| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Plötzliche hohe "Pings" im SpielWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.03.2014, 13:21
| #1 |
| |  Plötzliche hohe "Pings" im Spiel Hallo, habe seit nun 3-4 Tagen das Problem das beim Spiel "Counterstrike Global Offensive" (Ist auch bei anderen Spielen so) der Ping häufig in die Höhe schießt. Vorher hat er sich immer so zwischen 30-40 bewegt. Manchmal ist es auch so, dass es kurz funktioniert, also das Spiel flüssig läuft und dann plötzlich wieder nicht. Hab irgendwie das gefühl das da evtl. im Hintergrund irgendws heruntergeladen wird, was nicht heruntergeladen werden soll. Deswegen wollte ich mal um Hilfe bitten, da ich mich mit Viren und ähnlichem überhaupt nicht auskenne. Danke schon einmal im Voraus Aerodyx |
|
31.03.2014, 13:25
| #2 |
| /// the machine /// TB-Ausbilder    | Plötzliche hohe "Pings" im Spiel hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
31.03.2014, 13:37
| #3 |
| | Plötzliche hohe "Pings" im Spiel Danke erst einmal für die schnelle Antwort. Muss den Text leider auf grund der Länge teilen.
__________________FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Adrian (administrator) on ADRIAN-PC on 31-03-2014 14:28:12
Running from C:\Users\Adrian\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(ICQ) C:\Users\Adrian\AppData\Roaming\ICQM\icq.exe
(Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MouseDriver] - C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] - [X]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] - C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [icq] - C:\Users\Adrian\AppData\Roaming\ICQM\icq.exe [27598184 2013-04-17] (ICQ)
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {106cce3c-cd08-11e1-bcfc-902b34113ce6} - E:\SETUP.EXE
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {20685697-74b8-11e3-b578-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {2fdae13f-97b0-11e2-b8fe-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {4f2ee534-9aba-11e2-b6dd-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {9f0a113a-9854-11e2-b44e-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {c7688dcf-8a74-11e3-85c7-902b34113ce6} - F:\SETUP.EXE
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {dbbb7a9f-b7c1-11e2-8921-902b34113ce6} - E:\Autorun.exe
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {ed8b6a71-9466-11e2-9d5c-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {fff83d48-9590-11e2-874f-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe
AppInit_DLLs-x32: 0 => "0" File Not Found
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE02B61794661CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms}
SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms}
SearchScopes: HKCU - URL hxxp://isearch.babylon.com/?q={searchTerms}&affID=44444&babsrc=SP_ss_wls_btis2&mntrId=94C5902B34113CE6
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: LavaFox V2 - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\info@djzig.com [2014-01-14]
FF Extension: DownloadHelper - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: NASA Night Launch - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\nasanightlaunch@example.com.xpi [2013-11-12]
FF Extension: Noia 4 Theme Manager - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\Noia4Options@ArisT2.xpi [2012-09-13]
FF Extension: Download status - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{9fb8c270-7124-11dd-ad8b-0800200c9a66}.xpi [2013-02-22]
FF Extension: Shine Bright Skin Aero - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-09-13]
FF Extension: Adblock Plus - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-13]
FF Extension: Noia 4 - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-04-19]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AVM IGD CTRL Service; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [81920 2005-11-21] (AVM Berlin)
S3 de_serv; C:\Program Files (x86)\Common Files\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-03] (Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-07-13] ()
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S2 Util GrabRez; "C:\Program Files (x86)\GrabRez\bin\utilGrabRez.exe" [X]
==================== Drivers (Whitelisted) ====================
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-31 14:28 - 2014-03-31 14:28 - 00016448 _____ () C:\Users\Adrian\Desktop\FRST.txt
2014-03-31 14:28 - 2014-03-31 14:28 - 00000000 ____D () C:\FRST
2014-03-31 14:27 - 2014-03-31 14:27 - 02157056 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2014-03-31 11:56 - 2014-03-31 12:23 - 00000000 ____D () C:\AdwCleaner
2014-03-31 11:55 - 2014-03-31 11:55 - 00613200 _____ (Chip Digital GmbH) C:\Users\Adrian\Desktop\AdwCleaner - CHIP-Downloader.exe
2014-03-30 11:59 - 2014-03-30 12:03 - 00000000 ____D () C:\Users\Adrian\Desktop\222
2014-03-29 19:19 - 2014-03-29 19:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-29 19:18 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-29 16:45 - 2014-03-29 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 21:29 - 2014-03-27 21:29 - 00276272 _____ () C:\Windows\Minidump\032714-18782-01.dmp
2014-03-25 19:49 - 2014-03-25 19:49 - 00003424 ____N () C:\bootsqm.dat
2014-03-19 17:00 - 2014-03-28 18:17 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2014-03-19 16:59 - 2014-03-19 16:59 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-13 21:41 - 2014-03-13 21:41 - 262162432 _____ () C:\Users\Adrian\Desktop\The Big Bang Theory - S01E02 - Chaos-Theorie.avi
2014-03-13 21:40 - 2014-03-13 21:41 - 261087232 _____ () C:\Users\Adrian\Desktop\The Big Bang Theory - S01E01 - Penny und die Physiker.avi
2014-03-13 21:40 - 2014-03-13 21:40 - 262230016 _____ () C:\Users\Adrian\Desktop\The Big Bang Theory - S01E03 - Erregungsfaktor Null.avi
2014-03-13 11:58 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 11:58 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 11:58 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 11:58 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 11:58 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 11:58 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 11:58 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 11:58 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 11:58 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 11:58 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 11:58 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 11:58 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 11:58 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 11:58 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 11:58 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 11:58 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 11:58 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 11:58 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 11:58 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 11:58 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 11:58 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 11:58 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 11:58 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 11:58 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 11:58 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 11:58 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 11:58 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 11:58 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 11:58 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 11:58 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 11:58 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 11:58 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 11:58 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 11:58 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 11:58 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 11:58 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 11:58 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 11:58 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 11:58 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 11:58 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 11:58 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 11:58 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 11:58 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 11:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 11:57 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 11:57 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 11:57 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 11:57 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 18:44 - 2014-03-10 18:50 - 00000000 ____D () C:\Users\Adrian\Desktop\Genetikk
2014-03-09 15:16 - 2014-03-09 15:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-09 15:16 - 2014-03-09 15:16 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Skype
2014-03-04 19:28 - 2014-03-29 20:03 - 00005130 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Adrian-PC-Adrian Adrian-PC
==================== One Month Modified Files and Folders =======
2014-03-31 14:28 - 2014-03-31 14:28 - 00016448 _____ () C:\Users\Adrian\Desktop\FRST.txt
2014-03-31 14:28 - 2014-03-31 14:28 - 00000000 ____D () C:\FRST
2014-03-31 14:27 - 2014-03-31 14:27 - 02157056 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2014-03-31 14:08 - 2012-07-13 19:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-31 13:59 - 2012-07-14 00:02 - 01081479 _____ () C:\Windows\WindowsUpdate.log
2014-03-31 13:39 - 2013-04-09 13:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-31 12:32 - 2012-07-14 13:08 - 00132744 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-31 12:23 - 2014-03-31 11:56 - 00000000 ____D () C:\AdwCleaner
2014-03-31 12:21 - 2013-07-13 12:49 - 00000000 ____D () C:\Program Files (x86)\eFusion
2014-03-31 12:20 - 2013-07-13 12:53 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion
2014-03-31 12:19 - 2012-07-13 21:52 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-03-31 12:14 - 2009-07-14 06:45 - 00034896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 12:14 - 2009-07-14 06:45 - 00034896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 12:07 - 2011-04-12 09:43 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2014-03-31 12:07 - 2011-04-12 09:43 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2014-03-31 12:07 - 2009-07-14 07:13 - 01629184 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 12:02 - 2013-09-23 12:18 - 00000000 ____D () C:\Users\Adrian\AppData\Local\HTC MediaHub
2014-03-31 12:01 - 2012-11-16 23:56 - 00000202 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-31 12:01 - 2012-07-14 14:48 - 00000000 ____D () C:\ProgramData\Kodak
2014-03-31 12:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 12:01 - 2009-07-14 06:51 - 00111940 _____ () C:\Windows\setupact.log
2014-03-31 11:59 - 2012-07-13 18:33 - 00000000 ____D () C:\ProgramData\ICQ
2014-03-31 11:55 - 2014-03-31 11:55 - 00613200 _____ (Chip Digital GmbH) C:\Users\Adrian\Desktop\AdwCleaner - CHIP-Downloader.exe
2014-03-31 10:42 - 2012-07-17 12:29 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe
2014-03-30 16:40 - 2013-11-03 21:40 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-03-30 12:03 - 2014-03-30 11:59 - 00000000 ____D () C:\Users\Adrian\Desktop\222
2014-03-30 09:00 - 2010-11-21 05:47 - 00750646 _____ () C:\Windows\PFRO.log
2014-03-29 20:04 - 2012-07-14 00:06 - 00000000 ___RD () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 20:03 - 2014-03-04 19:28 - 00005130 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Adrian-PC-Adrian Adrian-PC
2014-03-29 20:03 - 2012-07-14 15:17 - 00000000 ____D () C:\ProgramData\Origin
2014-03-29 20:00 - 2012-07-29 21:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-29 19:58 - 2014-03-29 19:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-29 19:46 - 2012-07-14 15:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-29 19:45 - 2012-07-13 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 19:44 - 2012-07-15 16:16 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\DVDVideoSoft
2014-03-29 19:43 - 2012-09-12 18:47 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-29 19:40 - 2013-03-25 23:13 - 00000000 ____D () C:\ProgramData\Freemake
2014-03-29 19:39 - 2012-07-20 19:41 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-29 16:45 - 2014-03-29 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 18:17 - 2014-03-19 17:00 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2014-03-27 21:29 - 2014-03-27 21:29 - 00276272 _____ () C:\Windows\Minidump\032714-18782-01.dmp
2014-03-27 21:29 - 2012-08-25 13:06 - 664573870 _____ () C:\Windows\MEMORY.DMP
2014-03-27 21:29 - 2012-08-25 13:06 - 00000000 ____D () C:\Windows\Minidump
2014-03-27 21:29 - 2012-07-14 00:06 - 00000000 ____D () C:\Users\Adrian
2014-03-27 21:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-25 19:49 - 2014-03-25 19:49 - 00003424 ____N () C:\bootsqm.dat
2014-03-20 18:17 - 2012-07-14 19:07 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Skype
2014-03-19 16:59 - 2014-03-19 16:59 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-15 23:56 - 2012-11-16 23:56 - 00000202 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-03-13 21:41 - 2014-03-13 21:41 - 262162432 _____ () C:\Users\Adrian\Desktop\The Big Bang Theory - S01E02 - Chaos-Theorie.avi
2014-03-13 21:41 - 2014-03-13 21:40 - 261087232 _____ () C:\Users\Adrian\Desktop\The Big Bang Theory - S01E01 - Penny und die Physiker.avi
2014-03-13 21:40 - 2014-03-13 21:40 - 262230016 _____ () C:\Users\Adrian\Desktop\The Big Bang Theory - S01E03 - Erregungsfaktor Null.avi
2014-03-13 20:48 - 2009-07-14 06:45 - 05126680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 18:14 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-12 20:08 - 2012-07-13 19:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 20:08 - 2012-07-13 18:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:08 - 2012-07-13 18:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 18:50 - 2014-03-10 18:44 - 00000000 ____D () C:\Users\Adrian\Desktop\Genetikk
2014-03-09 21:11 - 2013-11-03 21:42 - 00000000 _____ () C:\dfu.log
2014-03-09 15:16 - 2014-03-09 15:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-09 15:16 - 2014-03-09 15:16 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Skype
2014-03-09 15:16 - 2012-07-14 19:07 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 10:54 - 2013-11-26 20:50 - 00000000 ____D () C:\Users\Adrian\Desktop\Uni
2014-03-02 20:58 - 2014-02-23 19:57 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\HpUpdate
2014-03-02 15:05 - 2014-03-29 19:18 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-01 08:05 - 2014-03-13 11:58 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 07:17 - 2014-03-13 11:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 07:16 - 2014-03-13 11:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 06:58 - 2014-03-13 11:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 06:52 - 2014-03-13 11:58 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 06:51 - 2014-03-13 11:58 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 06:42 - 2014-03-13 11:58 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 06:40 - 2014-03-13 11:58 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 06:37 - 2014-03-13 11:58 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 06:33 - 2014-03-13 11:58 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 06:33 - 2014-03-13 11:58 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 06:32 - 2014-03-13 11:58 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 06:30 - 2014-03-13 11:58 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 06:23 - 2014-03-13 11:58 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 06:17 - 2014-03-13 11:58 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 06:11 - 2014-03-13 11:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 06:02 - 2014-03-13 11:58 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 05:54 - 2014-03-13 11:58 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 05:52 - 2014-03-13 11:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 05:51 - 2014-03-13 11:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 05:47 - 2014-03-13 11:58 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 05:43 - 2014-03-13 11:58 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 05:43 - 2014-03-13 11:58 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 05:42 - 2014-03-13 11:58 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 05:40 - 2014-03-13 11:58 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 05:38 - 2014-03-13 11:58 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 05:37 - 2014-03-13 11:58 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 05:35 - 2014-03-13 11:58 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 05:18 - 2014-03-13 11:58 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 05:16 - 2014-03-13 11:58 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 05:14 - 2014-03-13 11:58 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 05:10 - 2014-03-13 11:58 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 05:03 - 2014-03-13 11:58 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 05:00 - 2014-03-13 11:58 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 04:57 - 2014-03-13 11:58 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 04:38 - 2014-03-13 11:58 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 04:32 - 2014-03-13 11:58 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 04:27 - 2014-03-13 11:58 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 04:25 - 2014-03-13 11:58 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 04:25 - 2014-03-13 11:58 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\177586a2e115f96eb5376c91004890a9.dll
C:\Users\Adrian\AppData\Local\Temp\3f8e1a4ebebc94a212769f8f4afa1e3a.dll
C:\Users\Adrian\AppData\Local\Temp\50652bbe223916d0d5b3dc6c8920dcd2.dll
C:\Users\Adrian\AppData\Local\Temp\798b1a9cff2fc6e3b1cdcb42d594e804.dll
C:\Users\Adrian\AppData\Local\Temp\969f7038a97f04a828131152338f558a.dll
C:\Users\Adrian\AppData\Local\Temp\AskSLib.dll
C:\Users\Adrian\AppData\Local\Temp\avgnt.exe
C:\Users\Adrian\AppData\Local\Temp\avguidx.dll
C:\Users\Adrian\AppData\Local\Temp\b0b190554c6cca30e2b412430cc12464.dll
C:\Users\Adrian\AppData\Local\Temp\BrokerMediumIntegrity.exe
C:\Users\Adrian\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Adrian\AppData\Local\Temp\d168cd165ca0942b8da37d98a237a7b1.dll
C:\Users\Adrian\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Adrian\AppData\Local\Temp\GdiPlus.dll
C:\Users\Adrian\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Adrian\AppData\Local\Temp\Gw2.exe
C:\Users\Adrian\AppData\Local\Temp\htmlayout.dll
C:\Users\Adrian\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Adrian\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl-cg.dll
C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl-chk.dll
C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl.dll
C:\Users\Adrian\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Adrian\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Adrian\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Adrian\AppData\Local\Temp\oi_{0633E289-82BC-4439-BAA6-77A405B816AC}.exe
C:\Users\Adrian\AppData\Local\Temp\ose00001.exe
C:\Users\Adrian\AppData\Local\Temp\PDFReader-2.1.1.exe
C:\Users\Adrian\AppData\Local\Temp\pidgenx.dll
C:\Users\Adrian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Adrian\AppData\Local\Temp\sonarinst.exe
C:\Users\Adrian\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Adrian\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Adrian\AppData\Local\Temp\tmp_minecraft.exe
C:\Users\Adrian\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Adrian\AppData\Local\Temp\uninst1.exe
C:\Users\Adrian\AppData\Local\Temp\uninstall14078715.exe
C:\Users\Adrian\AppData\Local\Temp\uninstaller.exe
C:\Users\Adrian\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\Adrian\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-31 13:29
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Addition.txt Code:
ATTFilter Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BAC57FB3-7421-4B9C-9FFC-E05421148EDD} - System32\Tasks\{0719208C-2CE5-4966-A4FA-4F2C4AC0E035} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BB5224EA-B239-4CC5-9D1B-822BD99CFB53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BBD050D7-CFAC-4F13-86A7-77BAB09F3137} - System32\Tasks\{0A62CEB2-3CB9-45B2-A347-F4DEFC60D1D0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BD0AB871-CC49-4DFC-80F8-DD7B6EB89141} - System32\Tasks\{C8AD2075-801E-4A27-856F-99BB1DD803EC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE648EB3-3FB2-4B9F-8943-0ECB1CAC748C} - System32\Tasks\{8259E69F-DD6B-468F-8EBC-96DCFC603779} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF03D088-A109-4D46-9EC9-138CC3715235} - System32\Tasks\{BD335019-5C31-46FB-B559-9F51F0CD34B7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C0AF1E6E-F396-441B-BF04-AA3D2F880232} - System32\Tasks\{54BEA8ED-3DC0-4542-BA43-D9C978909270} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C1608724-0E8E-4B3F-B5DE-EDFCF4F5CBBC} - System32\Tasks\{04EDF74C-FDFD-43FA-A460-74D4FC91213E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C392399F-D303-4C51-9D18-43E477EBBCAC} - System32\Tasks\{7905AE71-AA5F-4C23-825D-3E72D3687E44} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C41832DD-CB7B-4BDA-8BAB-1E7BDA86C701} - System32\Tasks\{5ACB5491-1451-4F49-B65A-038634A1A46C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C44B06DA-C0B3-4C46-A17A-14554EB37AC0} - System32\Tasks\{0019D2C1-C667-4785-8CAC-607BAC53D0F8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C4B4A319-DA0A-48A9-B074-7239454A6F7B} - System32\Tasks\{0CC2D68E-4C52-4732-A34B-0B31FC3F39D3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C532DEC2-33EF-4C0F-9A00-D0478B34FE4B} - System32\Tasks\{16F1A786-4A2E-4BF3-95F1-B59135B2C7EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C631F73B-95DC-4D64-994F-76A2B5D14BB9} - System32\Tasks\{FF789501-FCD2-4BD8-8407-6BB3F60CA118} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C6DFAD91-368D-4395-8B7F-6AE13181152F} - System32\Tasks\{1C9ABCF8-56A9-46AC-BE06-817B3692542E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C7C28BC9-2B9E-4C8E-B719-84C0668C98E4} - System32\Tasks\{CB69D29C-A4CA-41FD-8193-F1BA00F166B2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CA944000-1949-4E48-B6D0-9F02BE525117} - System32\Tasks\{F8837CB9-EB32-4048-93E2-5367D395255D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CB7E11FE-98F6-48A6-80E9-E84383365492} - System32\Tasks\{F16A3856-7B5F-45C4-B910-ABCDC14D0495} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CC0ED5D6-238F-4F6D-A4A3-5637C6880659} - System32\Tasks\{902E3F55-0CA4-4755-AFA4-0CFD8F1AF000} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CC7114F2-3E85-47EC-9F6B-3C38D290E379} - System32\Tasks\{1E8807E8-3339-42FC-BF0F-A954673A4DBD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CC908764-7380-45D6-8188-D32107688266} - System32\Tasks\{A0B18EA9-6757-4214-AEE5-7364167605D4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CD012420-2383-44BF-9F41-49191DFC9A21} - System32\Tasks\{572BE9F5-90BE-4BB0-AB82-065AEC467CC5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CDA7559F-B427-405B-B06E-93B93FBB5C50} - System32\Tasks\{52222379-1040-4E93-B1B8-E08F577B9B51} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CDE9B542-AF6A-41E9-96A4-335470CE8F38} - System32\Tasks\{1C91D7CD-4A65-4DBB-8F8A-DA5A24052521} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE1AE842-3DA7-4AEF-9CDC-C26E486D803B} - System32\Tasks\{EA5600CC-3703-46B1-AA26-AF70432F2C7C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE9ECED7-11FF-43F5-963D-5BA2DDB307D4} - System32\Tasks\{58C98A47-B60D-499A-8FE8-BB8188C7B2B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D09CF64F-1D6C-4EB1-9361-ED114A4272A9} - System32\Tasks\{61CFB0EA-76CE-4EEF-85EB-B5BF29BC3441} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D170E276-9761-4396-8643-CF2B3BFF976B} - System32\Tasks\{1F209449-5698-4FAB-A8F0-56ABD447B00F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D19744B0-4466-4242-95AC-99BC73285292} - System32\Tasks\{1E8294A5-ABC3-44F1-A4FF-C16E6D0DE270} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D1FEB808-9EEB-4DE9-82D9-65AAA1E4D443} - System32\Tasks\{3AFE082D-B0E3-48C7-B420-7B36ED6AE8FE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D238E729-D9F4-4DAF-89CA-49B865F3164E} - System32\Tasks\{84E42509-19A9-414E-93EC-DADF60C74608} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D39ADBFF-A566-4324-A8E1-FB3FE4527F27} - System32\Tasks\{3441B10D-3D62-4145-B76D-5B4FE0C43569} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D4C655CD-6670-4F1B-8417-24F9B0BDFB3D} - System32\Tasks\{920BE2FA-932F-4C79-829F-1724EC71C2AE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D4D27D0B-84E7-4956-A6A8-90ADD9019257} - System32\Tasks\{90B858E9-42D0-4FFD-A67A-3B6A6FB285F2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D514F083-B022-4503-961E-CE5903361903} - System32\Tasks\{5D40EA37-1FB6-4B4D-8E6B-6293202B5220} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D6358D73-AA36-4842-BA0F-47FC7334503A} - System32\Tasks\{54A9AFB9-88E9-4D0B-AE73-8BD1156D7037} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D63948C0-749A-4FB7-8AA5-CBF028706260} - System32\Tasks\{F773EA97-1E83-42B6-9D69-887F889955D3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D6C49343-FEFB-4A41-9784-473BBF736275} - System32\Tasks\{5586E462-087D-4D9D-ACCE-284791FA89CA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D876064A-2620-4FF5-9040-68003E5149F2} - System32\Tasks\{8CF5E662-552A-41F4-A66A-178F9F5F8E79} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D922EFA6-BEA3-4906-B13C-EB7379C7BC3D} - System32\Tasks\{0177249C-70EE-483A-90B6-FE124A85C1A2} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {DAF92F25-6832-49FB-BD6E-B954BAA04127} - System32\Tasks\{1A713EA2-1697-4BCF-9158-5F6EBAE6C4FF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DC029923-188B-451E-8B35-E3BC0D701A66} - System32\Tasks\{FCDE70B8-7969-42BF-9C55-E1C097E0245A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DC5B72EC-D37A-4200-AE21-DF11360429E4} - System32\Tasks\{10F1CEEA-10B3-451A-9FE2-EBFDB5E115B2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DCFDE7D5-C3BF-4301-AA34-CE045F5FE096} - System32\Tasks\{5849D75D-1963-499D-B91A-A46FE8735393} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE10224A-C995-460F-9F84-170B40F3D6EF} - System32\Tasks\{ED40691D-D71B-4177-95B5-CA16AA3990F4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DF7CA7B6-2855-4C82-84C2-9403FFFE30BA} - System32\Tasks\{ABF82AC3-E934-4CC9-8537-3AFD84BA9958} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E0456C78-634F-4D95-A289-271CAB3ABA2B} - System32\Tasks\{0432C010-326D-4EEE-8D80-400E0ED254D6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E0BA30EE-4CDC-461C-A460-5DE53E5A7B14} - System32\Tasks\{B0F2C3C0-6664-4D2A-BE84-915CBF41491A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E1BCF4E4-C7EA-4D46-91C8-B1E151B3D6D9} - System32\Tasks\{4429DB15-AAB4-4175-BFCF-6B7C994B6CE7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E60561BD-7FAA-4D0E-9D45-C566C9F67D65} - System32\Tasks\{64223D9D-94B3-425D-B31B-9BF73C1B34B4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E6B5703B-4554-44E1-BE1E-124C3CDE7A73} - System32\Tasks\{20515361-1FAE-45B6-AA6E-F2D36822D7B4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E80500A6-9967-40E9-A381-D217B4883924} - System32\Tasks\{10983CC6-FA51-4959-B146-417355D51740} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E88FEB28-C026-4272-A4EA-2FFC0FB33048} - System32\Tasks\{CB67C0F3-E60D-4BAF-A8D8-9802328B97A8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E96D43D0-DBA6-45D3-AD6A-08E580A04EE2} - System32\Tasks\{5DE3E37B-89B3-4CC2-96EE-F5AD980F24DF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E9C958C3-91C5-4B95-87B9-25E2A7290E21} - System32\Tasks\{EBE37627-1C82-4A5B-AB75-B2760209ACB7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E9E6128C-45EE-47BA-9294-443CA1A242E6} - System32\Tasks\{78FBC0A0-537A-4C8D-BD85-EC0F8DC2306F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EA1AFD5F-BFA5-4903-8BFA-2C45C38E2FB0} - System32\Tasks\{5B524937-3A72-4CC3-BEC8-8D9F626D0996} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EB090E2A-4401-4954-A7D9-48B74467F6DD} - System32\Tasks\{79895790-0F7C-4D49-9B42-F193DC3FF5E5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EB5F0E05-B438-4699-A511-52481305E466} - System32\Tasks\{238DC4C4-4295-49D1-A493-7269478F6FA2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EBB4D03D-5E54-47BC-80B9-F5452CCA83F2} - System32\Tasks\{618767A7-9D0F-4BF1-97DF-FB9E70D94152} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EC120B18-D796-4673-8EAF-A6528AB5D2F4} - System32\Tasks\{D7CA5D8A-CCCF-4E24-89D4-5E906FCDE18C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EC6509D4-D754-46D8-9B77-0EBA8C0552A4} - System32\Tasks\{64BF4CF4-BDA1-47C1-92BF-6C147681E9C7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ECCF2AD6-6BFE-49EE-BA01-E611786608E9} - System32\Tasks\{06F109BF-81D7-4F42-877A-63F0FF8D9EA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ED05BD3B-821B-4AD5-8E9C-531CB5F3E7A8} - System32\Tasks\{89DBAB62-7F4D-42BE-BE3A-5154A9C425A8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ED4F56A2-307A-4893-9C48-9C358521F541} - System32\Tasks\{FACA283D-AEA2-4035-8DAF-743B93FFD7DA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ED985886-30D9-44FF-AEB5-59862A1185EC} - System32\Tasks\{0EF92D11-3B25-4A30-878E-07FF19A78EB9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EDEF3887-19ED-44AC-A6F0-1769518519CE} - System32\Tasks\{0B30EEDD-7771-4409-99A1-F7B0FCBA36DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EE97846D-FE88-4FF8-B1FC-32BCB0D28DF0} - System32\Tasks\{B9791389-EF14-418B-9188-D2C538A7960B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EEF1791A-3678-4679-B060-20A0BE44498A} - System32\Tasks\{2D98DC04-6325-492C-AEC8-52BDA73BEA41} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EF45FE54-A462-4DE6-B88D-F111670147C3} - System32\Tasks\{994BBE60-F7C4-49C6-8EC9-6D5B7A6CB6F1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EF762D9A-FD52-437B-A633-9AF6344A05A4} - System32\Tasks\{16262A80-BB78-4F66-BD75-920DABA0F58B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F0680099-6A1D-4581-8957-A8217E701299} - System32\Tasks\{2AFB1055-F4E8-4547-B127-5A95F8F815CC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F090AD10-6198-49C0-AE00-378C850ECBC1} - System32\Tasks\{C8A12FE7-300E-440B-BED4-762B09339498} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F0A46B90-3808-4448-BBB4-E74C30E1B091} - System32\Tasks\{7D6D7F5A-F5F2-4EFD-B9BD-6581CF1A08B4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F0CB237F-7ED8-4D98-85D0-C1B9E1F4F3FF} - System32\Tasks\{ABB295AC-3E9A-4D48-B7DD-6B2C3A56BCFB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F13FFB76-CCD2-44AF-BBF7-3B358A9CA26C} - System32\Tasks\{42F6E7EC-0E4D-413A-896E-D3E1BFFAC4CB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F2994685-6719-4FCE-A881-45E920121AA6} - System32\Tasks\{5656E358-C6A3-49B1-82B2-5B4D0528D507} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F37A7012-BD61-4C80-9F7D-2A5721B3FF9C} - System32\Tasks\{87A5304D-8346-470F-8E34-56CC3445870B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F3E83D96-CADA-4DAA-84D8-3C4AAEC6A3A4} - System32\Tasks\{C00C75DB-9CD7-437D-AA48-90EB6E5E69EF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F49870B0-B3B6-4B89-BE55-D54A90848E97} - System32\Tasks\{90997A9A-6F5D-4756-A03B-5A0473C98D26} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F5470D3F-8B7A-474B-9D20-75C1C047C58B} - System32\Tasks\{FFC0AAD3-D816-43DB-AFCD-F1661369A53D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F56DA557-F3C9-4FDC-B8E9-84A7DBC50CED} - System32\Tasks\{97F4EFBE-849B-4996-96C7-08C47D58631F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F6616C51-B2E3-44AC-A781-1609C93E5CCF} - \BrowserDefendert No Task File
Task: {F7228C6A-72C1-42E8-8D75-F437D4F4D530} - System32\Tasks\{EEBD7C27-1624-4559-AE86-49135049554C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F785C08F-2D95-402B-83AC-A93C5012A568} - System32\Tasks\{D045BFFD-F4CC-4CC7-9152-57C96E606F94} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F7EFC529-7AB4-49B3-9516-0B283646DC75} - System32\Tasks\{80A8E340-CB53-4160-BF7B-6BE0D245B73C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F8414B70-35CD-477C-9A94-84A9EAEBD8BF} - System32\Tasks\{33210114-3171-4A86-967E-A431CABC41DD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F87CC105-D04F-4DF3-8AB5-8F20CFB831E0} - System32\Tasks\{0DB48688-BD14-436A-BB8F-BF7D0675AB8E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F87F9EEA-48BD-41E5-A08F-998FCF94C2F2} - System32\Tasks\{56AF14F2-F33A-484D-A44D-AA25C9DD95F0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F89A7400-6354-4835-84F0-1AD00F0C0DC1} - System32\Tasks\{6B56CEFB-5742-4CD5-8ED4-4DB55E943679} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F917BC32-5023-4D9B-B676-F22612436C3B} - System32\Tasks\{C0CF0893-CF11-43F3-93EA-74F2260D8BB5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F9AF977D-5662-472E-81C8-B528912F39EA} - System32\Tasks\{D80E0FBD-A21E-43C8-A5E1-1F0214B7368F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FB3B7E02-4197-4737-BE8D-3AC187253DD7} - System32\Tasks\{672A497E-CBDF-41DC-B256-5CE52D41316A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FB7ABD0E-7177-42A1-B403-402996C29177} - System32\Tasks\{F2E0ACD6-13B5-4858-B564-7ECEC77B6AD4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FC01F04F-08F9-46FA-941F-B236FB933BB5} - System32\Tasks\{BE8C954D-EB53-4AF2-94E6-7C15E27CA70A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FC11940B-359E-49AC-BD8E-00FF5B4581E8} - System32\Tasks\{D5705238-45C1-4BC4-94F4-B01E071F19E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FD240282-A39E-4199-8820-881D0BF03C76} - System32\Tasks\{261A3ACB-EA53-4123-95FC-4E2C9585A0D7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FE107B65-94E3-4645-8432-B86934C88251} - System32\Tasks\{B085728F-3436-4B65-8BDD-1FB39CDFC230} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FE57F6D0-135B-4D0A-B8FF-A0F6E4C0C751} - System32\Tasks\{F6C94866-4790-47D8-BC34-CA10C444AFED} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FEEC5034-065D-49A3-809A-D011E6B67B87} - System32\Tasks\{F93953C1-EC4C-48C7-BE79-D325035D4FD5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FF403281-123B-4789-B5E1-D644FD46F567} - System32\Tasks\{899DCFF6-691E-4C98-9209-99C575FBEC5D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFC48186-8B48-482A-8E07-28E1E5454813} - System32\Tasks\{DFC3B75F-6230-4A08-9574-44B664FC6AF6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFF6465B-101C-4B11-B0F3-A60C161E0380} - System32\Tasks\{EF784090-9B6A-49D8-AA82-53A4571F1507} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFF7A5F1-CF21-4805-B06C-11142A32FEC9} - System32\Tasks\{0F8940E4-BBD3-4187-B85F-DC1E57EC2F5D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Code:
ATTFilter ==================== Loaded Modules (whitelisted) =============
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-07-13 21:41 - 2012-07-13 22:01 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-13 19:07 - 2013-09-13 19:07 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-09-21 03:58 - 2013-09-21 03:58 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-07-19 23:29 - 2013-07-19 23:29 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-07-30 13:45 - 2013-07-30 13:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 19:05 - 2013-09-13 19:05 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-09-13 19:05 - 2013-09-13 19:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-09-13 19:06 - 2013-09-13 19:06 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-09-13 19:06 - 2013-09-13 19:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-09-13 19:06 - 2013-09-13 19:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-09-13 19:13 - 2013-09-13 19:13 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-04-17 14:06 - 2013-04-17 14:06 - 00851456 _____ () C:\Users\Adrian\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2014-03-29 16:45 - 2014-03-29 16:45 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-18 18:48 - 2013-12-13 00:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-02-18 18:48 - 2013-11-05 03:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-25 14:23 - 2014-02-11 04:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-03-29 11:53 - 2014-02-25 23:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 16:16 - 2014-01-11 01:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-03-29 11:53 - 2014-02-25 23:57 - 00119488 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2012-09-07 15:37 - 2013-06-15 01:49 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2013-07-11 16:15 - 2013-06-15 01:49 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2014-03-12 20:08 - 2014-03-12 20:08 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Adrian\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/31/2014 00:02:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/31/2014 10:33:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2014 03:05:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2014 09:40:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2014 09:01:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 07:47:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 07:41:37 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Update GrabRez since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/29/2014 03:48:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 11:57:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 11:23:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/31/2014 00:25:06 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:25:04 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:20:12 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:20:10 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:18:17 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:18:14 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:09:40 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:09:39 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/31/2014 00:07:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (03/31/2014 00:06:30 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Microsoft Office Sessions:
=========================
Error: (03/31/2014 00:02:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/31/2014 10:33:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2014 03:05:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2014 09:40:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2014 09:01:55 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 07:47:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 07:41:37 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Update GrabRez since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (03/29/2014 03:48:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 11:57:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 11:23:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-03-31 12:03:43.125
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-31 12:03:43.052
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-31 12:01:26.132
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-31 12:01:26.038
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-31 10:32:42.843
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-31 10:32:42.781
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-31 10:32:17.150
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-31 10:32:17.088
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-30 15:06:01.771
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-30 15:06:01.699
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8189.43 MB
Available physical RAM: 5767.48 MB
Total Pagefile: 16377.04 MB
Available Pagefile: 13542.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:288.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CA0585DC)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
01.04.2014, 11:29
| #4 |
| /// the machine /// TB-Ausbilder | Plötzliche hohe "Pings" im Spiel hi, Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.04.2014, 13:07
| #5 |
| | Plötzliche hohe "Pings" im Spiel Muss noch dazu sagen das ich heute eine Systemwiederherstellung gemacht habe. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 01.04.2014 Suchlauf-Zeit: 14:05:41 Logdatei: mbam.txt Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.03.04.09 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Adrian Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 263728 Verstrichene Zeit: 29 Min, 39 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 1 PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, Löschen bei Neustart, [24dce818b848c23e9a58f0c1946f9c64], Registrierungswerte: 1 PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, SIM, Löschen bei Neustart, [24dce818b848c23e9a58f0c1946f9c64] Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.022 - Bericht erstellt am 01/04/2014 um 14:09:02
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Adrian - ADRIAN-PC
# Gestartet von : C:\Users\Adrian\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\f8b34e3b5e6e337aa6491ee3f713f8f5\adwcleaner_3.022.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Adrian\AppData\Local\Temp\OCS
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [35288 octets] - [31/03/2014 11:56:49]
AdwCleaner[R1].txt - [1239 octets] - [31/03/2014 12:23:24]
AdwCleaner[R2].txt - [1230 octets] - [01/04/2014 14:08:31]
AdwCleaner[S0].txt - [34689 octets] - [31/03/2014 11:59:18]
AdwCleaner[S1].txt - [1107 octets] - [01/04/2014 14:09:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1167 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x64
Ran by Adrian on 01.04.2014 at 14:13:27,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3493261800-2529070604-1081231230-1000\Software\sweetim
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\0c99i0gx.default\minidumps [417 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.04.2014 at 14:18:49,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Adrian (administrator) on ADRIAN-PC on 01-04-2014 14:20:49 Running from C:\Users\Adrian\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (AMD) C:\Windows\system32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (ICQ) C:\Users\Adrian\AppData\Roaming\ICQM\icq.exe (Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [MouseDriver] - C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [NPSStartup] - [X] HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] - [X] HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1 HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1 HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] - C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [AdobeBridge] - [X] HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [icq] - C:\Users\Adrian\AppData\Roaming\ICQM\icq.exe [27598184 2013-04-17] (ICQ) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: E - E:\Autorun.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {106cce3c-cd08-11e1-bcfc-902b34113ce6} - E:\SETUP.EXE HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {20685697-74b8-11e3-b578-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {2fdae13f-97b0-11e2-b8fe-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {4f2ee534-9aba-11e2-b6dd-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {9f0a113a-9854-11e2-b44e-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {c7688dcf-8a74-11e3-85c7-902b34113ce6} - F:\SETUP.EXE HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {dbbb7a9f-b7c1-11e2-8921-902b34113ce6} - E:\Autorun.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {ed8b6a71-9466-11e2-9d5c-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {fff83d48-9590-11e2-874f-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe AppInit_DLLs-x32: 0 => "0" File Not Found ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE02B61794661CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de SearchScopes: HKLM - DefaultScope {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms} SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms} SearchScopes: HKCU - URL hxxp://isearch.babylon.com/?q={searchTerms}&affID=44444&babsrc=SP_ss_wls_btis2&mntrId=94C5902B34113CE6 BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", ""); FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\ich@maltegoetz.de [2013-12-11] FF Extension: LavaFox V2 - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\info@djzig.com [2014-01-14] FF Extension: DownloadHelper - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25] FF Extension: NASA Night Launch - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\nasanightlaunch@example.com.xpi [2013-11-12] FF Extension: Noia 4 Theme Manager - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\Noia4Options@ArisT2.xpi [2012-09-13] FF Extension: Download status - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{9fb8c270-7124-11dd-ad8b-0800200c9a66}.xpi [2013-02-22] FF Extension: Shine Bright Skin Aero - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-09-13] FF Extension: Adblock Plus - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-13] FF Extension: Noia 4 - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-04-19] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG) R2 AVM IGD CTRL Service; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [81920 2005-11-21] (AVM Berlin) S3 de_serv; C:\Program Files (x86)\Common Files\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-03] (Nero AG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-07-13] () R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC) S2 Util GrabRez; "C:\Program Files (x86)\GrabRez\bin\utilGrabRez.exe" [X] ==================== Drivers (Whitelisted) ==================== S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] () S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-01 14:20 - 2014-04-01 14:20 - 02157056 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe 2014-04-01 14:18 - 2014-04-01 14:18 - 00000991 _____ () C:\Users\Adrian\Desktop\JRT.txt 2014-04-01 14:13 - 2014-04-01 14:13 - 00000000 ____D () C:\Windows\ERUNT 2014-04-01 14:06 - 2014-04-01 14:06 - 00001406 _____ () C:\mbam.txt 2014-04-01 13:46 - 2014-04-01 13:46 - 01038974 _____ (Thisisu) C:\Users\Adrian\Desktop\JRT.exe 2014-04-01 13:35 - 2014-04-01 14:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-01 13:34 - 2014-04-01 13:34 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Desktop\mbam-setup-2.0.0.1000.exe 2014-04-01 13:34 - 2014-04-01 13:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-01 13:34 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-01 13:34 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-31 14:28 - 2014-04-01 14:20 - 00017068 _____ () C:\Users\Adrian\Desktop\FRST.txt 2014-03-31 14:28 - 2014-04-01 14:20 - 00000000 ____D () C:\FRST 2014-03-31 14:28 - 2014-03-31 14:29 - 00139109 _____ () C:\Users\Adrian\Desktop\Addition.txt 2014-03-31 11:56 - 2014-04-01 14:09 - 00000000 ____D () C:\AdwCleaner 2014-03-31 11:55 - 2014-03-31 11:55 - 00613200 _____ (Chip Digital GmbH) C:\Users\Adrian\Desktop\AdwCleaner - CHIP-Downloader.exe 2014-03-30 11:59 - 2014-03-30 12:03 - 00000000 ____D () C:\Users\Adrian\Desktop\222 2014-03-29 19:19 - 2014-03-29 19:58 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-29 19:18 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-29 16:45 - 2014-04-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-27 21:29 - 2014-03-27 21:29 - 00276272 _____ () C:\Windows\Minidump\032714-18782-01.dmp 2014-03-25 19:49 - 2014-03-25 19:49 - 00003424 ____N () C:\bootsqm.dat 2014-03-19 17:00 - 2014-03-28 18:17 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client 2014-03-19 16:59 - 2014-04-01 13:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-03-13 11:58 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-13 11:58 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-13 11:58 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-13 11:58 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-13 11:58 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-13 11:58 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-13 11:58 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-13 11:58 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-13 11:58 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-13 11:58 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-13 11:58 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-13 11:58 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-13 11:58 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-13 11:58 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-13 11:58 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-13 11:58 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-13 11:58 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-13 11:58 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-13 11:58 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-13 11:58 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-13 11:58 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-13 11:58 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-13 11:58 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-13 11:58 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-13 11:58 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-13 11:58 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-13 11:58 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-13 11:58 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-13 11:58 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-13 11:58 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-13 11:58 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-13 11:58 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-13 11:58 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-13 11:58 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-13 11:58 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-13 11:58 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-13 11:58 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-13 11:58 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-13 11:58 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-13 11:58 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-13 11:58 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-13 11:58 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-13 11:58 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-13 11:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-13 11:57 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-13 11:57 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-13 11:57 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-13 11:57 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-10 18:44 - 2014-03-10 18:50 - 00000000 ____D () C:\Users\Adrian\Desktop\Genetikk 2014-03-09 15:16 - 2014-04-01 13:58 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-09 15:16 - 2014-04-01 13:33 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Skype 2014-03-04 19:28 - 2014-03-29 20:03 - 00005130 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Adrian-PC-Adrian Adrian-PC ==================== One Month Modified Files and Folders ======= 2014-04-01 14:21 - 2014-03-31 14:28 - 00017068 _____ () C:\Users\Adrian\Desktop\FRST.txt 2014-04-01 14:20 - 2014-04-01 14:20 - 02157056 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe 2014-04-01 14:20 - 2014-03-31 14:28 - 00000000 ____D () C:\FRST 2014-04-01 14:18 - 2014-04-01 14:18 - 00000991 _____ () C:\Users\Adrian\Desktop\JRT.txt 2014-04-01 14:18 - 2009-07-14 06:45 - 00034896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-01 14:18 - 2009-07-14 06:45 - 00034896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-01 14:16 - 2011-04-12 09:43 - 00702964 _____ () C:\Windows\system32\perfh007.dat 2014-04-01 14:16 - 2011-04-12 09:43 - 00150604 _____ () C:\Windows\system32\perfc007.dat 2014-04-01 14:16 - 2009-07-14 07:13 - 01629184 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-01 14:13 - 2014-04-01 14:13 - 00000000 ____D () C:\Windows\ERUNT 2014-04-01 14:11 - 2014-04-01 13:35 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-01 14:10 - 2013-09-23 12:18 - 00000000 ____D () C:\Users\Adrian\AppData\Local\HTC MediaHub 2014-04-01 14:10 - 2012-11-16 23:56 - 00000202 _____ () C:\Windows\Tasks\AutoKMS.job 2014-04-01 14:10 - 2012-07-14 14:48 - 00000000 ____D () C:\ProgramData\Kodak 2014-04-01 14:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-01 14:10 - 2009-07-14 06:51 - 00112052 _____ () C:\Windows\setupact.log 2014-04-01 14:09 - 2014-03-31 11:56 - 00000000 ____D () C:\AdwCleaner 2014-04-01 14:09 - 2012-07-14 00:02 - 01148843 _____ () C:\Windows\WindowsUpdate.log 2014-04-01 14:08 - 2012-07-13 19:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-01 14:06 - 2014-04-01 14:06 - 00001406 _____ () C:\mbam.txt 2014-04-01 14:03 - 2013-04-15 14:32 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\.minecraft 2014-04-01 14:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-01 14:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-04-01 14:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-01 14:01 - 2013-05-08 14:05 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2014-04-01 14:01 - 2012-11-10 21:15 - 00000000 ____D () C:\Windows\system32\kodak 2014-04-01 14:01 - 2012-07-29 21:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2014-04-01 14:01 - 2012-07-13 18:44 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-04-01 14:01 - 2012-07-13 18:44 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-01 14:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-01 14:00 - 2012-08-25 13:06 - 00000000 ____D () C:\Windows\Minidump 2014-04-01 14:00 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew 2014-04-01 13:59 - 2013-10-10 12:49 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animake 2014-04-01 13:59 - 2013-07-12 10:54 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Aeria Games & Entertainment 2014-04-01 13:59 - 2013-06-09 11:31 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Namco 2014-04-01 13:59 - 2013-05-08 13:09 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\DAEMON Tools Ultra 2014-04-01 13:59 - 2013-03-18 17:31 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Red Giant Link 2014-04-01 13:59 - 2013-03-18 12:39 - 00000000 ____D () C:\Users\Adrian\Desktop\Spiele 2014-04-01 13:59 - 2013-03-16 18:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Sony 2014-04-01 13:59 - 2013-02-23 16:07 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Litlink v4 2014-04-01 13:59 - 2012-08-22 14:27 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DSWorkbench 2014-04-01 13:59 - 2012-07-22 16:32 - 00000000 ____D () C:\Users\Default\AppData\Local\Eastman_Kodak_Company 2014-04-01 13:59 - 2012-07-22 16:32 - 00000000 ____D () C:\Users\Default User\AppData\Local\Eastman_Kodak_Company 2014-04-01 13:59 - 2012-07-20 19:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\SnelNL 2014-04-01 13:59 - 2012-07-14 19:07 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Skype 2014-04-01 13:58 - 2014-03-19 16:59 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-04-01 13:58 - 2014-03-09 15:16 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-04-01 13:58 - 2014-02-23 19:57 - 00000000 ____D () C:\ProgramData\HP 2014-04-01 13:58 - 2014-02-23 19:56 - 00000000 ____D () C:\Users\Adrian\AppData\Local\HP 2014-04-01 13:58 - 2014-01-31 19:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-04-01 13:58 - 2014-01-31 19:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-04-01 13:58 - 2013-10-10 12:49 - 00000000 ____D () C:\Program Files\Animake 2014-04-01 13:58 - 2013-09-02 16:47 - 00000000 ____D () C:\ProgramData\Red Giant 2014-04-01 13:58 - 2013-07-13 11:27 - 00000000 ____D () C:\Users\Adrian\.swt 2014-04-01 13:58 - 2013-07-12 10:55 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Akamai 2014-04-01 13:58 - 2013-05-08 13:42 - 00000000 ____D () C:\Users\Adrian\AppData\Local\DTClient 2014-04-01 13:58 - 2013-04-15 14:32 - 00000000 ____D () C:\Users\Adrian\AppData\Local\http___www.minecraftversi 2014-04-01 13:58 - 2013-04-11 20:26 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron 2014-04-01 13:58 - 2013-04-09 13:51 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-01 13:58 - 2013-03-27 23:27 - 00000000 ____D () C:\Users\Adrian\AppData\Local\LogMeIn Hamachi 2014-04-01 13:58 - 2013-03-18 17:30 - 00000000 ____D () C:\Program Files\Magic Bullet Looks Vegas 2014-04-01 13:58 - 2013-03-18 17:29 - 00000000 ____D () C:\ProgramData\RedGiant 2014-04-01 13:58 - 2013-03-16 18:33 - 00000000 ____D () C:\ProgramData\Sony 2014-04-01 13:58 - 2013-02-23 16:09 - 00000000 ____D () C:\Users\Adrian\360Works 2014-04-01 13:58 - 2013-02-01 15:40 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Dxtory Software 2014-04-01 13:58 - 2013-01-29 19:00 - 00000000 ____D () C:\Users\Adrian\AppData\Local\FUT_Autobuyer 2014-04-01 13:58 - 2012-12-07 16:54 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-01 13:58 - 2012-12-07 16:54 - 00000000 ____D () C:\Program Files (x86)\Safari 2014-04-01 13:58 - 2012-11-21 17:23 - 00000000 ____D () C:\Users\Adrian\.MinecraftStructurePlanner 2014-04-01 13:58 - 2012-11-10 21:08 - 00000000 ____D () C:\ProgramData\Visan 2014-04-01 13:58 - 2012-11-10 21:08 - 00000000 ____D () C:\ProgramData\PrintProjects 2014-04-01 13:58 - 2012-11-10 21:08 - 00000000 ____D () C:\Program Files (x86)\PrintProjects 2014-04-01 13:58 - 2012-11-04 16:18 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Downloaded Installations 2014-04-01 13:58 - 2012-09-19 19:19 - 00000000 ____D () C:\Program Files\DIFX 2014-04-01 13:58 - 2012-08-26 21:28 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-04-01 13:58 - 2012-08-22 14:27 - 00000000 ____D () C:\Users\Adrian\AppData\Local\DSWorkbench 2014-04-01 13:58 - 2012-07-29 21:31 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-01 13:58 - 2012-07-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-04-01 13:58 - 2012-07-14 19:07 - 00000000 ____D () C:\ProgramData\Skype 2014-04-01 13:58 - 2012-07-14 15:17 - 00000000 ____D () C:\ProgramData\Origin 2014-04-01 13:58 - 2012-07-14 15:16 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-04-01 13:58 - 2012-07-14 14:50 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Eastman_Kodak_Company 2014-04-01 13:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-01 13:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-04-01 13:57 - 2014-03-29 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-01 13:57 - 2014-02-23 19:57 - 00000000 ____D () C:\Program Files (x86)\HP 2014-04-01 13:57 - 2014-01-31 19:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-04-01 13:57 - 2013-11-03 21:40 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive 2014-04-01 13:57 - 2013-11-03 11:06 - 00000000 ____D () C:\Program Files (x86)\Cisco 2014-04-01 13:57 - 2013-09-23 12:14 - 00000000 ____D () C:\Program Files (x86)\HTC 2014-04-01 13:57 - 2013-07-12 10:55 - 00000000 ____D () C:\Program Files (x86)\Aeria Games 2014-04-01 13:57 - 2013-03-18 17:30 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder 2014-04-01 13:57 - 2013-02-23 16:07 - 00000000 ____D () C:\litlink v4.5 2014-04-01 13:57 - 2012-11-04 16:19 - 00000000 ____D () C:\Program Files (x86)\MarkAny 2014-04-01 13:57 - 2012-08-27 17:31 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-04-01 13:57 - 2012-07-22 16:13 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant 2014-04-01 13:57 - 2012-07-15 19:39 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-04-01 13:57 - 2012-07-14 14:48 - 00000000 ____D () C:\Program Files (x86)\Kodak 2014-04-01 13:57 - 2012-07-14 00:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-01 13:57 - 2012-07-13 21:52 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment 2014-04-01 13:57 - 2012-07-13 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-01 13:57 - 2012-07-13 18:28 - 00000000 ____D () C:\AMD 2014-04-01 13:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-04-01 13:46 - 2014-04-01 13:46 - 01038974 _____ (Thisisu) C:\Users\Adrian\Desktop\JRT.exe 2014-04-01 13:36 - 2013-02-15 17:13 - 00000000 ____D () C:\Users\Adrian\Documents\Fax 2014-04-01 13:36 - 2012-11-17 12:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\OpenOffice.org 2014-04-01 13:36 - 2012-07-22 16:13 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2014-04-01 13:36 - 2012-07-22 16:13 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2014-04-01 13:35 - 2014-01-23 20:40 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Malwarebytes 2014-04-01 13:35 - 2013-09-23 12:20 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\HTC 2014-04-01 13:35 - 2013-03-24 18:00 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\AnvSoft 2014-04-01 13:35 - 2012-07-13 18:46 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Macromedia 2014-04-01 13:35 - 2012-07-13 18:46 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Adobe 2014-04-01 13:34 - 2014-04-01 13:34 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Desktop\mbam-setup-2.0.0.1000.exe 2014-04-01 13:34 - 2014-04-01 13:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-01 13:34 - 2014-01-23 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-01 13:33 - 2014-03-09 15:16 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Skype 2014-04-01 13:33 - 2013-05-08 14:22 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Rockstar Games 2014-04-01 13:33 - 2013-03-16 18:33 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Sony 2014-04-01 13:27 - 2013-10-17 15:28 - 00000000 ____D () C:\ProgramData\GFACE 2014-04-01 13:27 - 2013-07-30 13:44 - 00000000 ____D () C:\ProgramData\Avira 2014-04-01 13:27 - 2013-04-09 16:13 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Chromium 2014-04-01 13:27 - 2013-03-27 13:17 - 00000000 ____D () C:\ProgramData\HTC 2014-04-01 13:27 - 2012-07-14 15:16 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-04-01 13:26 - 2013-03-16 18:33 - 00000000 ____D () C:\Program Files\Sony 2014-04-01 13:25 - 2014-01-31 20:49 - 00000000 ____D () C:\Program Files\KMSpico 2014-04-01 13:24 - 2014-02-23 19:57 - 00000000 ____D () C:\Program Files\HP 2014-04-01 13:24 - 2012-07-22 16:40 - 00000000 ____D () C:\Program Files\Adobe 2014-04-01 13:23 - 2012-09-19 19:18 - 00000000 ____D () C:\Program Files (x86)\TI Education 2014-04-01 13:23 - 2012-07-15 15:33 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-01 13:22 - 2013-05-08 13:49 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2014-04-01 13:22 - 2013-03-18 17:30 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link 2014-04-01 13:22 - 2012-11-04 16:19 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-04-01 13:21 - 2013-05-08 14:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-04-01 13:21 - 2013-02-01 15:29 - 00000000 ____D () C:\Program Files (x86)\Lavalys 2014-04-01 13:21 - 2012-11-17 12:03 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3 2014-04-01 13:21 - 2012-07-14 15:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-04-01 13:20 - 2014-01-31 19:37 - 00000000 __RHD () C:\MSOCache 2014-04-01 13:20 - 2012-12-07 21:05 - 00000000 ____D () C:\Program Files (x86)\AAAA 2014-04-01 13:19 - 2013-07-12 11:02 - 00000000 ____D () C:\AeriaGames 2014-04-01 13:17 - 2012-07-14 13:08 - 00136680 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-01 13:17 - 2012-07-14 00:06 - 00000000 ____D () C:\Users\Adrian 2014-04-01 12:10 - 2012-07-13 21:41 - 00000000 ____D () C:\Perfect World Entertainment 2014-04-01 12:10 - 2012-07-13 20:02 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-04-01 11:25 - 2012-07-17 12:29 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe 2014-03-31 14:29 - 2014-03-31 14:28 - 00139109 _____ () C:\Users\Adrian\Desktop\Addition.txt 2014-03-31 12:21 - 2013-07-13 12:49 - 00000000 ____D () C:\Program Files (x86)\eFusion 2014-03-31 12:20 - 2013-07-13 12:53 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion 2014-03-31 11:59 - 2012-07-13 18:33 - 00000000 ____D () C:\ProgramData\ICQ 2014-03-31 11:55 - 2014-03-31 11:55 - 00613200 _____ (Chip Digital GmbH) C:\Users\Adrian\Desktop\AdwCleaner - CHIP-Downloader.exe 2014-03-30 12:03 - 2014-03-30 11:59 - 00000000 ____D () C:\Users\Adrian\Desktop\222 2014-03-30 09:00 - 2010-11-21 05:47 - 00750646 _____ () C:\Windows\PFRO.log 2014-03-29 20:04 - 2012-07-14 00:06 - 00000000 ___RD () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-29 20:03 - 2014-03-04 19:28 - 00005130 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Adrian-PC-Adrian Adrian-PC 2014-03-29 19:58 - 2014-03-29 19:19 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-29 19:44 - 2012-07-15 16:16 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\DVDVideoSoft 2014-03-29 19:43 - 2012-09-12 18:47 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-03-29 19:40 - 2013-03-25 23:13 - 00000000 ____D () C:\ProgramData\Freemake 2014-03-29 19:39 - 2012-07-20 19:41 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-03-28 18:17 - 2014-03-19 17:00 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client 2014-03-27 21:29 - 2014-03-27 21:29 - 00276272 _____ () C:\Windows\Minidump\032714-18782-01.dmp 2014-03-27 21:29 - 2012-08-25 13:06 - 664573870 _____ () C:\Windows\MEMORY.DMP 2014-03-27 21:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-03-25 19:49 - 2014-03-25 19:49 - 00003424 ____N () C:\bootsqm.dat 2014-03-15 23:56 - 2012-11-16 23:56 - 00000202 _____ () C:\Windows\Tasks\AutoKMSDaily.job 2014-03-13 20:48 - 2009-07-14 06:45 - 05126680 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-13 18:14 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2014-03-12 20:08 - 2012-07-13 19:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-12 20:08 - 2012-07-13 18:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-12 20:08 - 2012-07-13 18:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-10 18:50 - 2014-03-10 18:44 - 00000000 ____D () C:\Users\Adrian\Desktop\Genetikk 2014-03-09 21:11 - 2013-11-03 21:42 - 00000000 _____ () C:\dfu.log 2014-03-06 10:54 - 2013-11-26 20:50 - 00000000 ____D () C:\Users\Adrian\Desktop\Uni 2014-03-05 09:26 - 2014-04-01 13:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-01 13:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-01-23 20:40 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-02 20:58 - 2014-02-23 19:57 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\HpUpdate 2014-03-02 15:05 - 2014-03-29 19:18 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Some content of TEMP: ==================== C:\Users\Adrian\AppData\Local\Temp\177586a2e115f96eb5376c91004890a9.dll C:\Users\Adrian\AppData\Local\Temp\3f8e1a4ebebc94a212769f8f4afa1e3a.dll C:\Users\Adrian\AppData\Local\Temp\50652bbe223916d0d5b3dc6c8920dcd2.dll C:\Users\Adrian\AppData\Local\Temp\798b1a9cff2fc6e3b1cdcb42d594e804.dll C:\Users\Adrian\AppData\Local\Temp\969f7038a97f04a828131152338f558a.dll C:\Users\Adrian\AppData\Local\Temp\AskSLib.dll C:\Users\Adrian\AppData\Local\Temp\avgnt.exe C:\Users\Adrian\AppData\Local\Temp\avguidx.dll C:\Users\Adrian\AppData\Local\Temp\b0b190554c6cca30e2b412430cc12464.dll C:\Users\Adrian\AppData\Local\Temp\BrokerMediumIntegrity.exe C:\Users\Adrian\AppData\Local\Temp\CommonInstaller.exe C:\Users\Adrian\AppData\Local\Temp\d168cd165ca0942b8da37d98a237a7b1.dll C:\Users\Adrian\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Adrian\AppData\Local\Temp\GdiPlus.dll C:\Users\Adrian\AppData\Local\Temp\GenericUninstall.exe C:\Users\Adrian\AppData\Local\Temp\Gw2.exe C:\Users\Adrian\AppData\Local\Temp\htmlayout.dll C:\Users\Adrian\AppData\Local\Temp\iGearedHelper.dll C:\Users\Adrian\AppData\Local\Temp\InstallerMessageBox.exe C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl-cg.dll C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl-chk.dll C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl.dll C:\Users\Adrian\AppData\Local\Temp\MachineIdCreator.exe C:\Users\Adrian\AppData\Local\Temp\NPSInstallerProxy.exe C:\Users\Adrian\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll C:\Users\Adrian\AppData\Local\Temp\oi_{0633E289-82BC-4439-BAA6-77A405B816AC}.exe C:\Users\Adrian\AppData\Local\Temp\ose00001.exe C:\Users\Adrian\AppData\Local\Temp\PDFReader-2.1.1.exe C:\Users\Adrian\AppData\Local\Temp\pidgenx.dll C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe C:\Users\Adrian\AppData\Local\Temp\SkypeSetup.exe C:\Users\Adrian\AppData\Local\Temp\sonarinst.exe C:\Users\Adrian\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Adrian\AppData\Local\Temp\swt-win32-3740.dll C:\Users\Adrian\AppData\Local\Temp\tmp_minecraft.exe C:\Users\Adrian\AppData\Local\Temp\ToolbarInstaller.exe C:\Users\Adrian\AppData\Local\Temp\uninst1.exe C:\Users\Adrian\AppData\Local\Temp\uninstall14078715.exe C:\Users\Adrian\AppData\Local\Temp\uninstaller.exe C:\Users\Adrian\AppData\Local\Temp\WhiteLabelSetup.exe C:\Users\Adrian\AppData\Local\Temp\WSSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-31 13:29 ==================== End Of Log ============================ --- --- --- Geändert von Aerodyx (01.04.2014 um 13:22 Uhr) |
|
02.04.2014, 11:18
| #6 | |
| /// the machine /// TB-Ausbilder | Plötzliche hohe "Pings" im SpielZitat:
__________________ --> Plötzliche hohe "Pings" im Spiel |
|
02.04.2014, 13:08
| #7 | |
| | Plötzliche hohe "Pings" im SpielZitat:
 |
|
03.04.2014, 08:56
| #8 |
| /// the machine /// TB-Ausbilder | Plötzliche hohe "Pings" im SpielESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.04.2014, 12:03
| #9 |
| | Plötzliche hohe "Pings" im SpielCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=56a03e9206515c428e2e66ea450ec367
# engine=17736
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-03 11:00:53
# local_time=2014-04-03 01:00:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 6052 167194158 0 0
# compatibility_mode=5893 16776573 100 94 87413 148152703 0 0
# scanned=224379
# found=0
# cleaned=0
# scan_time=5096
Code:
ATTFilter Results of screen317's Security Check version 0.99.80 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java(TM) 6 Update 15 Java 7 Update 9 Java version out of Date! Adobe Flash Player 12.0.0.77 Adobe Reader 10.1.9 Adobe Reader out of Date! Mozilla Firefox (28.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Adrian (administrator) on ADRIAN-PC on 03-04-2014 13:07:05 Running from C:\Users\Adrian\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (AMD) C:\Windows\system32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Eastman Kodak Company) C:\PROGRAM FILES (X86)\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (ICQ) C:\Users\Adrian\AppData\Roaming\ICQM\icq.exe (Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [MouseDriver] - C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [NPSStartup] - [X] HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] - [X] HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1 HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1 HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] - C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [AdobeBridge] - [X] HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [icq] - C:\Users\Adrian\AppData\Roaming\ICQM\icq.exe [27598184 2013-04-17] (ICQ) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: E - E:\Autorun.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {106cce3c-cd08-11e1-bcfc-902b34113ce6} - E:\SETUP.EXE HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {20685697-74b8-11e3-b578-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {2fdae13f-97b0-11e2-b8fe-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {4f2ee534-9aba-11e2-b6dd-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {9f0a113a-9854-11e2-b44e-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {c7688dcf-8a74-11e3-85c7-902b34113ce6} - F:\SETUP.EXE HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {dbbb7a9f-b7c1-11e2-8921-902b34113ce6} - E:\Autorun.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {ed8b6a71-9466-11e2-9d5c-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3493261800-2529070604-1081231230-1000\...\MountPoints2: {fff83d48-9590-11e2-874f-902b34113ce6} - E:\HTC_Sync_Manager_PC.exe AppInit_DLLs-x32: 0 => "0" File Not Found ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE02B61794661CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de SearchScopes: HKLM - DefaultScope {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms} SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms} SearchScopes: HKCU - DefaultScope {71588120-FC17-4463-B07D-2C71FE6E057B} URL = SearchScopes: HKCU - URL hxxp://isearch.babylon.com/?q={searchTerms}&affID=44444&babsrc=SP_ss_wls_btis2&mntrId=94C5902B34113CE6 BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", ""); FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\ich@maltegoetz.de [2013-12-11] FF Extension: LavaFox V2 - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\info@djzig.com [2014-01-14] FF Extension: DownloadHelper - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25] FF Extension: NASA Night Launch - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\nasanightlaunch@example.com.xpi [2013-11-12] FF Extension: Noia 4 Theme Manager - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\Noia4Options@ArisT2.xpi [2012-09-13] FF Extension: Download status - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{9fb8c270-7124-11dd-ad8b-0800200c9a66}.xpi [2013-02-22] FF Extension: Shine Bright Skin Aero - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-09-13] FF Extension: Adblock Plus - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-13] FF Extension: Noia 4 - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\0c99i0gx.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-04-19] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG) R2 AVM IGD CTRL Service; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [81920 2005-11-21] (AVM Berlin) S3 de_serv; C:\Program Files (x86)\Common Files\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-03] (Nero AG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-07-13] () R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC) S2 Util GrabRez; "C:\Program Files (x86)\GrabRez\bin\utilGrabRez.exe" [X] ==================== Drivers (Whitelisted) ==================== S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] () S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-03 13:07 - 2014-04-03 13:07 - 00017501 _____ () C:\Users\Adrian\Desktop\FRST.txt 2014-04-03 12:47 - 2014-04-03 12:47 - 00987442 _____ () C:\Users\Adrian\Desktop\SecurityCheck.exe 2014-04-01 14:20 - 2014-04-01 14:20 - 02157056 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe 2014-04-01 14:13 - 2014-04-01 14:13 - 00000000 ____D () C:\Windows\ERUNT 2014-04-01 14:06 - 2014-04-01 14:06 - 00001406 _____ () C:\mbam.txt 2014-04-01 13:35 - 2014-04-03 11:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-01 13:34 - 2014-04-01 13:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-01 13:34 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-01 13:34 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-31 14:28 - 2014-04-03 13:07 - 00000000 ____D () C:\FRST 2014-03-31 11:56 - 2014-04-01 14:09 - 00000000 ____D () C:\AdwCleaner 2014-03-30 11:59 - 2014-03-30 12:03 - 00000000 ____D () C:\Users\Adrian\Desktop\222 2014-03-29 19:19 - 2014-03-29 19:58 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-29 19:18 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-29 16:45 - 2014-04-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-27 21:29 - 2014-03-27 21:29 - 00276272 _____ () C:\Windows\Minidump\032714-18782-01.dmp 2014-03-19 17:00 - 2014-04-02 20:13 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client 2014-03-19 16:59 - 2014-04-01 13:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-03-13 11:58 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-13 11:58 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-13 11:58 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-13 11:58 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-13 11:58 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-13 11:58 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-13 11:58 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-13 11:58 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-13 11:58 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-13 11:58 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-13 11:58 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-13 11:58 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-13 11:58 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-13 11:58 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-13 11:58 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-13 11:58 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-13 11:58 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-13 11:58 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-13 11:58 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-13 11:58 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-13 11:58 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-13 11:58 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-13 11:58 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-13 11:58 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-13 11:58 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-13 11:58 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-13 11:58 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-13 11:58 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-13 11:58 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-13 11:58 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-13 11:58 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-13 11:58 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-13 11:58 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-13 11:58 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-13 11:58 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-13 11:58 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-13 11:58 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-13 11:58 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-13 11:58 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-13 11:58 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-13 11:58 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-13 11:58 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-13 11:58 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-13 11:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-13 11:57 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-13 11:57 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-13 11:57 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-13 11:57 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-10 18:44 - 2014-03-10 18:50 - 00000000 ____D () C:\Users\Adrian\Desktop\Genetikk 2014-03-09 15:16 - 2014-04-01 13:58 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-09 15:16 - 2014-04-01 13:33 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Skype 2014-03-04 19:28 - 2014-03-29 20:03 - 00005130 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Adrian-PC-Adrian Adrian-PC ==================== One Month Modified Files and Folders ======= 2014-04-03 13:07 - 2014-04-03 13:07 - 00017501 _____ () C:\Users\Adrian\Desktop\FRST.txt 2014-04-03 13:07 - 2014-03-31 14:28 - 00000000 ____D () C:\FRST 2014-04-03 12:47 - 2014-04-03 12:47 - 00987442 _____ () C:\Users\Adrian\Desktop\SecurityCheck.exe 2014-04-03 12:32 - 2009-07-14 06:51 - 00112556 _____ () C:\Windows\setupact.log 2014-04-03 12:18 - 2012-07-14 00:02 - 01299256 _____ () C:\Windows\WindowsUpdate.log 2014-04-03 12:08 - 2012-07-13 19:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-03 11:44 - 2013-04-09 13:51 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-03 11:36 - 2014-04-01 13:35 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-03 11:25 - 2012-07-17 12:29 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe 2014-04-03 11:22 - 2009-07-14 06:45 - 00034896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-03 11:22 - 2009-07-14 06:45 - 00034896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-03 11:19 - 2011-04-12 09:43 - 00702964 _____ () C:\Windows\system32\perfh007.dat 2014-04-03 11:19 - 2011-04-12 09:43 - 00150604 _____ () C:\Windows\system32\perfc007.dat 2014-04-03 11:19 - 2009-07-14 07:13 - 01629184 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-03 11:15 - 2013-09-23 12:18 - 00000000 ____D () C:\Users\Adrian\AppData\Local\HTC MediaHub 2014-04-03 11:14 - 2012-11-16 23:56 - 00000202 _____ () C:\Windows\Tasks\AutoKMS.job 2014-04-03 11:14 - 2012-07-14 14:48 - 00000000 ____D () C:\ProgramData\Kodak 2014-04-03 11:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-02 20:13 - 2014-03-19 17:00 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client 2014-04-02 12:38 - 2013-07-12 10:55 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Akamai 2014-04-01 16:34 - 2010-11-21 05:47 - 00750992 _____ () C:\Windows\PFRO.log 2014-04-01 14:20 - 2014-04-01 14:20 - 02157056 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe 2014-04-01 14:13 - 2014-04-01 14:13 - 00000000 ____D () C:\Windows\ERUNT 2014-04-01 14:09 - 2014-03-31 11:56 - 00000000 ____D () C:\AdwCleaner 2014-04-01 14:06 - 2014-04-01 14:06 - 00001406 _____ () C:\mbam.txt 2014-04-01 14:03 - 2013-04-15 14:32 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\.minecraft 2014-04-01 14:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-01 14:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-04-01 14:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-01 14:01 - 2013-05-08 14:05 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2014-04-01 14:01 - 2012-11-10 21:15 - 00000000 ____D () C:\Windows\system32\kodak 2014-04-01 14:01 - 2012-07-29 21:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2014-04-01 14:01 - 2012-07-13 18:44 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-04-01 14:01 - 2012-07-13 18:44 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-01 14:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-01 14:00 - 2012-08-25 13:06 - 00000000 ____D () C:\Windows\Minidump 2014-04-01 14:00 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew 2014-04-01 13:59 - 2013-10-10 12:49 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animake 2014-04-01 13:59 - 2013-07-12 10:54 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Aeria Games & Entertainment 2014-04-01 13:59 - 2013-06-09 11:31 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Namco 2014-04-01 13:59 - 2013-05-08 13:09 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\DAEMON Tools Ultra 2014-04-01 13:59 - 2013-03-18 17:31 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Red Giant Link 2014-04-01 13:59 - 2013-03-18 12:39 - 00000000 ____D () C:\Users\Adrian\Desktop\Spiele 2014-04-01 13:59 - 2013-03-16 18:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Sony 2014-04-01 13:59 - 2013-02-23 16:07 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Litlink v4 2014-04-01 13:59 - 2012-08-22 14:27 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DSWorkbench 2014-04-01 13:59 - 2012-07-22 16:32 - 00000000 ____D () C:\Users\Default\AppData\Local\Eastman_Kodak_Company 2014-04-01 13:59 - 2012-07-22 16:32 - 00000000 ____D () C:\Users\Default User\AppData\Local\Eastman_Kodak_Company 2014-04-01 13:59 - 2012-07-20 19:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\SnelNL 2014-04-01 13:59 - 2012-07-14 19:07 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Skype 2014-04-01 13:58 - 2014-03-19 16:59 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-04-01 13:58 - 2014-03-09 15:16 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-04-01 13:58 - 2014-02-23 19:57 - 00000000 ____D () C:\ProgramData\HP 2014-04-01 13:58 - 2014-02-23 19:56 - 00000000 ____D () C:\Users\Adrian\AppData\Local\HP 2014-04-01 13:58 - 2014-01-31 19:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-04-01 13:58 - 2014-01-31 19:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-04-01 13:58 - 2013-10-10 12:49 - 00000000 ____D () C:\Program Files\Animake 2014-04-01 13:58 - 2013-09-02 16:47 - 00000000 ____D () C:\ProgramData\Red Giant 2014-04-01 13:58 - 2013-07-13 11:27 - 00000000 ____D () C:\Users\Adrian\.swt 2014-04-01 13:58 - 2013-05-08 13:42 - 00000000 ____D () C:\Users\Adrian\AppData\Local\DTClient 2014-04-01 13:58 - 2013-04-15 14:32 - 00000000 ____D () C:\Users\Adrian\AppData\Local\http___www.minecraftversi 2014-04-01 13:58 - 2013-04-11 20:26 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron 2014-04-01 13:58 - 2013-03-27 23:27 - 00000000 ____D () C:\Users\Adrian\AppData\Local\LogMeIn Hamachi 2014-04-01 13:58 - 2013-03-18 17:30 - 00000000 ____D () C:\Program Files\Magic Bullet Looks Vegas 2014-04-01 13:58 - 2013-03-18 17:29 - 00000000 ____D () C:\ProgramData\RedGiant 2014-04-01 13:58 - 2013-03-16 18:33 - 00000000 ____D () C:\ProgramData\Sony 2014-04-01 13:58 - 2013-02-23 16:09 - 00000000 ____D () C:\Users\Adrian\360Works 2014-04-01 13:58 - 2013-02-01 15:40 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Dxtory Software 2014-04-01 13:58 - 2013-01-29 19:00 - 00000000 ____D () C:\Users\Adrian\AppData\Local\FUT_Autobuyer 2014-04-01 13:58 - 2012-12-07 16:54 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-01 13:58 - 2012-12-07 16:54 - 00000000 ____D () C:\Program Files (x86)\Safari 2014-04-01 13:58 - 2012-11-21 17:23 - 00000000 ____D () C:\Users\Adrian\.MinecraftStructurePlanner 2014-04-01 13:58 - 2012-11-10 21:08 - 00000000 ____D () C:\ProgramData\Visan 2014-04-01 13:58 - 2012-11-10 21:08 - 00000000 ____D () C:\ProgramData\PrintProjects 2014-04-01 13:58 - 2012-11-10 21:08 - 00000000 ____D () C:\Program Files (x86)\PrintProjects 2014-04-01 13:58 - 2012-11-04 16:18 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Downloaded Installations 2014-04-01 13:58 - 2012-09-19 19:19 - 00000000 ____D () C:\Program Files\DIFX 2014-04-01 13:58 - 2012-08-26 21:28 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-04-01 13:58 - 2012-08-22 14:27 - 00000000 ____D () C:\Users\Adrian\AppData\Local\DSWorkbench 2014-04-01 13:58 - 2012-07-29 21:31 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-01 13:58 - 2012-07-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-04-01 13:58 - 2012-07-14 19:07 - 00000000 ____D () C:\ProgramData\Skype 2014-04-01 13:58 - 2012-07-14 15:17 - 00000000 ____D () C:\ProgramData\Origin 2014-04-01 13:58 - 2012-07-14 15:16 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-04-01 13:58 - 2012-07-14 14:50 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Eastman_Kodak_Company 2014-04-01 13:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-01 13:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-04-01 13:57 - 2014-03-29 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-01 13:57 - 2014-02-23 19:57 - 00000000 ____D () C:\Program Files (x86)\HP 2014-04-01 13:57 - 2014-01-31 19:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-04-01 13:57 - 2013-11-03 21:40 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive 2014-04-01 13:57 - 2013-11-03 11:06 - 00000000 ____D () C:\Program Files (x86)\Cisco 2014-04-01 13:57 - 2013-09-23 12:14 - 00000000 ____D () C:\Program Files (x86)\HTC 2014-04-01 13:57 - 2013-07-12 10:55 - 00000000 ____D () C:\Program Files (x86)\Aeria Games 2014-04-01 13:57 - 2013-03-18 17:30 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder 2014-04-01 13:57 - 2013-02-23 16:07 - 00000000 ____D () C:\litlink v4.5 2014-04-01 13:57 - 2012-11-04 16:19 - 00000000 ____D () C:\Program Files (x86)\MarkAny 2014-04-01 13:57 - 2012-08-27 17:31 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-04-01 13:57 - 2012-07-22 16:13 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant 2014-04-01 13:57 - 2012-07-15 19:39 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-04-01 13:57 - 2012-07-14 14:48 - 00000000 ____D () C:\Program Files (x86)\Kodak 2014-04-01 13:57 - 2012-07-14 00:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-01 13:57 - 2012-07-13 21:52 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment 2014-04-01 13:57 - 2012-07-13 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-01 13:57 - 2012-07-13 18:28 - 00000000 ____D () C:\AMD 2014-04-01 13:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-04-01 13:36 - 2013-02-15 17:13 - 00000000 ____D () C:\Users\Adrian\Documents\Fax 2014-04-01 13:36 - 2012-11-17 12:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\OpenOffice.org 2014-04-01 13:36 - 2012-07-22 16:13 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2014-04-01 13:36 - 2012-07-22 16:13 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2014-04-01 13:35 - 2013-09-23 12:20 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\HTC 2014-04-01 13:35 - 2013-03-24 18:00 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\AnvSoft 2014-04-01 13:35 - 2012-07-13 18:46 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Macromedia 2014-04-01 13:35 - 2012-07-13 18:46 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Adobe 2014-04-01 13:34 - 2014-04-01 13:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-01 13:34 - 2014-01-23 20:40 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Malwarebytes 2014-04-01 13:34 - 2014-01-23 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-01 13:33 - 2014-03-09 15:16 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Skype 2014-04-01 13:33 - 2013-05-08 14:22 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Rockstar Games 2014-04-01 13:33 - 2013-03-16 18:33 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Sony 2014-04-01 13:27 - 2013-10-17 15:28 - 00000000 ____D () C:\ProgramData\GFACE 2014-04-01 13:27 - 2013-07-30 13:44 - 00000000 ____D () C:\ProgramData\Avira 2014-04-01 13:27 - 2013-04-09 16:13 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Chromium 2014-04-01 13:27 - 2013-03-27 13:17 - 00000000 ____D () C:\ProgramData\HTC 2014-04-01 13:27 - 2012-07-14 15:16 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-04-01 13:26 - 2013-03-16 18:33 - 00000000 ____D () C:\Program Files\Sony 2014-04-01 13:25 - 2014-01-31 20:49 - 00000000 ____D () C:\Program Files\KMSpico 2014-04-01 13:24 - 2014-02-23 19:57 - 00000000 ____D () C:\Program Files\HP 2014-04-01 13:24 - 2012-07-22 16:40 - 00000000 ____D () C:\Program Files\Adobe 2014-04-01 13:23 - 2012-09-19 19:18 - 00000000 ____D () C:\Program Files (x86)\TI Education 2014-04-01 13:23 - 2012-07-15 15:33 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-01 13:22 - 2013-05-08 13:49 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2014-04-01 13:22 - 2013-03-18 17:30 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link 2014-04-01 13:22 - 2012-11-04 16:19 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-04-01 13:21 - 2013-05-08 14:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-04-01 13:21 - 2013-02-01 15:29 - 00000000 ____D () C:\Program Files (x86)\Lavalys 2014-04-01 13:21 - 2012-11-17 12:03 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3 2014-04-01 13:21 - 2012-07-14 15:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-04-01 13:20 - 2014-01-31 19:37 - 00000000 __RHD () C:\MSOCache 2014-04-01 13:20 - 2012-12-07 21:05 - 00000000 ____D () C:\Program Files (x86)\AAAA 2014-04-01 13:19 - 2013-07-12 11:02 - 00000000 ____D () C:\AeriaGames 2014-04-01 13:17 - 2012-07-14 13:08 - 00136680 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-01 13:17 - 2012-07-14 00:06 - 00000000 ____D () C:\Users\Adrian 2014-04-01 12:10 - 2012-07-13 21:41 - 00000000 ____D () C:\Perfect World Entertainment 2014-04-01 12:10 - 2012-07-13 20:02 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-03-31 12:21 - 2013-07-13 12:49 - 00000000 ____D () C:\Program Files (x86)\eFusion 2014-03-31 12:20 - 2013-07-13 12:53 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion 2014-03-31 11:59 - 2012-07-13 18:33 - 00000000 ____D () C:\ProgramData\ICQ 2014-03-30 12:03 - 2014-03-30 11:59 - 00000000 ____D () C:\Users\Adrian\Desktop\222 2014-03-29 20:04 - 2012-07-14 00:06 - 00000000 ___RD () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-29 20:03 - 2014-03-04 19:28 - 00005130 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Adrian-PC-Adrian Adrian-PC 2014-03-29 19:58 - 2014-03-29 19:19 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-29 19:44 - 2012-07-15 16:16 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\DVDVideoSoft 2014-03-29 19:43 - 2012-09-12 18:47 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-03-29 19:40 - 2013-03-25 23:13 - 00000000 ____D () C:\ProgramData\Freemake 2014-03-29 19:39 - 2012-07-20 19:41 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-03-27 21:29 - 2014-03-27 21:29 - 00276272 _____ () C:\Windows\Minidump\032714-18782-01.dmp 2014-03-27 21:29 - 2012-08-25 13:06 - 664573870 _____ () C:\Windows\MEMORY.DMP 2014-03-27 21:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-03-15 23:56 - 2012-11-16 23:56 - 00000202 _____ () C:\Windows\Tasks\AutoKMSDaily.job 2014-03-13 20:48 - 2009-07-14 06:45 - 05126680 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-13 18:14 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2014-03-12 20:08 - 2012-07-13 19:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-12 20:08 - 2012-07-13 18:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-12 20:08 - 2012-07-13 18:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-10 18:50 - 2014-03-10 18:44 - 00000000 ____D () C:\Users\Adrian\Desktop\Genetikk 2014-03-09 21:11 - 2013-11-03 21:42 - 00000000 _____ () C:\dfu.log 2014-03-06 10:54 - 2013-11-26 20:50 - 00000000 ____D () C:\Users\Adrian\Desktop\Uni 2014-03-05 09:26 - 2014-04-01 13:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-01 13:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-01-23 20:40 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys Some content of TEMP: ==================== C:\Users\Adrian\AppData\Local\Temp\177586a2e115f96eb5376c91004890a9.dll C:\Users\Adrian\AppData\Local\Temp\3f8e1a4ebebc94a212769f8f4afa1e3a.dll C:\Users\Adrian\AppData\Local\Temp\50652bbe223916d0d5b3dc6c8920dcd2.dll C:\Users\Adrian\AppData\Local\Temp\798b1a9cff2fc6e3b1cdcb42d594e804.dll C:\Users\Adrian\AppData\Local\Temp\969f7038a97f04a828131152338f558a.dll C:\Users\Adrian\AppData\Local\Temp\AskSLib.dll C:\Users\Adrian\AppData\Local\Temp\avgnt.exe C:\Users\Adrian\AppData\Local\Temp\avguidx.dll C:\Users\Adrian\AppData\Local\Temp\b0b190554c6cca30e2b412430cc12464.dll C:\Users\Adrian\AppData\Local\Temp\BrokerMediumIntegrity.exe C:\Users\Adrian\AppData\Local\Temp\CommonInstaller.exe C:\Users\Adrian\AppData\Local\Temp\d168cd165ca0942b8da37d98a237a7b1.dll C:\Users\Adrian\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Adrian\AppData\Local\Temp\GdiPlus.dll C:\Users\Adrian\AppData\Local\Temp\GenericUninstall.exe C:\Users\Adrian\AppData\Local\Temp\Gw2.exe C:\Users\Adrian\AppData\Local\Temp\htmlayout.dll C:\Users\Adrian\AppData\Local\Temp\iGearedHelper.dll C:\Users\Adrian\AppData\Local\Temp\InstallerMessageBox.exe C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl-cg.dll C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl-chk.dll C:\Users\Adrian\AppData\Local\Temp\j3dcore-ogl.dll C:\Users\Adrian\AppData\Local\Temp\MachineIdCreator.exe C:\Users\Adrian\AppData\Local\Temp\NPSInstallerProxy.exe C:\Users\Adrian\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll C:\Users\Adrian\AppData\Local\Temp\oi_{0633E289-82BC-4439-BAA6-77A405B816AC}.exe C:\Users\Adrian\AppData\Local\Temp\ose00001.exe C:\Users\Adrian\AppData\Local\Temp\PDFReader-2.1.1.exe C:\Users\Adrian\AppData\Local\Temp\pidgenx.dll C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe C:\Users\Adrian\AppData\Local\Temp\SkypeSetup.exe C:\Users\Adrian\AppData\Local\Temp\sonarinst.exe C:\Users\Adrian\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Adrian\AppData\Local\Temp\swt-win32-3740.dll C:\Users\Adrian\AppData\Local\Temp\tmp_minecraft.exe C:\Users\Adrian\AppData\Local\Temp\ToolbarInstaller.exe C:\Users\Adrian\AppData\Local\Temp\uninst1.exe C:\Users\Adrian\AppData\Local\Temp\uninstall14078715.exe C:\Users\Adrian\AppData\Local\Temp\uninstaller.exe C:\Users\Adrian\AppData\Local\Temp\WhiteLabelSetup.exe C:\Users\Adrian\AppData\Local\Temp\WSSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-31 13:29 ==================== End Of Log ============================ Geändert von Aerodyx (03.04.2014 um 12:09 Uhr) |
|
04.04.2014, 09:28
| #10 |
| /// the machine /// TB-Ausbilder | Plötzliche hohe "Pings" im Spiel Java und Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AppInit_DLLs-x32: 0 => "0" File Not Found
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.04.2014, 11:40
| #11 |
| | Plötzliche hohe "Pings" im SpielCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Adrian at 2014-04-04 12:40:05 Run:1
Running from C:\Users\Adrian\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
AppInit_DLLs-x32: 0 => "0" File Not Found
*****************
"0" => Value Data removed successfully.
==== End of Fixlog ====
Code:
ATTFilter Farbar Service Scanner Version: 25-02-2014
Ran by Adrian (administrator) on 04-04-2014 at 12:41:00
Running from "C:\Users\Adrian\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Demand. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
|
|
05.04.2014, 10:34
| #12 |
| /// the machine /// TB-Ausbilder | Plötzliche hohe "Pings" im Spiel Bitte das machen: http://www.trojaner-board.de/126216-...epair-aio.html Frisches FSS und FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Plötzliche hohe "Pings" im Spiel |
| andere, anderen, counterstrike, funktionier, funktioniert, global, hilfe, hintergrund, hohe, häufig, pings, plötzlich, plötzliche, problem, spiel, spiele, spielen, tagen, viren, überhaupt, zwischen |
Linear-Darstellung
