| |
| |||||||
Log-Analyse und Auswertung: TaskMgr,Windows Sicherheitsdient, Firewall lassen sich nicht starten und hohe CPU-Auslastung.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
12.02.2014, 10:13
| #1 |
 |  TaskMgr,Windows Sicherheitsdient, Firewall lassen sich nicht starten und hohe CPU-Auslastung. Guten Morgen. Seit ca. einer halben Woche hat mein Computer die ersten Syptome für einen Virus gezeigt. Die da wären: -Sicherheitscenter lässt sich nicht starten, da der Dienst deaktiviert ist. Wenn ich ihn auf Automatisch stelle aktiviert er sich, ist aber beim Neustart wieder aus. -Nach der Aktivierung vom Sicherheitcenter kriege ich die Fehlermeldung Windows Firewall konnte nicht gestartet werden. Manuell starten kann ich ihn nicht. -Der Taskmanager ist grau hinterlegt, wenn ich ihn mit Rechtsklick in der Taskleiste versuche zu starten. Wenn ich Strg-Alt-Entf drücke wird der Button für den Taskmanager gar nicht angezeigt. Das Problem ist, das der Wert im Schlüssel auf 1 gesetzt ist. Wenn ich den Wert auf 0 setze ändert er sich automatisch wieder zu 1. -Malwarebytes blockiert alle 20 Sekunden eine Verbindung mit einer schädlichen Website. Die Verbindung wird von cvtres.exe automatisch gestartet. -Der Prozess svchost.exe hat eine ungewöhnlich hohe Auslastung von 300.000. Ich habe den Computer einmal mit Malwarebytes und ein Mal mit Norton Security durchlaufen lassen und so einiges gefunden, jedoch hat sich nichts geändert. Ich weiß wirklich nicht mehr was ich tun könnte. Sogar mein Mauszeiger hängt sich beim Bewegen auf und beim Tippen erscheinen die Buchstaben mit verzögerung. Ich habe einen Fx-6100 Prozessor mit 8 GB RAM und Win 7. Ich glaube ich weiß welches Programm den Virus eingeschleußt hat, jedoch weiß ich nicht wie ich ihn wieder entfernen könnte. Hier die Log Files. Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-02-2014 01
Ran by Pc at 2014-02-11 22:29:03
Running from C:\Users\Pc\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Conan: Unchained (x32 Version: - Funcom)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AI Suite (x32 Version: 1.06.22 - )
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
AirPlus XtremeG DWL-G122 (x32 Version: 1.0.30 - D-Link)
Aiseesoft MP4 Video Converter 7.1.20 (x32 Version: 7.1.20 - Aiseesoft Studio)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (x32 Version: - Akamai Technologies, Inc)
Alliance of Valiant Arms (x32 Version: - )
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
American Conquest Fight Back (x32 Version: - )
ANNO 2070 (x32 Version: 1.0.0.0 - Ubisoft)
ASUS WebStorage (x32 Version: 3.0.94.193 - eCareme Technologies, Inc.)
ASUSUpdate (x32 Version: 7.18.03 - ASUSTeK Computer Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10707 - ATI Technologies Inc.) Hidden
Audacity 2.0.2 (x32 Version: 2.0.2 - Audacity Team)
Babylon Chrome Toolbar (x32 Version: 2.0.0.4 - Babylon Ltd) <==== ATTENTION
Babylon toolbar (x32 Version: - BabylonToolbar) <==== ATTENTION
Battle For Graxia (x32 Version: - )
BioShock Infinite (x32 Version: - Irrational Games)
Black & White® 2 (x32 Version: 1.00.0000 - Lionhead Studios)
Blitzkrieg Burning Horizon (x32 Version: - )
Brick-Force (x32 Version: - Infernum Productions AG)
Browser Defender 3.0 (x32 Version: 3.0.0.314 - Threat Expert Ltd.)
Brytenwalda Version 1.40 (x32 Version: 1.40 - Brytenwalda Dev.)
Bundled software uninstaller (x32 Version: - ) <==== ATTENTION
CAESAR IV (x32 Version: 1.2 - Tilted Mill Entertainment)
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Call of Duty: Black Ops II - Zombies (x32 Version: - )
Camtasia Studio 8 (x32 Version: 8.0.3.994 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.09 - Piriform)
CDBurnerXP (x32 Version: 4.5.1.3868 - CDBurnerXP)
Celtic Kings - The Punic Wars (x32 Version: - )
Chivalry Medieval Warfare (c) Torn Banner Studios version 1 (x32 Version: 1 - )
Codec Pack Packages (HKCU Version: - ) <==== ATTENTION
Cossacks - The Art Of War (x32 Version: - )
Cossacks 2 - Battle for Europe (x32 Version: - )
Cossacks II (x32 Version: - )
Cross Fire En (x32 Version: - Z8Games.com)
Crossfire Europe (x32 Version: 1.107 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
DarthMod: Shogun II (x32 Version: - )
DBO_CT_TW (x32 Version: 1.57.22 - Cayennetech)
DC-Bass Source 1.3.0 (x32 Version: - )
Die Schlacht um Mittelerde™ II (x32 Version: - )
DirectVobSub 2.40.4209 (x32 Version: 2.40.4209 - MPC-HC Team)
DivX-Setup (x32 Version: 2.6.1.8 - DivX, LLC)
Dota 2 (x32 Version: - Valve )
Dungeons and Dragons Online (HKCU Version: - )
Dynasty Warriors Online (x32 Version: - )
Elsword_DE (x32 Version: - )
EPU-4 Engine (x32 Version: 1.02.01 - )
Europa Universalis IV (x32 Version: - Paradox Interactive)
ExpressFiles (HKCU Version: 1.8.1 - hxxp://www.express-files.com/) <==== ATTENTION
ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0 - )
Floris Mod Pack 2.54 (x32 Version: - )
Forged By Chaos (x32 Version: - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version: - )
Free Audio CD Burner version 2.0.22.320 (x32 Version: 2.0.22.320 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.20.1031 (x32 Version: 5.0.20.1031 - DVDVideoSoft Ltd.)
From Dust (x32 Version: 1.0.0 - Ubisoft)
FuNDeaulls (x32 Version: - FFunDeals)
Gameforge Live 1.7.0 "Legend" (x32 Version: 1.7.0 - Gameforge)
GameRanger (HKCU Version: - GameRanger Technologies)
GamersFirst LIVE! (HKCU Version: - GamersFirst)
Ghost Recon Online (EU) (HKCU Version: 1.34.9860.1 - Ubisoft)
GIMP 2.8.2 (Version: 2.8.2 - The GIMP Team)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Gothic III (x32 Version: 1.0.0 - JoWooD Productions Software AG)
grafstat4 (x32 Version: 4.276 - DrSoft)
GS-Supporter 1.80 (x32 Version: - Verified Publisher) <==== ATTENTION
Guild Wars 2 (x32 Version: - NCsoft Corporation, Ltd.)
Haali Media Splitter (x32 Version: - )
Happy Cloud Client (HKCU Version: 3.41 - Happy Cloud, Inc.)
Haunt 1.0 64bit (HKCU Version: - )
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0 - Hi-Rez Studios)
HydraVision (x32 Version: 4.2.208.0 - ATI Technologies Inc.) Hidden
Infestation: Survivor Stories (x32 Version: - Hammerpoint Interactive)
inSSIDer 3 (x32 Version: 3.0.6.42 - MetaGeek, LLC)
Installation (HKCU Version: 1.0.0.8 - Installation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2266 - Intel Corporation)
IrfanView (remove only) (x32 Version: 4.32 - Irfan Skiljan)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
King Arthur II (x32 Version: - Paradox Interactive)
K-Lite Codec Pack 9.4.0 (Basic) (x32 Version: 9.4.0 - )
Lagarith Lossless Codec (1.3.27) (x32 Version: - )
LAME v3.99.3 (for Windows) (x32 Version: - )
League of Legends (x32 Version: 1.3 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LOCO EVOLUTION (x32 Version: EVOLUTION - DanalGames)
Logitech Print Service (x32 Version: - )
Logitech QuickCam-Software (x32 Version: 8.47.0000 - Logitech, Inc.)
LOLReplay (x32 Version: 0.8.5.1 - www.leaguereplays.com)
Lost Empire - Immortals (x32 Version: 1.0.0 - Pollux Gamelabs)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Metin2 (x32 Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 1.1 (x32 Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (x32 Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (x32 Version: - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (x32 Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 1.0 Refresh (x32 Version: 1.1.10405.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Mobistel Cynus T1 Drivers(x86) (x32 Version: 2.00 - Mobistel)
Mount&Blade Warband (x32 Version: - )
Mount&Blade With Fire and Sword (x32 Version: - )
MountMusket Battalion (x32 Version: 0.4.2 - MountMusket Battalion Team)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie2KDownloader (x32 Version: 2.1 Build 26473 - Movie2KDownloader.com)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (x32 Version: 3.51.12 - MySQL AB)
Napoleonic Wars (x32 Version: 1.0 - Mount&Blade Napoleonic Wars)
NC Launcher (GameForge) (x32 Version: - NCsoft)
Nero 9 Essentials (x32 Version: - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Internet Security (x32 Version: 21.1.0.18 - Symantec Corporation)
Notepad++ (x32 Version: 6.4.2 - Notepad++ Team)
NVIDIA 3D Vision Treiber 270.61 (Version: 270.61 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (x32 Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 270.61 (Version: 270.61 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.270.54.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.7061 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 270.61 (Version: 270.61 - NVIDIA Corporation) Hidden
Open It! (x32 Version: 1.1.1 - OpenIt)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5 - )
Pando Media Booster (x32 Version: 2.6.0.8 - Pando Networks Inc.)
Panzar (x32 Version: 1.0 - Panzar)
Patch v2.2 (x32 Version: - RUNEFORGE Games Studios)
Patrizier IV (x32 Version: 1.0.0 - Kalypso Media)
PC Probe II (x32 Version: 1.04.92 - ASUSTeK Computer Inc.)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PileFile reminder (HKCU Version: - FINEDREAM INVEST LTD)
Pixsta (HKCU Version: 2.5.0.48600 - Pokki)
PlanetSide 2 (HKCU Version: 1.0.3.183 - Sony Online Entertainment)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Pokki (HKCU Version: 0.266.1.172 - Pokki)
Pokki Download Helper (HKCU Version: 1.3.1.282 - Pokki)
PowerISO (x32 Version: 5.4 - Power Software Ltd)
PrivitizeVPN (x32 Version: 1.0.0 - OOO Industry) <==== ATTENTION
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Qtrax Connection Manager (HKCU Version: 20.13.07.02 - Qtrax Inc)
Qtrax Player (HKCU Version: - portal.qtrax.com)
QuickShare (x32 Version: 1.38.61.10911 - Linkury Inc.) <==== ATTENTION
RaiderZ (x32 Version: 1.0.0.36787 - Gameforge)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.52.203.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (x32 Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Rise and Fall (x32 Version: 1.00.0000 - Midway Games)
Roads of Rome 3 (x32 Version: - Realore Studios)
Roma Surrectum Deutsch 1.1.0.5 (x32 Version: 1.1.0.5 - ecozone)
Roma Surrectum II 2.5 (x32 Version: 2.5 - Roma Surrectum Team)
Rome - Total War(TM) (x32 Version: 1.0 - Activision)
Rome - Total War(TM) (x32 Version: 1.0 - Activision) Hidden
Rome Total War - patch 1.3 (x32 Version: 1.3 - )
S4 League_EU (x32 Version: 1.00.0000 - )
Search Protect (x32 Version: 2.7.23.2 - Conduit) <==== ATTENTION
Security Task Manager 1.8g (x32 Version: 1.8g - Neuber Software)
SeeSimilar (x32 Version: 1.0.0.5 - SeeSimilar.com)
Sid Meier's Civilization IV Colonization (x32 Version: 1.00 - Firaxis Games)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Smite (x32 Version: 0.1.1850.0 - Hi-Rez Studios)
SOE Web Installer (HKCU Version: 1.0.3.171 - Sony Online Entertainment)
Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
Special Force 2 1.0 (x32 Version: - )
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Spotydl 0.9.36.0 (x32 Version: 0.9.36.0 - spotydl.com)
Spyware Doctor 8.0 (x32 Version: 8.0 - PC Tools)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 (x32 Version: 1.00 - Firefly Studios)
surf aand kEEp (x32 Version: 1.2.0.1049 - surif aand keep) <==== ATTENTION
Swords and Sandals 3 Multiplae Ultratus (x32 Version: 1.2.7 - 3rdsense Pty Ltd)
System Requirements Lab CYRI (x32 Version: 6.0.7.0 - Husdawg, LLC)
System Requirements Lab Detection (x32 Version: 1.0.5.0 - Husdawg, LLC)
System Requirements Lab for Intel (x32 Version: 4.5.13.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (Version: 9.9.2 - )
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
The War Z version 1.0 (x32 Version: 1.0 - Arktos Entertainment Group LLC)
Tube Karaoke (x32 Version: - Dacotta SoftEngineering)
Tunngle beta (x32 Version: - Tunngle.net GmbH)
Turbo Key (x32 Version: 1.01.03 - )
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Vanguard: Saga of Heroes (x32 Version: 1.00.000 - Sigil Games Online)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (x32 Version: 1.34 - VIA Technologies, Inc.)
Video downloader 2.0.0.433 (Version: 2.0.0.433 - Southstarco)
VirtualCloneDrive (x32 Version: - Elaborate Bytes)
VLC media player 2.0.2 (x32 Version: 2.0.2 - VideoLAN)
VLC Media Player DB Toolbar Toolbar (x32 Version: - )
War Thunder Launcher 1.0.1.278 (x32 Version: - 2013 Gaijin Entertainment Corporation)
Wargame AirLand Battle (c) Focus Home Interactive version RLD! (x32 Version: RLD! - )
Winamp (x32 Version: 5.63 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR 4.00 (64-Bit) (Version: 4.00.0 - win.rar GmbH)
World of Tanks (x32 Version: - Wargaming.net)
Xfire (remove only) (x32 Version: - )
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
YGOPro DevPro Version 1.9.6 r0 (x32 Version: 1.9.6 r0 - YGOPro DevPro Online)
Yontoo 1.12.02 (Version: 1.12.02 - Yontoo LLC) <==== ATTENTION
YoutubeAdblocker (x32 Version: 2.3.0.1751 - YoutubeAdblocker) <==== ATTENTION
Zip Opener Packages (HKCU Version: - ) <==== ATTENTION
Zune (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
==================== Restore Points =========================
04-02-2014 12:03:18 Windows-Sicherung
04-02-2014 12:09:33 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
04-02-2014 12:10:40 Installed League of Legends
04-02-2014 12:11:27 DirectX wurde installiert
04-02-2014 14:39:51 Windows-Sicherung
04-02-2014 16:41:35 Windows-Sicherung
04-02-2014 17:06:40 Windows-Sicherung
04-02-2014 18:20:49 Windows Defender Checkpoint
10-02-2014 16:09:55 Windows-Sicherung
11-02-2014 14:49:45 Windows Update
11-02-2014 15:28:55 Installed Java 7 Update 51
11-02-2014 15:33:50 avast! Free Antivirus Setup
11-02-2014 16:17:07 Norton_Power_Eraser_20140211171701336
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {07441F79-075D-46D1-9621-B4385A0413E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-18] (Google Inc.)
Task: {0ACDB7B0-58EC-44A5-B853-C74A95AB7C8B} - System32\Tasks\{350C38A0-1817-4215-9180-5D11686186E7} => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe [2011-11-26] ()
Task: {175BF8A3-9AD4-4F9A-B98B-598E8F706334} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-18] (Google Inc.)
Task: {2691ADFB-DB4E-45E7-9439-ACD0C99AA70D} - System32\Tasks\{B7AB28D8-B0B8-4B92-82A6-19F4C878FB44} => C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe [2013-03-05] (Sony Online Entertainment)
Task: {278F70B7-06C4-4D40-B948-858B1C8E33C9} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {2B8021C3-95EB-4032-8827-F4F20FC80119} - System32\Tasks\{2AF4B969-DDA4-42BC-AC4D-0202126F86FA} => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe [2011-11-26] ()
Task: {2E3A57BD-04E8-453A-AE42-B25FECD4F834} - System32\Tasks\{B08B504C-C99F-4CA5-AB04-41F9856C1544} => C:\Program Files (x86)\American Conquest - Fight Back\dmcr.exe [2003-04-24] (-GSC-)
Task: {46983AB9-9DB0-4B15-9866-70EB3D8ED964} - System32\Tasks\Digital Sites => C:\Users\Pc\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: {4913A02B-EF24-4AAE-98AF-0834AF4DCD6F} - System32\Tasks\{BB6CE9F5-E484-406C-AD0E-5A4DC75E4283} => D:\support\DrvSetup.exe
Task: {742E0C46-1F1B-4465-9AFF-E499A0C68AA9} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {78BBB10A-F364-4E92-8219-8439ED42836E} - System32\Tasks\PileFile reminder => C:\Users\Pc\AppData\Local\Temp\Rust ESP GOD SPAWN HackDownload_BE8D\Rust_ESP_GOD_SPAWN_Hack_Downloader.exe <==== ATTENTION
Task: {7F1E600F-A1FB-44A2-95B1-0A9CFB4AED02} - System32\Tasks\{BEE78D85-4CF3-4479-8433-33E17174DFEB} => C:\Program Files (x86)\American Conquest - Fight Back\dmcr.exe [2003-04-24] (-GSC-)
Task: {85F44FDF-4E73-4F08-858C-DC3F9505CFEB} - System32\Tasks\DSite => C:\Users\Pc\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {8BDCC15A-AFC6-4F6B-9A3E-2D7C1ACF8C54} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {8EDAF150-B25F-4F96-8025-08EF10739F82} - System32\Tasks\{31CDF611-4FF3-4119-866C-074E0E880CD6} => D:\support\DrvSetup.exe
Task: {8EDF384F-376F-4AB7-BA38-D81A4DAC2105} - System32\Tasks\DealPly => C:\Users\Pc\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {981EBD38-9CF4-43D6-917F-8EFD65DC3C76} - System32\Tasks\{59A28418-2F35-48CC-8491-DB29133B4A07} => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe [2011-11-26] ()
Task: {99E34A15-E072-4951-88AF-47AFBAFFADE7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9F055FC0-CA38-4918-A35F-E6909C3003BB} - System32\Tasks\{0CA4769F-3858-49F3-9E24-950045D22EC6} => D:\support\DrvSetup.exe
Task: {9FE6EAD7-A7CA-4ADC-BDE3-78CA35F5CD32} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07] (Adobe Systems Incorporated)
Task: {ADB9BBC4-A3DA-49FF-A644-3E893812D24D} - System32\Tasks\PileFile logon => C:\Users\Pc\AppData\Local\Temp\Rust ESP GOD SPAWN HackDownload_BE8D\Rust_ESP_GOD_SPAWN_Hack_Downloader.exe <==== ATTENTION
Task: {B2D48DE0-F4A7-42F9-816C-1AC56B1A8872} - System32\Tasks\DealPlyUpdate => C:\Program
Task: {B5285F3B-D7AF-45AE-9F2E-1BB7DBCFE22C} - System32\Tasks\EPUpdater => C:\Users\Pc\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {B7F72847-9DC9-4BB9-83F3-9AADE971AD15} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-14] (ASUSTeK Computer Inc.)
Task: {BDAE8D31-C31A-436B-B816-F52EBF6947BA} - System32\Tasks\{69E6A0E4-9323-4511-9F4D-F69A398016E0} => D:\support\DrvSetup.exe
Task: {BE8F4974-67DF-4139-8246-206804A585FD} - System32\Tasks\{0C835611-E4AA-47E2-B53B-38A3543F30E8} => C:\Program Files (x86)\Cossacks - Back To War\dmcr.exe
Task: {C68FBEF9-502F-4103-B36B-27B4CDCDDD95} - System32\Tasks\{DA870EE4-507F-42F9-9DFB-BB41BD1ACED8} => C:\Program Files (x86)\American Conquest - Fight Back\dmcr.exe [2003-04-24] (-GSC-)
Task: {CA19F92B-7524-4334-B5E5-3F47A5A3A453} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {D57D1710-AB16-40CD-A68E-A83485C47529} - System32\Tasks\{C02B44A9-7C7F-4B5E-87FD-8BFE74268C40} => C:\Program Files (x86)\American Conquest - Fight Back\dmcr.exe [2003-04-24] (-GSC-)
Task: {EB55C353-1ABB-4AFA-91C2-31D786524836} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {F04B063C-0CD8-4D1E-941D-A30B17FF7A50} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Pc\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\Pc\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-01 06:31 - 2013-11-01 06:31 - 02329928 _____ () C:\Users\Pc\AppData\Local\Pokki\ocdeskband_0.dll
2011-04-11 04:34 - 2011-04-11 04:34 - 00003584 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\LogicNP.PropSheetExtensionHelper_x64.dll
2011-05-10 01:56 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-10-18 00:42 - 2009-03-19 21:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2012-10-18 00:42 - 2009-03-19 21:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2012-10-18 00:42 - 2009-01-15 13:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2012-10-18 00:42 - 2009-03-25 15:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2013-08-18 17:42 - 2014-01-24 22:17 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-11 17:54 - 2011-09-01 14:50 - 00157656 _____ () C:\Program Files (x86)\PC Tools Security\NetworkLayer\PCTCFHook.dll
2014-02-11 17:54 - 2011-09-01 14:50 - 00091608 _____ () C:\Program Files (x86)\PC Tools Security\avengine\sdkBSCtrl.dll
2014-02-11 17:54 - 2011-09-01 14:51 - 01394648 _____ () C:\Program Files (x86)\PC Tools Security\UserModeFileCache.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2012-10-18 00:33 - 2009-04-29 13:24 - 00253952 _____ () C:\Program Files\ASUS\Turbo Key\pngio.dll
2012-10-18 00:33 - 2009-04-29 13:24 - 00208896 _____ () C:\Program Files\ASUS\Turbo Key\AiNap.dll
2012-10-18 00:33 - 2009-04-29 13:24 - 00008704 _____ () C:\Program Files\ASUS\Turbo Key\vvc.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00569856 _____ () C:\Users\Pc\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 01400846 _____ () C:\Users\Pc\AppData\Local\Pokki\Engine\avcodec-54.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00151054 _____ () C:\Users\Pc\AppData\Local\Pokki\Engine\avutil-51.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00222734 _____ () C:\Users\Pc\AppData\Local\Pokki\Engine\avformat-54.dll
2013-12-20 11:56 - 2013-12-20 11:56 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-07 20:54 - 2011-04-07 20:54 - 00239720 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe /S
MSCONFIG\startupreg: cefbaeacdccceasacfsfdsf => "C:\ProgramData\cefbaeacdccceasacfsfdsf.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: ISUSPM => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
MSCONFIG\startupreg: LogitechSoftwareUpdate => "C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe" boot
MSCONFIG\startupreg: LogitechVideoRepair => C:\Program Files (x86)\Logitech\Video\ISStart.exe /RegAll
MSCONFIG\startupreg: LogitechVideoTray => C:\Program Files (x86)\Logitech\Video\LogiTray.exe
MSCONFIG\startupreg: Pokki => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
MSCONFIG\startupreg: QtraxNotification => C:\Users\Pc\Qtrax\Player\Notification.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Pc\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Pc\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
==================== Faulty Device Manager Devices =============
Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PC Tools Data Store
Description: PC Tools Data Store
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pctDS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/11/2014 05:48:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/11/2014 03:43:11 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
0x80080005
Error: (02/05/2014 01:05:13 PM) (Source: Application Hang) (User: )
Description: Programm Infestation.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 105c
Startzeit: 01cf22667e20cc8f
Endzeit: 281
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\The War Z\Infestation.exe
Berichts-ID:
Error: (02/05/2014 10:07:05 AM) (Source: Winlogon) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (02/04/2014 10:22:24 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: wwanapi.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5be0a8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000333eb
ID des fehlerhaften Prozesses: 0x714
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (02/04/2014 10:15:34 PM) (Source: Winlogon) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (02/04/2014 07:20:49 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {eb0c23e6-5da4-4c15-af73-54cfc9bff500}
Error: (02/04/2014 06:07:56 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 978
Startzeit: 01cf21cb7fe36447
Endzeit: 62
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: e06d2591-8dbe-11e3-badf-3085a94266a8
Error: (02/04/2014 06:06:17 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Der RPC-Server ist nicht verfügbar. (0x800706BA)"
Error: (02/04/2014 05:33:07 PM) (Source: Winlogon) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
System errors:
=============
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Diagnosesystemhost" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sitzungs-Manager für Desktopfenster-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Programmkompatibilitäts-Assistent-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerkverbindungen" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Zugriff auf Eingabegeräte" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Offlinedateien" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2014 09:44:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Audio-Endpunkterstellung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (02/11/2014 05:48:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pc\Downloads\SoftonicDownloader_fuer_pc-tools-spyware-doctor-mit-antivirus-2011.exe
Error: (02/11/2014 03:43:11 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x80080005
Error: (02/05/2014 01:05:13 PM) (Source: Application Hang)(User: )
Description: Infestation.exe0.0.0.0105c01cf22667e20cc8f281C:\Program Files (x86)\Steam\steamapps\common\The War Z\Infestation.exe
Error: (02/05/2014 10:07:05 AM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000
Error: (02/04/2014 10:22:24 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4wwanapi.dll6.1.7600.163854a5be0a8c000000500000000000333eb71401cf21ee3eb25316C:\Windows\Explorer.EXEC:\Windows\system32\wwanapi.dll70658b1d-8de2-11e3-bd0b-3085a94266a8
Error: (02/04/2014 10:15:34 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000
Error: (02/04/2014 07:20:49 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {eb0c23e6-5da4-4c15-af73-54cfc9bff500}
Error: (02/04/2014 06:07:56 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.508797801cf21cb7fe3644762C:\Program Files (x86)\Mozilla Firefox\firefox.exee06d2591-8dbe-11e3-badf-3085a94266a8
Error: (02/04/2014 06:06:17 PM) (Source: Windows Backup)(User: )
Description: Der RPC-Server ist nicht verfügbar. (0x800706BA)
Error: (02/04/2014 05:33:07 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000
CodeIntegrity Errors:
===================================
Date: 2014-02-11 21:35:50.012
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 21:35:49.887
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 21:35:16.487
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 21:35:16.378
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 17:29:57.547
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 17:29:57.438
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 17:29:25.599
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 17:29:25.489
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 16:57:44.864
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-11 16:57:44.755
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 8174.12 MB
Available physical RAM: 4613.23 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 12342.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (Windows7) (Fixed) (Total:931.41 GB) (Free:261.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 85EAEEE9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
Ran by Pc (administrator) on PC-PC on 11-02-2014 22:27:43
Running from C:\Users\Pc\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Pokki) C:\Users\Pc\AppData\Local\Pokki\Engine\pokki.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Turbo Key\TurboKey.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\pctsGui.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(AutoIt Team) C:\Users\Pc\cc4j5zs76kd2kj\SQeUDVpi.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
(Pokki) C:\Users\Pc\AppData\Local\Pokki\Engine\pokki.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Pokki) C:\Users\Pc\AppData\Local\Pokki\Engine\pokki.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\upgrade.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Cpu Level Up help] - C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Turbo Key] - C:\Program Files\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ISTray] - C:\Program Files (x86)\PC Tools Security\pctsGui.exe [1600984 2011-09-01] (PC Tools)
HKLM-x32\...\Run: [PCTools FGuard] - C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [247760 2011-09-01] (Threat Expert Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [Akamai NetSession Interface] - "C:\Users\Pc\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [HydraVisionMDEngine] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [569344 2011-07-07] (AMD)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-07] (AMD)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [Load] - C:\Users\Pc\AppData\Roaming\vbc.exe [1169224 2010-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [Wcenter] - C:\Users\Pc\AppData\Roaming\Microsoft\Wcenter34.exe [32768 2010-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\RunOnce: [cc4j5zs76kd2kj] - C:\Users\Pc\cc4j5zs76kd2kj\92050.vbs [190 2014-02-11] ()
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\MountPoints2: {045dbeba-7158-11e3-9483-3085a94266a8} - E:\setup.exe
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\MountPoints2: {2549caac-7476-11e2-9477-3085a94266a8} - H:\Startme.exe
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => File Not Found
AppInit_DLLs-x32: c:\progra~2\gs-ena~1\browsafe.dll => File Not Found
Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk
ShortcutTarget: start.lnk -> C:\Users\Pc\cc4j5zs76kd2kj\92050.vbs ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEA5B1E2628BDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\VLC Media Player DB Toolbar Toolbar\tbhelper.dll ()
URLSearchHook: HKCU - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
SearchScopes: HKLM-x32 - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP09C9C74C-9231-4E89-8648-D5B7D174D75E&q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0e6090c-d942-4ce4-94f4-095b9a73bb7a&searchtype=ds&q={searchTerms}&installDate=07/04/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP09C9C74C-9231-4E89-8648-D5B7D174D75E&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.holasearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=289500240103DCA8&affID=121963&tsp=4980
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: FuNDeaulls - {4CEECF2F-7433-3E1D-4954-FE2A3682FC20} - C:\ProgramData\FuNDeaulls\DD2qL.x64.dll No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: 50Coeuupons - {A257D1AE-C8F9-32E7-03CF-8F68563FB5A4} - C:\ProgramData\50Coeuupons\gKoa.x64.dll No File
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll No File
Winsock: Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 18 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 18 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566
FF user.js: detected! => C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566\user.js
FF NewTab: hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=EB_SSPV&Lay=1&UM=2&UP=SP09C9C74C-9231-4E89-8648-D5B7D174D75E
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Pc\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: pokki.com/PokkiDownloadHelper - C:\Users\Pc\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566\searchplugins\ividi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-03]
FF HKLM\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-02-11]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools Security\BDT\Firefox\
FF Extension: Browser Defender Toolbar - C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ []
FF HKCU\...\Firefox\Extensions: [lyricsmonkey@mendoni.net] - C:\Program Files (x86)\LyricsMonkey\FF\
FF HKCU\...\Firefox\Extensions: [YTKaraoke@DacSoft.org] - C:\Program Files (x86)\YTKaraoke\FF\
Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP09C9C74C-9231-4E89-8648-D5B7D174D75E
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP09C9C74C-9231-4E89-8648-D5B7D174D75E"
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP09C9C74C-9231-4E89-8648-D5B7D174D75E&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Happy Cloud Plugin) - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
CHR Plugin: (SOE Web Installer) - C:\Users\Pc\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
CHR Plugin: (Pokki Download Helper) - C:\Users\Pc\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (FuNDeaulls) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimkiigpdkahjnigfhahhebfencphpll [2013-12-31]
CHR Extension: (Coupons Malibu) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnofepcmbghfcimfbjicplikedjcnalm [2013-09-03]
CHR Extension: (BargainJoy) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\khongjfjjmklggionajlpjcpmnppdace [2013-09-09]
CHR Extension: (Google Wallet) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (50Coeuupons) - C:\ProgramData\cfcjpjohfcdpkpkiobmplajfgaafdgpb [2013-12-31]
CHR HKLM\...\Chrome\Extension: [bmobdmpfgfimbnmhhnkmmecdboblafdh] - C:\Users\Pc\AppData\Local\BazaarFriend.crx [2013-07-29]
CHR HKLM\...\Chrome\Extension: [hnofepcmbghfcimfbjicplikedjcnalm] - C:\Users\Pc\AppData\Local\CouponsMalibu.crx [2013-09-03]
CHR HKLM\...\Chrome\Extension: [khongjfjjmklggionajlpjcpmnppdace] - C:\Users\Pc\AppData\Local\BargainJoy.crx [2013-09-08]
CHR HKCU\...\Chrome\Extension: [bmobdmpfgfimbnmhhnkmmecdboblafdh] - C:\Users\Pc\AppData\Local\BazaarFriend.crx [2013-07-29]
CHR HKCU\...\Chrome\Extension: [hnofepcmbghfcimfbjicplikedjcnalm] - C:\Users\Pc\AppData\Local\CouponsMalibu.crx [2013-09-03]
CHR HKCU\...\Chrome\Extension: [khongjfjjmklggionajlpjcpmnppdace] - C:\Users\Pc\AppData\Local\BargainJoy.crx [2013-09-08]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Pc\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-09]
CHR HKLM-x32\...\Chrome\Extension: [bmobdmpfgfimbnmhhnkmmecdboblafdh] - C:\Users\Pc\AppData\Local\BazaarFriend.crx [2013-07-29]
CHR HKLM-x32\...\Chrome\Extension: [fmfnfnpmhcllokmkepffndflpnadjmma] - C:\Program Files (x86)\DealPly\DealPly.crx [2013-07-29]
CHR HKLM-x32\...\Chrome\Extension: [hnofepcmbghfcimfbjicplikedjcnalm] - C:\Users\Pc\AppData\Local\CouponsMalibu.crx [2013-09-03]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Pc\AppData\Local\Wajam\Chrome\wajam.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [khialnikbocfgkohdegnebhmmaifoglp] - C:\Program Files (x86)\LyricsMonkey\Chrome.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [khongjfjjmklggionajlpjcpmnppdace] - C:\Users\Pc\AppData\Local\BargainJoy.crx [2013-09-08]
CHR HKLM-x32\...\Chrome\Extension: [lgnhgbflngpggpmpfdkhmhmfdophhepe] - C:\Program Files (x86)\YTKaraoke\Chrome.crx [2013-09-08]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2014-02-11]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-02-10]
CHR HKLM-x32\...\Chrome\Extension: [pggagllhehfjjfgnfnfkjedjlmbchamf] - C:\Users\Pc\AppData\Roaming\SeeSimilar\SeeSimilar.crx [2013-06-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-29] (ASUSTeK Computer Inc.)
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [337872 2011-09-01] (Threat Expert Ltd.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4521720 2012-09-26] (INCA Internet Co., Ltd.)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-24] ()
R2 sdAuxService; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [371472 2011-02-18] (PC Tools)
R2 sdCoreService; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [1117144 2011-09-01] (PC Tools)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [745368 2012-11-26] (Tunngle.net GmbH)
S3 ArcService; C:\Users\Pc\Desktop\ArcService.exe [X]
S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\BrowsafeSvc.dll",service
S2 vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-07] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-05-13] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-04-14] (AVG Technologies)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2014-01-21] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-30] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-11] (Symantec Corporation)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140209.002\IDSvia64.sys [521944 2014-02-09] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-05-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140211.003\ENG64.SYS [126040 2014-02-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140211.003\EX64.SYS [2099288 2014-02-11] (Symantec Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [360696 2011-08-23] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2010-06-29] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [816016 2010-07-16] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [228392 2011-08-18] (PC Tools)
S3 RT73; C:\Windows\System32\DRIVERS\Dr71WU.sys [610816 2008-01-16] (Ralink Technology, Corp.)
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
R0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce))
R0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [79800 2012-06-19] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
R1 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-11 22:27 - 2014-02-11 22:27 - 00000000 ____D () C:\Users\Pc\Desktop\Dokus
2014-02-11 22:24 - 2014-02-11 22:27 - 00031586 _____ () C:\Users\Pc\Desktop\FRST.txt
2014-02-11 22:23 - 2014-02-11 22:27 - 00000000 ____D () C:\FRST
2014-02-11 22:22 - 2014-02-11 22:23 - 02151424 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2014-02-11 22:21 - 2014-02-11 22:21 - 00000466 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-11 22:21 - 2014-02-11 22:21 - 00000000 _____ () C:\Users\Pc\defogger_reenable
2014-02-11 22:20 - 2014-02-11 22:20 - 00050477 _____ () C:\Users\Pc\Desktop\Defogger.exe
2014-02-11 21:23 - 2014-02-11 22:00 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-02-11 21:22 - 2014-02-11 21:23 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-02-11 21:19 - 2014-02-11 21:20 - 02365840 _____ () C:\Users\Pc\Downloads\SecurityTaskManager_Setup.exe
2014-02-11 21:03 - 2014-02-11 21:03 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\TestApp
2014-02-11 20:58 - 2014-02-11 20:58 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-11 20:57 - 2014-02-11 20:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pc\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-11 18:03 - 2011-09-01 11:39 - 02189264 _____ (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2014-02-11 18:03 - 2011-09-01 11:39 - 01533904 _____ (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2014-02-11 18:03 - 2011-09-01 11:39 - 00149456 _____ (PC Tools) C:\Windows\SGDetectionTool.dll
2014-02-11 18:03 - 2011-09-01 11:38 - 00767952 _____ () C:\Windows\BDTSupport.dll
2014-02-11 18:03 - 2011-01-06 10:54 - 00002125 _____ () C:\Windows\UDB.zip
2014-02-11 18:03 - 2010-08-20 09:50 - 00000882 _____ () C:\Windows\RegSDImport.xml
2014-02-11 18:03 - 2010-01-22 08:44 - 00000879 _____ () C:\Windows\RegISSImport.xml
2014-02-11 18:03 - 2008-11-26 11:08 - 00000131 _____ () C:\Windows\IDB.zip
2014-02-11 17:54 - 2014-02-11 21:51 - 00000000 ____D () C:\Program Files (x86)\PC Tools Security
2014-02-11 17:54 - 2014-02-11 18:16 - 00141312 _____ (PC Tools) C:\Windows\system32\Drivers\pctwfpfilter64.sys
2014-02-11 17:54 - 2014-02-11 17:55 - 02514894 _____ () C:\Windows\system32\Drivers\Cat.DB
2014-02-11 17:54 - 2014-02-11 17:54 - 00002072 _____ () C:\Users\Public\Desktop\Spyware Doctor.lnk
2014-02-11 17:54 - 2011-08-23 11:45 - 00360696 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore64.sys
2014-02-11 17:54 - 2011-08-18 09:31 - 00228392 _____ (PC Tools) C:\Windows\system32\Drivers\PCTSD64.sys
2014-02-11 17:54 - 2011-07-19 09:23 - 00092896 _____ (PC Tools) C:\Windows\system32\Drivers\pctplsg64.sys
2014-02-11 17:54 - 2011-07-19 09:18 - 00336512 _____ (PC Tools) C:\Windows\system32\Drivers\pctgntdi64.sys
2014-02-11 17:54 - 2010-07-16 14:53 - 00816016 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA64.sys
2014-02-11 17:54 - 2010-06-29 10:35 - 00452872 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS64.sys
2014-02-11 17:50 - 2014-02-11 17:54 - 00000000 ____D () C:\ProgramData\PC Tools
2014-02-11 17:50 - 2014-02-11 17:50 - 00507360 _____ () C:\Users\Pc\Desktop\sdsetup_2011.exe
2014-02-11 16:55 - 2014-02-11 21:33 - 00035740 _____ () C:\Windows\PFRO.log
2014-02-11 16:54 - 2014-02-11 16:54 - 00000000 ____D () C:\ProgramData\SMR410
2014-02-11 16:50 - 2014-02-11 17:34 - 00000000 ____D () C:\Users\Pc\AppData\Local\NPE
2014-02-11 16:38 - 2014-02-11 16:38 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-02-11 16:37 - 2014-02-11 16:37 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-02-11 16:37 - 2014-02-11 16:37 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-02-11 16:37 - 2014-02-11 16:37 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-02-11 16:37 - 2014-02-11 16:37 - 00002585 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-11 16:37 - 2014-02-11 16:37 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-11 16:35 - 2014-02-11 21:35 - 00000280 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-11 16:35 - 2014-02-11 21:23 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\DigitalSites
2014-02-11 16:35 - 2014-02-11 16:35 - 00003208 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-11 16:35 - 2014-02-11 16:35 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-02-11 16:35 - 2014-02-11 16:35 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-11 16:30 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-11 16:30 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-11 16:30 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-11 16:30 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-11 16:29 - 2014-02-11 16:30 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-11 16:27 - 2014-02-11 16:32 - 223165336 ____N (Symantec Corporation) C:\Users\Pc\Downloads\NIS_21.1.0.18_SYMTB_TMD_MRFTT_820_10131.exe
2014-02-11 16:19 - 2014-02-11 21:45 - 00000280 _____ () C:\Windows\setupact.log
2014-02-11 16:19 - 2014-02-11 16:19 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-11 15:59 - 2014-02-11 15:59 - 00003582 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-02-11 15:59 - 2014-02-11 15:59 - 00003160 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-02-11 15:59 - 2014-02-11 15:59 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Oxy
2014-02-11 15:34 - 2014-02-11 15:34 - 00000000 _RSHD () C:\Users\Pc\cc4j5zs76kd2kj
2014-02-04 16:14 - 2013-09-29 23:55 - 00043810 _____ () C:\Users\Pc\AppData\Roaming\poclbm130302.cl
2014-02-04 16:14 - 2013-06-12 15:15 - 00119888 _____ (Open Source Software community LGPL) C:\Users\Pc\AppData\Roaming\pthreadGC2.dll
2014-02-04 16:14 - 2013-06-12 15:15 - 00100864 _____ () C:\Users\Pc\AppData\Roaming\zlib1.dll
2014-02-04 15:05 - 2014-02-11 21:23 - 00000000 _RSHD () C:\Users\Pc\aoajz
2014-02-04 13:49 - 2014-02-04 13:49 - 00347816 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\MicrosoftFixit.WinSecurity.FISC.37314945131128502.8.1.Run.exe
2014-02-04 13:45 - 2014-02-04 13:45 - 00000134 _____ () C:\Users\Pc\Desktop\Microsoft Fix*it.url
2014-02-04 13:42 - 2014-02-04 13:42 - 00347816 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\MicrosoftFixit.WindowsFirewall.RNP.Run.exe
2014-02-04 13:11 - 2014-02-04 13:11 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-02-04 13:09 - 2014-02-04 13:12 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Riot Games
2014-02-04 13:07 - 2014-02-04 13:08 - 34888568 _____ (Riot Games) C:\Users\Pc\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-02-04 12:20 - 2014-02-04 12:20 - 00001024 _____ () C:\Windows\SysWOW64\.rnd
2014-02-04 12:08 - 2014-02-11 21:23 - 00000000 _RSHD () C:\Users\Pc\xripb
2014-02-02 13:32 - 2014-02-02 13:32 - 00000000 ___SH () C:\Users\Pc\AppData\Local\LumaEmu
2014-02-02 13:28 - 2014-02-02 13:28 - 00000000 ____D () C:\Users\Pc\Desktop\RustClient_v19.12.2013
2014-02-02 13:20 - 2014-02-02 13:21 - 06499816 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\vcredist_x86.exe
2014-01-29 14:14 - 2014-01-29 14:14 - 00000631 _____ () C:\Windows\system32\InstallUtil.InstallLog
2014-01-21 10:23 - 2014-02-04 12:20 - 00000000 ____D () C:\Users\Pc\AppData\Local\CyberGhost
2014-01-21 10:22 - 2014-01-21 10:27 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-01-21 10:22 - 2014-01-21 10:23 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-01-21 10:22 - 2014-01-21 10:22 - 00001736 _____ () C:\Users\Pc\Desktop\CyberGhost 5.lnk
2014-01-21 10:21 - 2014-01-21 10:21 - 08566128 _____ (CyberGhost S.R.L. ) C:\Users\Pc\Downloads\CG_5.0.9.8chip.de.exe
2014-01-15 13:29 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 13:29 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 13:29 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2014-02-11 22:27 - 2014-02-11 22:27 - 00000000 ____D () C:\Users\Pc\Desktop\Dokus
2014-02-11 22:27 - 2014-02-11 22:24 - 00031586 _____ () C:\Users\Pc\Desktop\FRST.txt
2014-02-11 22:27 - 2014-02-11 22:23 - 00000000 ____D () C:\FRST
2014-02-11 22:23 - 2014-02-11 22:22 - 02151424 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2014-02-11 22:21 - 2014-02-11 22:21 - 00000466 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-11 22:21 - 2014-02-11 22:21 - 00000000 _____ () C:\Users\Pc\defogger_reenable
2014-02-11 22:21 - 2012-10-18 00:39 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-11 22:21 - 2012-09-28 18:04 - 00000000 ____D () C:\Users\Pc
2014-02-11 22:20 - 2014-02-11 22:20 - 00050477 _____ () C:\Users\Pc\Desktop\Defogger.exe
2014-02-11 22:00 - 2014-02-11 21:23 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-02-11 21:59 - 2013-10-05 14:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-11 21:51 - 2014-02-11 17:54 - 00000000 ____D () C:\Program Files (x86)\PC Tools Security
2014-02-11 21:45 - 2014-02-11 16:19 - 00000280 _____ () C:\Windows\setupact.log
2014-02-11 21:36 - 2011-05-15 23:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-11 21:35 - 2014-02-11 16:35 - 00000280 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-11 21:35 - 2013-05-21 18:33 - 00000274 _____ () C:\Windows\Tasks\DSite.job
2014-02-11 21:34 - 2012-10-18 00:39 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-11 21:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 21:33 - 2014-02-11 16:55 - 00035740 _____ () C:\Windows\PFRO.log
2014-02-11 21:31 - 2009-07-14 05:45 - 00010784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-11 21:31 - 2009-07-14 05:45 - 00010784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-11 21:23 - 2014-02-11 21:22 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-02-11 21:23 - 2014-02-11 16:35 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\DigitalSites
2014-02-11 21:23 - 2014-02-04 15:05 - 00000000 _RSHD () C:\Users\Pc\aoajz
2014-02-11 21:23 - 2014-02-04 12:08 - 00000000 _RSHD () C:\Users\Pc\xripb
2014-02-11 21:23 - 2013-12-31 15:25 - 00000000 ____D () C:\ProgramData\FuNDeaulls
2014-02-11 21:23 - 2013-12-31 15:25 - 00000000 ____D () C:\ProgramData\50Coeuupons
2014-02-11 21:23 - 2013-10-11 13:19 - 00000000 ____D () C:\Program Files (x86)\Unitech LLC
2014-02-11 21:20 - 2014-02-11 21:19 - 02365840 _____ () C:\Users\Pc\Downloads\SecurityTaskManager_Setup.exe
2014-02-11 21:03 - 2014-02-11 21:03 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\TestApp
2014-02-11 20:58 - 2014-02-11 20:58 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-11 20:58 - 2013-08-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-11 20:57 - 2014-02-11 20:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pc\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-11 20:02 - 2012-12-07 23:10 - 00000000 ____D () C:\Users\Pc\AppData\Local\Pokki
2014-02-11 18:16 - 2014-02-11 17:54 - 00141312 _____ (PC Tools) C:\Windows\system32\Drivers\pctwfpfilter64.sys
2014-02-11 17:55 - 2014-02-11 17:54 - 02514894 _____ () C:\Windows\system32\Drivers\Cat.DB
2014-02-11 17:54 - 2014-02-11 17:54 - 00002072 _____ () C:\Users\Public\Desktop\Spyware Doctor.lnk
2014-02-11 17:54 - 2014-02-11 17:50 - 00000000 ____D () C:\ProgramData\PC Tools
2014-02-11 17:50 - 2014-02-11 17:50 - 00507360 _____ () C:\Users\Pc\Desktop\sdsetup_2011.exe
2014-02-11 17:34 - 2014-02-11 16:50 - 00000000 ____D () C:\Users\Pc\AppData\Local\NPE
2014-02-11 16:55 - 2012-12-20 15:52 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-11 16:54 - 2014-02-11 16:54 - 00000000 ____D () C:\ProgramData\SMR410
2014-02-11 16:51 - 2012-10-18 00:43 - 00000000 ____D () C:\ProgramData\Norton
2014-02-11 16:38 - 2014-02-11 16:38 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-02-11 16:37 - 2014-02-11 16:37 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-02-11 16:37 - 2014-02-11 16:37 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-02-11 16:37 - 2014-02-11 16:37 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-02-11 16:37 - 2014-02-11 16:37 - 00002585 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-11 16:37 - 2014-02-11 16:37 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-11 16:35 - 2014-02-11 16:35 - 00003208 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-11 16:35 - 2014-02-11 16:35 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-02-11 16:35 - 2014-02-11 16:35 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-11 16:35 - 2013-07-29 11:35 - 00000196 _____ () C:\Users\Pc\AppData\Roaming\WB.CFG
2014-02-11 16:32 - 2014-02-11 16:27 - 223165336 ____N (Symantec Corporation) C:\Users\Pc\Downloads\NIS_21.1.0.18_SYMTB_TMD_MRFTT_820_10131.exe
2014-02-11 16:32 - 2013-10-20 11:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-11 16:30 - 2014-02-11 16:29 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-11 16:30 - 2013-07-20 17:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-11 16:19 - 2014-02-11 16:19 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-11 16:17 - 2011-05-10 01:27 - 01478483 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 16:03 - 2013-02-23 20:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-11 16:03 - 2012-11-10 17:56 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\DAEMON Tools Lite
2014-02-11 16:03 - 2012-11-02 19:39 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\uTorrent
2014-02-11 16:03 - 2012-10-26 14:14 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\TS3Client
2014-02-11 16:03 - 2012-10-20 13:46 - 00000000 ____D () C:\Users\Pc\AppData\Local\CrashDumps
2014-02-11 16:03 - 2012-10-18 15:02 - 00000000 ____D () C:\Windows\Minidump
2014-02-11 15:59 - 2014-02-11 15:59 - 00003582 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-02-11 15:59 - 2014-02-11 15:59 - 00003160 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-02-11 15:59 - 2014-02-11 15:59 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Oxy
2014-02-11 15:34 - 2014-02-11 15:34 - 00000000 _RSHD () C:\Users\Pc\cc4j5zs76kd2kj
2014-02-11 15:34 - 2012-09-28 18:06 - 00000000 ___RD () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-11 15:33 - 2012-10-20 20:58 - 00000000 ____D () C:\Users\Pc\AppData\Local\PMB Files
2014-02-11 15:33 - 2012-10-20 20:58 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-11 15:20 - 2012-10-26 13:15 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Skype
2014-02-10 18:30 - 2009-07-14 11:54 - 00710502 _____ () C:\Windows\system32\perfh007.dat
2014-02-10 18:30 - 2009-07-14 11:54 - 00154832 _____ () C:\Windows\system32\perfc007.dat
2014-02-10 18:30 - 2009-07-14 06:13 - 01651686 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-07 17:18 - 2013-09-14 20:24 - 00000424 _____ () C:\Users\Pc\Desktop\Accounts.txt
2014-02-07 14:59 - 2013-10-05 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-07 14:59 - 2012-12-10 18:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-07 14:59 - 2012-12-10 18:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 12:36 - 2013-12-28 11:49 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-05 12:36 - 2013-08-18 17:42 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-04 15:46 - 2013-08-18 17:42 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-04 15:25 - 2013-12-28 14:47 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-02-04 15:25 - 2013-12-28 14:47 - 00000000 ____D () C:\ProgramData\surf aand kEEp
2014-02-04 15:25 - 2013-12-28 14:47 - 00000000 ____D () C:\Program Files (x86)\surf aand kEEp
2014-02-04 13:49 - 2014-02-04 13:49 - 00347816 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\MicrosoftFixit.WinSecurity.FISC.37314945131128502.8.1.Run.exe
2014-02-04 13:45 - 2014-02-04 13:45 - 00000134 _____ () C:\Users\Pc\Desktop\Microsoft Fix*it.url
2014-02-04 13:42 - 2014-02-04 13:42 - 00347816 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\MicrosoftFixit.WindowsFirewall.RNP.Run.exe
2014-02-04 13:12 - 2014-02-04 13:09 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Riot Games
2014-02-04 13:11 - 2014-02-04 13:11 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-02-04 13:11 - 2012-10-28 14:16 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-02-04 13:08 - 2014-02-04 13:07 - 34888568 _____ (Riot Games) C:\Users\Pc\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-02-04 12:20 - 2014-02-04 12:20 - 00001024 _____ () C:\Windows\SysWOW64\.rnd
2014-02-04 12:20 - 2014-01-21 10:23 - 00000000 ____D () C:\Users\Pc\AppData\Local\CyberGhost
2014-02-02 13:32 - 2014-02-02 13:32 - 00000000 ___SH () C:\Users\Pc\AppData\Local\LumaEmu
2014-02-02 13:28 - 2014-02-02 13:28 - 00000000 ____D () C:\Users\Pc\Desktop\RustClient_v19.12.2013
2014-02-02 13:27 - 2013-02-05 20:06 - 00000000 ____D () C:\Users\Pc\Desktop\Spiele
2014-02-02 13:21 - 2014-02-02 13:20 - 06499816 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\vcredist_x86.exe
2014-02-02 13:21 - 2013-08-18 17:43 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-01 11:35 - 2013-06-17 13:35 - 00000005 _____ () C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2014-01-29 14:14 - 2014-01-29 14:14 - 00000631 _____ () C:\Windows\system32\InstallUtil.InstallLog
2014-01-26 16:16 - 2012-10-17 23:45 - 00000000 ____D () C:\Users\Pc\AppData\Local\Adobe
2014-01-25 14:59 - 2012-10-17 23:53 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9DE29845-AC8C-4418-B415-05000DEA2E9F}
2014-01-24 22:17 - 2013-08-18 17:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-24 22:12 - 2013-12-27 22:18 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-24 22:12 - 2013-12-27 22:18 - 00000000 ____D () C:\Users\Pc\AppData\Local\Deployment
2014-01-23 21:18 - 2013-02-25 14:23 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Spotify
2014-01-23 21:01 - 2013-02-25 14:24 - 00000000 ____D () C:\Users\Pc\AppData\Local\Spotify
2014-01-23 17:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-21 10:27 - 2014-01-21 10:22 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-01-21 10:23 - 2014-01-21 10:22 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-01-21 10:22 - 2014-01-21 10:22 - 00001736 _____ () C:\Users\Pc\Desktop\CyberGhost 5.lnk
2014-01-21 10:21 - 2014-01-21 10:21 - 08566128 _____ (CyberGhost S.R.L. ) C:\Users\Pc\Downloads\CG_5.0.9.8chip.de.exe
2014-01-21 09:51 - 2013-12-28 14:48 - 00000000 ____D () C:\Program Files (x86)\GS-Enabler
2014-01-17 13:57 - 2009-07-14 05:45 - 00321600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 14:30 - 2013-08-14 22:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 14:24 - 2012-10-18 05:30 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\ProgramData\cefbaeacdccceasacfsfdsf.exe
C:\ProgramData\libnspr4.dll
Some content of TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\27132-673656-spyware-doctor.exe
C:\Users\Pc\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-11 14:00
==================== End Of Log ============================
Ich habe zu viele Zeichen benutzt, weshalb ich die Log von Malwarebyte und Gmer.txt nicht reinstellen kann. |
|
12.02.2014, 10:34
| #2 |
| /// Malwareteam   |  TaskMgr,Windows Sicherheitsdient, Firewall lassen sich nicht starten und hohe CPU-Auslastung. Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld 
__________________ |
Lesestoff:
Immerhin sind viele der Fehler nun verschwunden.
Hybrid-Darstellung
