14:53 - 2013-12-19 14:53 - 00098816 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32api.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00110080 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pywintypes27.dll
2013-12-19 14:53 - 2013-12-19 14:53 - 00364544 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pythoncom27.dll
2013-12-19 14:53 - 2013-12-19 14:53 - 00044032 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_socket.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 01153024 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_ssl.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00320512 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32com.shell.shell.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00711680 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_hashlib.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 01175040 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._core_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00805888 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._gdi_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00811008 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._windows_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 01062400 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._controls_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00735232 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._misc_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00128512 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_elementtree.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00127488 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pyexpat.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00557056 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pysqlite2._sqlite.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00087040 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_ctypes.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00119808 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32file.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00108544 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32security.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00018432 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32event.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00038912 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32inet.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00122368 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._wizard.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00026624 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_multiprocessing.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00070656 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._html2.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00010240 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\select.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00686080 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\unicodedata.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00025600 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32pdh.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00521680 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\windows._lib_cacheinvalidation.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00011264 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32crypt.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00024064 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32pipe.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00035840 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32process.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00017408 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32profile.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00022528 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32ts.pyd
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Sven\AppData\Roaming\Dropbox\bin\libcef.dll
2012-12-08 21:10 - 2012-12-08 21:10 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\eb64cfab84daa71ec3a30eec336bf00e\IsdiInterop.ni.dll
2011-05-31 10:33 - 2010-09-14 02:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-05 17:18 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 17:18 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 17:18 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 17:18 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 17:18 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 17:18 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\Users\Sven\Documents\zeugnis.jpeg:�3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Sven\Documents\zeugnis.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/19/2013 02:52:24 PM) (Source: Sophos Anti-Virus) (User: )
Description: E_FAILURE.
CManager::TriggerShutdown in der ComponentManager-Komponente hat einen schwerwiegenden Fehler entdeckt, nach dem keine Wiederherstellung möglich ist.
Error: (12/19/2013 02:52:24 PM) (Source: Sophos Anti-Virus) (User: )
Description: E_FAILURE.
CManager::Unregister in der ComponentManager-Komponente hat einen schwerwiegenden Fehler entdeckt, nach dem keine Wiederherstellung möglich ist.
Error: (12/19/2013 02:48:28 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'ICManager' ist fehlerhaft. Die Komponente wird nicht ausgegeben.
Error: (12/19/2013 02:48:28 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'ICManager' ist fehlerhaft. Die Komponente wird nicht ausgegeben.
Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler beim Anfordern der Komponente VEAdapterFactory vom ComponentManager.
Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'VEAdapterFactory' ist fehlerhaft. Die Komponente wird nicht ausgegeben.
Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler beim Anfordern der Komponente SWIManager vom ComponentManager.
Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler bei der Konfiguration von SWIManager.
Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'BHOManager' ist fehlerhaft. Die Komponente wird nicht ausgegeben.
Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler beim Anfordern der Komponente SIPSManager vom ComponentManager.
System errors:
=============
Error: (12/19/2013 03:09:45 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (12/19/2013 02:58:01 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (12/19/2013 02:57:27 PM) (Source: ipnathlp) (User: )
Description:
Error: (12/19/2013 02:56:42 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (12/19/2013 02:55:07 PM) (Source: ipnathlp) (User: )
Description: 192.168.143.1192.168.137.0255.255.255.0
Error: (12/19/2013 02:55:04 PM) (Source: ipnathlp) (User: )
Description: 192.168.143.1192.168.137.0255.255.255.0
Error: (12/19/2013 02:53:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VHD Attach" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/19/2013 02:53:58 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst VHD Attach erreicht.
Error: (12/19/2013 02:53:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (12/19/2013 02:48:31 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
cnnctfy3
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
SASDIFSV
SASKUTIL
SAVOnAccess
spldr
tdx
vpcnfltr
vpcvmm
vwififlt
Wanarpv6
WfpLwf
Microsoft Office Sessions:
=========================
Error: (12/04/2013 05:16:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/04/2013 05:16:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1261 seconds with 840 seconds of active time. This session ended with a crash.
Error: (12/03/2013 08:10:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/03/2013 08:09:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 3947.86 MB
Available physical RAM: 1519.04 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 4662.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:351.46 GB) (Free:129.19 GB) NTFS
Drive d: (Volume) (Fixed) (Total:224.61 GB) (Free:125.42 GB) NTFS
Drive k: (nx_konfig) (Fixed) (Total:15 GB) (Free:5.78 GB) NTFS
Drive m: (Volume) (Fixed) (Total:25 GB) (Free:24.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9C4D1402)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=351 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 25 GB) (Disk ID: 2BCAB810)
Partition 1: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: 00431948)
Partition 1: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER:
Code:
Alles auswählen Aufklappen ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-19 15:59:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD64 rev.01.0 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Sven\AppData\Local\Temp\kwdiypog.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Windows\Explorer.EXE[1692] C:\Windows\system32\kernel32.dll!CopyFileExW 00000000774723d0 5 bytes JMP 000000016fff00d8
.text C:\Windows\Explorer.EXE[1692] C:\Windows\system32\kernel32.dll!MoveFileWithProgressW 00000000774ef6b0 8 bytes JMP 000000016fff0110
.text C:\Windows\Explorer.EXE[1692] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff577490 11 bytes JMP 000007ffff5400d8
.text C:\Program Files (x86)\Connectify\ConnectifyD.exe[2300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Connectify\ConnectifyD.exe[2300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe[2488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe[2488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe[2608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe[2608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe[2764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe[2764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe[2468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe[2468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
? C:\Windows\system32\iertutil.dll [2684] entry point in ".rdata" section 0000000076c947f9
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3572] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 000000007777000c 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3572] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 00000000777ff85a 5 bytes JMP 00000001777ad571
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[1632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[1632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[6936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[6936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Nero\Update\NASvc.exe[3592] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Nero\Update\NASvc.exe[3592] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Users\Sven\Desktop\gmer_2.1.19163.exe[6696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Users\Sven\Desktop\gmer_2.1.19163.exe[6696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\svchost.exe [1072:6820] 000007fefc831ebc
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5936:5512] 000007fefb822a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5936:5292] 000007feee2ad618
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5936:4464] 000007fef76a5124
Thread C:\Windows\System32\svchost.exe [7132:5436] 000007feea129688
---- EOF - GMER 2.1 ----
Hoffe ich habe alles richtig gemacht und nichts vergessen.
Und schonma Vielen Dank für eure Hilfe
Baum-Darstellung