![]() |
|
Log-Analyse und Auswertung: Windows 7 Firefox26 BrowserZertifikate plötzlich ungültig ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() Windows 7 Firefox26 BrowserZertifikate plötzlich ungültig ? Hallo, seit gestern habe ich ein Problem. Während des Servens mit Firefox ist im Hintergrund ein Fenster aufgegangen, das bei näherer Betrachtung aussah wie eine Seite die behauptet ich müsse wegen Rechtsverstößen Geld zahlen, damit mein Rechner nicht gesperrt würde. Da das Fenster nicht zu schliesen war, habe ich den Rechner hart runtergefahren und neugestartet. Seither habe ich Probleme mit den Browserzertifikaten. Jede https-Seite (ssl-verschlüsselt?) wird abgelehnt mit dem Hinweis das von der Seite zurückgelieferte Zertifikat sei ungültig bzw. die Verbindung sei nicht vertrauenswürdig. Habe ich meine Zertifikatspeicher zerschossen oder schlimmeres. Was muss ich im ersten Fall tun? Was im Zweiten? Eine Scan mit Malwarebytes und FRST habe ich schon gemacht. Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.23.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 meister :: MEISTER-PC [Administrator] Schutz: Aktiviert 23.12.2013 07:04:20 mbam-log-2013-12-23 (07-04-20).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 540847 Laufzeit: 1 Stunde(n), 14 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013 Ran by surfer (ATTENTION: The logged in user is not administrator) on MEISTER-PC on 23-12-2013 20:02:22 Running from C:\Users\surfer\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (brother) C:\Program Files (x86)\Brownie\BrStsW64.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] () HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated) HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391192 2010-08-02] (Acronis) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.) HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.) HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.) HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5452488 2010-08-02] (Acronis) HKLM-x32\...\Run: [SAOB Monitor] - C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570648 2010-08-02] (Acronis) HKLM-x32\...\Run: [BrStsWnd] - C:\Program Files (x86)\Brownie\BrStsW64.exe [3695928 2009-08-19] (brother) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [NWEReboot] - [x] HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-11] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000} HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196} HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196} HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\surfer\AppData\Roaming\Mozilla\Firefox\Profiles\ozowagv3.default-1370695269533 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll No File FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Garmin Communicator - C:\Users\surfer\AppData\Roaming\Mozilla\Firefox\Profiles\ozowagv3.default-1370695269533\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com ==================== Services (Whitelisted) ================= R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-11] (Kaspersky Lab ZAO) R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] () R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries) R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-06-23] () S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [x] ==================== Drivers (Whitelisted) ==================== S3 CSRBC; C:\Windows\System32\Drivers\rider64.sys [38400 2012-01-31] (CSR plc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-13] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-11] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-13] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-11] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-11] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-25] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2012-04-22] (Acronis) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-25] (Kaspersky Lab ZAO) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-23 20:02 - 2013-12-23 20:02 - 00018936 _____ C:\Users\surfer\Desktop\FRST.txt 2013-12-23 20:01 - 2013-12-23 20:01 - 00000000 ____D C:\FRST 2013-12-23 19:41 - 2013-12-23 19:41 - 01928604 _____ (Farbar) C:\Users\surfer\Desktop\FRST64.exe 2013-12-23 07:32 - 2013-12-23 07:32 - 00000219 _____ C:\Users\surfer\Desktop\ Malwarebytes Anti-Malware .txt 2013-12-23 06:49 - 2013-12-23 06:49 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-12-23 06:49 - 2013-12-23 06:49 - 00000000 ____D C:\Users\meister\AppData\Roaming\Malwarebytes 2013-12-23 06:49 - 2013-12-23 06:49 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-23 06:49 - 2013-12-23 06:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-23 06:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-12-23 06:43 - 2013-12-23 06:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\surfer\Downloads\mbam-setup-1.75.0.1300.exe 2013-12-23 06:15 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-23 06:15 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-23 06:15 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-23 06:15 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-23 06:15 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-23 06:15 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-23 06:15 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-23 06:15 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-23 06:15 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-23 06:15 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-23 06:15 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-23 06:15 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-23 06:15 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-23 06:15 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-23 06:15 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-23 06:15 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-23 06:15 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-23 06:15 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-23 06:15 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-23 06:15 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-23 06:15 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-23 06:15 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-23 06:15 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-23 06:15 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-23 06:15 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-23 06:15 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-23 06:15 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-23 06:15 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-23 06:15 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-23 06:15 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-23 06:15 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-23 06:10 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-12-23 06:10 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-12-23 06:10 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-12-23 06:10 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-12-23 06:10 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2013-12-23 06:10 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2013-12-23 06:10 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-12-23 06:10 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-23 06:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2013-12-23 06:10 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-23 06:10 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-23 06:10 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2013-12-23 06:10 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2013-12-23 06:10 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2013-12-23 06:10 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-23 06:10 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2013-12-23 06:10 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2013-12-23 06:10 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2013-12-23 06:10 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-22 16:58 - 2013-12-22 16:58 - 00000000 ____D C:\.Trash-999 2013-12-21 13:17 - 2013-12-21 13:17 - 00019399 _____ C:\Users\surfer\Downloads\MultitaskingTest.htm 2013-12-15 20:56 - 2013-12-15 21:00 - 53582208 _____ (Citrix Systems, Inc.) C:\Users\surfer\Downloads\CitrixReceiverWeb.exe 2013-12-14 21:20 - 2013-12-15 00:01 - 00023552 _____ C:\Users\surfer\Desktop\Grundausstattungen.xls 2013-12-13 21:58 - 2013-12-13 21:59 - 21981704 _____ (Mozilla) C:\Users\surfer\Downloads\Thunderbird Setup 24.2.0.exe 2013-12-13 21:57 - 2013-12-13 21:57 - 00283096 _____ (Mozilla) C:\Users\surfer\Downloads\Firefox Setup Stub 26.0.exe 2013-12-07 10:11 - 2013-12-07 10:11 - 00001501 _____ C:\Users\surfer\AppData\Local\recently-used.xbel 2013-12-06 21:34 - 2013-12-06 21:39 - 00000000 ____D C:\Users\surfer\Downloads\Telekom eumex800 2013-11-29 20:37 - 2013-11-29 20:45 - 00015317 _____ C:\Users\surfer\Documents\Touratech_navi_stromversorgung.odt 2013-11-27 16:40 - 2013-11-28 14:31 - 01594964 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-11-26 20:47 - 2013-11-26 20:47 - 00985600 _____ C:\Users\surfer\Downloads\MicrosoftFixit50123.msi ==================== One Month Modified Files and Folders ======= 2013-12-23 20:02 - 2013-12-23 20:02 - 00018936 _____ C:\Users\surfer\Desktop\FRST.txt 2013-12-23 20:02 - 2012-04-01 14:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-23 20:01 - 2013-12-23 20:01 - 00000000 ____D C:\FRST 2013-12-23 19:41 - 2013-12-23 19:41 - 01928604 _____ (Farbar) C:\Users\surfer\Desktop\FRST64.exe 2013-12-23 18:30 - 2013-05-24 22:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-12-23 11:20 - 2011-11-21 14:18 - 02075370 _____ C:\Windows\WindowsUpdate.log 2013-12-23 08:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-12-23 07:32 - 2013-12-23 07:32 - 00000219 _____ C:\Users\surfer\Desktop\ Malwarebytes Anti-Malware .txt 2013-12-23 06:49 - 2013-12-23 06:49 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-12-23 06:49 - 2013-12-23 06:49 - 00000000 ____D C:\Users\meister\AppData\Roaming\Malwarebytes 2013-12-23 06:49 - 2013-12-23 06:49 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-23 06:49 - 2013-12-23 06:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-23 06:43 - 2013-12-23 06:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\surfer\Downloads\mbam-setup-1.75.0.1300.exe 2013-12-23 06:36 - 2011-11-21 23:11 - 00699682 _____ C:\Windows\system32\perfh007.dat 2013-12-23 06:36 - 2011-11-21 23:11 - 00149790 _____ C:\Windows\system32\perfc007.dat 2013-12-23 06:36 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-23 06:35 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-23 06:35 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-23 06:30 - 2012-09-09 20:01 - 00000295 _____ C:\Windows\Brownie.ini 2013-12-23 06:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-23 06:30 - 2009-07-14 05:51 - 00103931 _____ C:\Windows\setupact.log 2013-12-23 06:30 - 2009-07-14 05:45 - 00336992 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-23 06:14 - 2013-07-11 19:57 - 00000000 ____D C:\Windows\system32\MRT 2013-12-23 06:11 - 2012-04-22 12:02 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-12-22 16:58 - 2013-12-22 16:58 - 00000000 ____D C:\.Trash-999 2013-12-21 13:17 - 2013-12-21 13:17 - 00019399 _____ C:\Users\surfer\Downloads\MultitaskingTest.htm 2013-12-18 22:04 - 2013-07-20 15:04 - 00000000 ____D C:\Users\surfer\Downloads\Klarmobil 2013-12-15 21:18 - 2013-01-21 07:47 - 00000000 ____D C:\Users\surfer\AppData\Roaming\ICAClient 2013-12-15 21:00 - 2013-12-15 20:56 - 53582208 _____ (Citrix Systems, Inc.) C:\Users\surfer\Downloads\CitrixReceiverWeb.exe 2013-12-15 00:01 - 2013-12-14 21:20 - 00023552 _____ C:\Users\surfer\Desktop\Grundausstattungen.xls 2013-12-14 20:43 - 2013-08-18 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-12-14 20:43 - 2012-06-03 17:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-14 20:43 - 2010-11-21 04:47 - 00205810 _____ C:\Windows\PFRO.log 2013-12-13 22:38 - 2012-04-07 11:28 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2013-12-13 22:38 - 2012-04-07 11:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2013-12-13 22:17 - 2013-04-01 19:22 - 00019974 _____ C:\Users\surfer\Documents\Wein.ods 2013-12-13 22:03 - 2012-04-01 14:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-13 22:03 - 2012-03-12 12:34 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-12-13 22:03 - 2011-10-20 10:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-13 21:59 - 2013-12-13 21:58 - 21981704 _____ (Mozilla) C:\Users\surfer\Downloads\Thunderbird Setup 24.2.0.exe 2013-12-13 21:57 - 2013-12-13 21:57 - 00283096 _____ (Mozilla) C:\Users\surfer\Downloads\Firefox Setup Stub 26.0.exe 2013-12-13 21:56 - 2013-08-27 20:06 - 00016384 _____ C:\Users\surfer\Downloads\Spritrechner.xls 2013-12-13 21:08 - 2012-08-02 14:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys 2013-12-13 21:08 - 2012-06-19 16:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2013-12-07 10:12 - 2012-11-07 20:31 - 00000000 ____D C:\Users\surfer\.gimp-2.8 2013-12-07 10:11 - 2013-12-07 10:11 - 00001501 _____ C:\Users\surfer\AppData\Local\recently-used.xbel 2013-12-06 21:39 - 2013-12-06 21:34 - 00000000 ____D C:\Users\surfer\Downloads\Telekom eumex800 2013-11-29 20:45 - 2013-11-29 20:37 - 00015317 _____ C:\Users\surfer\Documents\Touratech_navi_stromversorgung.odt 2013-11-28 14:31 - 2013-11-27 16:40 - 01594964 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-11-26 20:47 - 2013-11-26 20:47 - 00985600 _____ C:\Users\surfer\Downloads\MicrosoftFixit50123.msi 2013-11-26 12:54 - 2013-12-23 06:15 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-26 11:19 - 2013-12-23 06:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-26 11:18 - 2013-12-23 06:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-26 11:11 - 2013-12-23 06:15 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-26 10:48 - 2013-12-23 06:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-26 10:46 - 2013-12-23 06:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-26 10:41 - 2013-12-23 06:15 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-26 10:29 - 2013-12-23 06:15 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-26 10:27 - 2013-12-23 06:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-26 10:23 - 2013-12-23 06:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-26 10:21 - 2013-12-23 06:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-26 10:18 - 2013-12-23 06:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-26 10:18 - 2013-12-23 06:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-26 10:16 - 2013-12-23 06:15 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-26 09:57 - 2013-12-23 06:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-26 09:38 - 2013-12-23 06:15 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-26 09:38 - 2013-12-23 06:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-26 09:35 - 2013-12-23 06:15 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-26 09:32 - 2013-12-23 06:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-26 09:28 - 2013-12-23 06:15 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-26 09:16 - 2013-12-23 06:15 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-26 09:02 - 2013-12-23 06:15 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-26 08:48 - 2013-12-23 06:15 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-26 08:32 - 2013-12-23 06:15 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-26 08:26 - 2013-12-23 06:15 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-26 08:07 - 2013-12-23 06:15 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-26 07:40 - 2013-12-23 06:15 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-26 07:34 - 2013-12-23 06:15 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-26 07:34 - 2013-12-23 06:15 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-26 07:33 - 2013-12-23 06:15 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-26 07:27 - 2013-12-23 06:15 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-23 22:06 - 2012-09-07 20:01 - 00000000 ____D C:\Users\surfer\AppData\Roaming\vlc 2013-11-23 20:07 - 2012-03-12 13:11 - 00073152 _____ C:\Users\surfer\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-23 19:26 - 2013-12-23 06:10 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-11-23 18:47 - 2013-12-23 06:10 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll Files to move or delete: ==================== C:\Users\surfer\AppData\Roaming\eSReg.ini C:\Users\surfer\CTX.DAT Some content of TEMP: ==================== C:\Users\surfer\AppData\Local\Temp\drm_dialogs.dll C:\Users\surfer\AppData\Local\Temp\drm_dyndata_7370014.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2013 Ran by surfer at 2013-12-23 20:02:53 Running from C:\Users\surfer\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} ==================== Installed Programs ====================== Acer Backup Manager (x32 Version: 3.0.0.99) Acer Crystal Eye Webcam (x32 Version: 1.0.1904) Acer ePower Management (x32 Version: 6.00.3008) Acer eRecovery Management (x32 Version: 5.00.3504) Acer Games (x32 Version: 1.0.2.5) Acer Registration (x32 Version: 1.04.3504) Acer ScreenSaver (x32 Version: 1.1.0913.2011) Acer Updater (x32 Version: 1.02.3500) Acronis*True*Image*Home 2011 (x32 Version: 14.0.5041) Adobe AIR (x32 Version: 2.7.1.19610) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170) Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98) AMD APP SDK Runtime (Version: 2.5.775.2) AMD Catalyst Install Manager (Version: 3.0.847.0) ANNO 2070 (x32 Version: 1.0.0.0) Assassin's Creed (x32 Version: 1.02) Assassin's Creed Brotherhood (x32 Version: 1.03) Assassin's Creed II (x32 Version: 1.01) Assassin's Creed Revelations 1.03 (x32 Version: 1.03) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36) Backup Manager V3 (x32 Version: 3.0.0.99) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Bing Bar (x32 Version: 7.0.765.0) BRAdmin Professional 3 (x32 Version: 3.45.0007) Brother HL-2150N (x32 Version: 1.00) Cardo Updater (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center (x32 Version: 2011.1013.754.12275) Catalyst Control Center InstallProxy (x32 Version: 2011.1013.754.12275) Catalyst Control Center Localization All (x32 Version: 2011.1013.754.12275) Catalyst Control Center Profiles Mobile (x32 Version: 2011.1013.754.12275) CCC Help Chinese Standard (x32 Version: 2011.1013.0753.12275) CCC Help Chinese Traditional (x32 Version: 2011.1013.0753.12275) CCC Help Czech (x32 Version: 2011.1013.0753.12275) CCC Help Danish (x32 Version: 2011.1013.0753.12275) CCC Help Dutch (x32 Version: 2011.1013.0753.12275) CCC Help English (x32 Version: 2011.1013.0753.12275) CCC Help Finnish (x32 Version: 2011.1013.0753.12275) CCC Help French (x32 Version: 2011.1013.0753.12275) CCC Help German (x32 Version: 2011.1013.0753.12275) CCC Help Greek (x32 Version: 2011.1013.0753.12275) CCC Help Hungarian (x32 Version: 2011.1013.0753.12275) CCC Help Italian (x32 Version: 2011.1013.0753.12275) CCC Help Japanese (x32 Version: 2011.1013.0753.12275) CCC Help Korean (x32 Version: 2011.1013.0753.12275) CCC Help Norwegian (x32 Version: 2011.1013.0753.12275) CCC Help Polish (x32 Version: 2011.1013.0753.12275) CCC Help Portuguese (x32 Version: 2011.1013.0753.12275) CCC Help Russian (x32 Version: 2011.1013.0753.12275) CCC Help Spanish (x32 Version: 2011.1013.0753.12275) CCC Help Swedish (x32 Version: 2011.1013.0753.12275) CCC Help Thai (x32 Version: 2011.1013.0753.12275) CCC Help Turkish (x32 Version: 2011.1013.0753.12275) ccc-utility64 (Version: 2011.1013.754.12275) Chuzzle Deluxe (x32 Version: 2.2.0.95) Citrix Presentation Server Client (x32 Version: 10.00.52110) clear.fi (x32 Version: 1.0.1517_36458) clear.fi (x32 Version: 1.0.2024.00) clear.fi (x32 Version: 9.0.8026) clear.fi Client (x32 Version: 1.00.3500) Clonk Rage (x32) Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (x32 Version: 1.0.0.0) Command & Conquer™ Red Alert™ 3 and Uprising (x32 Version: 1.0.0.0) Command & Conquer™: Generals and Zero Hour (x32 Version: 1.0.0.0) Crazy Chicken Kart 2 (x32 Version: 2.2.0.97) D3DX10 (x32 Version: 15.4.2368.0902) Die Siedler - Aufbruch der Kulturen (x32) DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) (x32 Version: 1.00.0000) Dolby Advanced Audio v2 (x32 Version: 7.2.7000.7) Downloader (x32) eBay Worldwide (x32 Version: 2.2.0409) Elevated Installer (x32 Version: 2.3.14.0) ETDWare PS/2-X64 8.0.6.0_WHQL (Version: 8.0.6.0) Evernote v. 4.5.1 (x32 Version: 4.5.1.5451) Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3) FATE (x32 Version: 2.2.0.97) Final Drive: Nitro (x32 Version: 2.2.0.95) Fooz Kids (x32 Version: 3.0.8) Fooz Kids Platform (x32 Version: 2.1) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922) Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922) Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) Galerie foto Windows Live (x32 Version: 15.4.3502.0922) Garmin BaseCamp (x32 Version: 4.2.4) Garmin City Navigator Europe (Unicode) NT 2014.10 Update (x32 Version: 17.10.0.0) Garmin Express (x32 Version: 2.3.14.0) Garmin Express Tray (x32 Version: 2.3.14.0) Garmin USB Drivers (x32 Version: 2.3.1.0) GIMP 2.8.8 (Version: 2.8.8) Identity Card (x32 Version: 1.00.3501) Insaniquarium Deluxe (x32 Version: 2.2.0.97) Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074) Intel(R) Management Engine Components (x32 Version: 7.0.0.1144) Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004) Java 7 Update 11 (64-bit) (Version: 7.0.110) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9.8) Java SE Development Kit 7 Update 9 (x32 Version: 1.7.0.90) Java(TM) 6 Update 30 (64-bit) (Version: 6.0.300) Jewel Match 3 (x32 Version: 2.2.0.97) Jewel Quest Solitaire (x32 Version: 2.2.0.95) John Deere Drive Green (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 15.4.3502.0922) Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190) Launch Manager (x32 Version: 5.1.7) LibreOffice 4.1 Help Pack (German) (x32 Version: 4.1.3.2) LibreOffice 4.1.3.2 (x32 Version: 4.1.3.2) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) ManiaPlanet (x32) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938) Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft IntelliPoint 8.2 (Version: 8.20.468.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MOTORRAD Tourenplaner 2008/2009 (x32) Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0) Mozilla Maintenance Service (x32 Version: 24.2.0) Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98) MyWinLocker (Version: 4.0.14.27) MyWinLocker 4 (x32 Version: 4.0.14.27) MyWinLocker Suite (x32 Version: 4.0.14.19) newsXpresso (x32 Version: 1.0.0.40) Norton Online Backup (x32 Version: 2.1.17869) Notepad++ (x32 Version: 6.5.1) NTI Media Maker 9 (x32 Version: 9.0.2.9002) NVIDIA PhysX v8.04.25 (x32 Version: 8.04.25) Origin (x32 Version: 9.3.10.4710) PDFCreator (x32 Version: 1.5.0) Penguins! (x32 Version: 2.2.0.95) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922) Polar Bowler (x32 Version: 2.2.0.97) Pošta Windows Live (x32 Version: 15.4.3502.0922) PunkBuster Services (x32 Version: 0.990) PX Profile Update (x32 Version: 1.00.1.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6438) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30123) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0) Shredder (Version: 2.0.8.9) Shredder (x32 Version: 2.0.8.9) Skype™ 5.10 (x32 Version: 5.10.116) Slingo Deluxe (x32 Version: 2.2.0.95) Steam (x32 Version: 1.0.0.0) Supreme Commander 2 (x32) Tom Clancy's H.A.W.X. 2 (x32 Version: 1.0.1) Torchlight (x32 Version: 2.2.0.97) Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0) Ubisoft Game Launcher (x32 Version: 1.0.0.0) Update Installer for WildTangent Games App (x32) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97) VLC media player 2.1.0 (x32 Version: 2.1.0) VLC media player 2.1.1 (Version: 2.1.1) Wedding Dash (x32 Version: 2.2.0.95) Welcome Center (x32 Version: 1.02.3504) WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3538.0513) Windows Live Fotogaléria (x32 Version: 15.4.3502.0922) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live Fotogalleri (x32 Version: 15.4.3502.0922) Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922) Windows Live Fotótár (x32 Version: 15.4.3502.0922) Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922) Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3538.0513) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Live 影像中心 (x32 Version: 15.4.3502.0922) Windows Live 程式集 (x32 Version: 15.4.3502.0922) Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922) Windows Liven sähköposti (x32 Version: 15.4.3502.0922) Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922) Worms 4 Mayhem (x32 Version: 1.01.0000) Zuma Deluxe (x32 Version: 2.2.0.95) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922) Основные компоненты Windows Live (x32 Version: 15.4.3502.0922) Почта Windows Live (x32 Version: 15.4.3502.0922) Фотоальбом Windows Live (x32 Version: 15.4.3502.0922) Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922) גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922) بريد Windows Live (x32 Version: 15.4.3502.0922) معرض صور Windows Live (x32 Version: 15.4.3502.0922) ==================== Restore Points ========================= Could not list Restore Points. Check WMI. ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ? ==================== Loaded Modules (whitelisted) ============= 2011-10-20 10:00 - 2011-08-09 00:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-10-13 07:52 - 2011-10-13 07:52 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2011-03-14 14:21 - 2011-03-14 14:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll 2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll 2013-12-13 22:03 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-12-13 22:03 - 2013-12-13 22:03 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/23/2013 06:30:50 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2013 06:01:38 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2013 02:10:46 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2013 10:57:06 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2013 11:18:15 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/20/2013 06:38:13 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/18/2013 09:01:41 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/16/2013 07:42:08 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 08:44:56 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/13/2013 10:04:42 PM) (Source: Application Hang) (User: ) Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 52c Startzeit: 01cef83c8128eb6f Endzeit: 20 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Berichts-ID: 2866ee82-643a-11e3-991a-dc0ea1140460 System errors: ============= Error: (12/22/2013 02:10:20 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 22.12.2013 um 14:08:08 unerwartet heruntergefahren. Error: (12/13/2013 10:39:26 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (12/13/2013 10:39:21 PM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (12/06/2013 08:24:25 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht. Error: (11/22/2013 09:09:15 PM) (Source: srv) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (11/22/2013 09:01:15 PM) (Source: srv) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (11/22/2013 08:52:15 PM) (Source: srv) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (11/22/2013 08:49:15 PM) (Source: srv) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (11/22/2013 08:35:15 PM) (Source: srv) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (11/22/2013 08:31:15 PM) (Source: srv) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Microsoft Office Sessions: ========================= Error: (12/23/2013 06:30:50 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2013 06:01:38 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2013 02:10:46 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2013 10:57:06 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2013 11:18:15 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/20/2013 06:38:13 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/18/2013 09:01:41 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/16/2013 07:42:08 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 08:44:56 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/13/2013 10:04:42 PM) (Source: Application Hang)(User: ) Description: firefox.exe26.0.0.508752c01cef83c8128eb6f20C:\Program Files (x86)\Mozilla Firefox\firefox.exe2866ee82-643a-11e3-991a-dc0ea1140460 CodeIntegrity Errors: =================================== Date: 2013-12-23 08:55:29.670 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.670 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.670 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.654 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.654 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.654 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.638 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.623 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 08:55:29.623 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-23 07:51:18.828 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 35% Total physical RAM: 8043.86 MB Available physical RAM: 5156.07 MB Total Pagefile: 16085.9 MB Available Pagefile: 12633.06 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:682.54 GB) (Free:430.25 GB) NTFS ==================== MBR & Partition Table ================== ==================== End Of Log ============================ matthias |
Themen zu Windows 7 Firefox26 BrowserZertifikate plötzlich ungültig ? |
bingbar, branding, browser zertifikate unsichere verbindung, defender, downloader, ebanking, error, firefox, flash player, geld, gesperrt, helper, home, kaspersky, klelam.sys, launch, mozilla, plug-in, programm, realtek, registry, richtlinie, rundll, scan, security, services.exe, siteadvisor, software, svchost.exe, symantec, trojaner, usb, wildtangent games, windows |