| |
| |||||||
Log-Analyse und Auswertung: Firefox spinnt - 'Man-in-the-Browser' ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.06.2014, 21:01
| #1 |
 |  Firefox spinnt - 'Man-in-the-Browser' ? Liebes Trojaner-Board-Team, mein Browser Mozilla Firefox ist zur Zeit am rumspinnen, ich bin froh das ich gerade in eurem Forum posten kann. Problem: Sobald ich mehrere Tabs aufmache laden die Tabs nicht mehr, es sieht aus wie ein Disconnect vom Internet. Aber mein Internet zeigt mir stetig Lokal und Internet[grüne Weltkugel, kein X für Verbindung unterbrochen]. Beispielweise nebenher skypen geht. Auch bei Skype ist mir was komisches aufgefallen: sobald ich ein Gespräch beginne/entgegennehme steht dort irgendwie: sichere Verbindung wurde hergestellt. Kann man auf OK oder Details für Windows-Details klicken. Habe ich mir jetzt aber nichts weiter bei gedacht. MBAM hatte zwischendurch auch skype.exe als Bedrohung angezeigt, genauso wie es mir weitere Dateien, die ich im Referenzfall vor zwei Wochen mit euch in die Qarantäne verschoben habe. Ich habe die Dateien vor ein paar Tagen gelöscht, weil sie nicht brauchte und mir ständig 'Bedrohung' angezeigt wurde. War dies ein Fehler, wenn ja bitte ich dies zu entschuldigen. Wie kann er revidiert werden? Zwischendurch möchte ich einen neuen Tab öffnen, dann laufen dort viele Internetseiten durch, die schon sehr verdächtig klingen: nix-ist-fix.XXXXXXXX oder ähnliche. Zuerst dachte ich, ich hätte Halluzinationen vom vielen arbeiten oder es liegt an meinen Kopfschmerzen. Vielleicht sind es auch speziell Internetseiten, die etwas mit AdobeFlashPlayer oder Adobe zusammen haben? Dann trifft das Problem nämlich auf. So saubere Internetseiten wie euer Forum lassen sich aufrufen. Sobald ich bpsw. auf bild.de gehe tritt der eher Fehler auf. Ich muss dann Firefox schließen. Sobald ich es wieder öffne bin ich wieder auf meiner Startseite google. Ihr hattet mir vor gut zwei Wochen ausgezeichnet helfen können und hoffe ihr werdet es nochmal tun. Kann doch gar nicht sein, dass ich mir ständig auf irgendwelchen Zwielichtigen-Seiten die Dinger einfange? PS: Meine CPU-Auslastung beim Taskmanager schwankt irgendwie auch ganz komisch natürlich ist mein Laptop nicht mehr der neuste, aber es geht zwischen 5-10% manchmal auf 40% hoch ohne das ich einen neuen Prozess öffne. Firefox 300.000 K + // Normalwert? MBAM hatte mir 0 Treffer angezeigt, oder spinne ich doch einfach? Referenzfall: http://www.trojaner-board.de/154401-...entfernen.html FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-06-2014 Ran by jules (administrator) on JULES-PC on 07-06-2014 21:19:55 Running from C:\Users\jules\Desktop Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 7 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe () C:\Acer\Mobility Center\MobilityService.exe (NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () C:\Windows\System32\PnkBstrA.exe () C:\Program Files\Cyberlink\Shared files\RichVideo.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Windows\PLFSetI.exe (Realtek Semiconductor Corp.) C:\Users\jules\AppData\Local\temp\RtkBtMnt.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe (Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (OLYMPUS IMAGING CORP.) C:\Program Files\Olympus\ib\olycamdetect.exe (Akamai Technologies, Inc.) C:\Users\jules\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Dropbox, Inc.) C:\Users\jules\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe (Akamai Technologies, Inc.) C:\Users\jules\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-25] (Synaptics, Inc.) HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] () HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6294048 2008-09-19] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-09-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] () HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2008-12-17] (Dritek System Inc.) HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-13] (Google) HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [1687824 2007-07-18] (Logitech Inc.) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2094352 2007-07-18] (Logitech Inc.) HKLM\...\Run: [MDS_Menu] => C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH) HKLM\...\Run: [Aeria Ignite] => C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [ProductReg] => C:\Program Files\Acer\WR_PopUp\ProductReg.exe [135168 2008-11-17] (Acer) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-06-16] (Google Inc.) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [1775808 2014-05-21] (Valve Corporation) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [Olympus ib] => C:\Program Files\Olympus\ib\olycamdetect.exe [93376 2009-12-10] (OLYMPUS IMAGING CORP.) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [Akamai NetSession Interface] => C:\Users\jules\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-1746654511-3761473265-4038029783-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1746654511-3761473265-4038029783-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-1746654511-3761473265-4038029783-1001\...\Run: [ProductReg] => C:\Program Files\Acer\WR_PopUp\ProductReg.exe [135168 2008-11-17] (Acer) HKU\S-1-5-21-1746654511-3761473265-4038029783-1001\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [24576 2007-08-21] () AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-13] (Google) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico () Startup: C:\Users\jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\jules\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {3055BE9B-C574-4C23-9D32-16D177511334} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKCU - DefaultScope {3055BE9B-C574-4C23-9D32-16D177511334} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE332 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} SearchScopes: HKCU - {3055BE9B-C574-4C23-9D32-16D177511334} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE332 BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: No Name - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No File BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 80.69.103.78 80.69.102.158 FireFox: ======== FF ProfilePath: C:\Users\jules\AppData\Roaming\Mozilla\Firefox\Profiles\l92ad71y.default FF SelectedSearchEngine: Google FF Homepage: https://www.google.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @esn/npbattlelog,version=2.4.0 - C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\jules\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\jules\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\jules\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\jules\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\jules\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\jules\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\jules\AppData\Roaming\Mozilla\Firefox\Profiles\l92ad71y.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\jules\AppData\Roaming\Mozilla\Firefox\Profiles\l92ad71y.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\jules\AppData\Roaming\Mozilla\Firefox\Profiles\l92ad71y.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\jules\AppData\Roaming\Mozilla\Firefox\Profiles\l92ad71y.default\searchplugins\searchplugins-backup FF SearchPlugin: C:\Users\jules\AppData\Roaming\Mozilla\Firefox\Profiles\l92ad71y.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\jules\AppData\Roaming\Mozilla\Firefox\Profiles\l92ad71y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-03] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-11] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-05-16] FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-05-16] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2009-06-17] Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) CHR Plugin: (Skype Toolbars) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (Google Drive) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01] CHR Extension: (SiteAdvisor) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-05-16] CHR Extension: (DivX HiQ) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-05-16] CHR Extension: (No Name) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj [2011-11-30] CHR Extension: (Skype Click to Call) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-10-13] CHR Extension: (Google Wallet) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\jules\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-05-16] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2010-06-22] CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17] CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\jules\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-29] ========================== Services (Whitelisted) ================= S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [49152 2013-05-26] () R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.) S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-13] (Google) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [95200 2012-01-13] (McAfee, Inc.) R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () S3 npggsvc; C:\Windows\system32\GameMon.des [3953632 2012-03-05] (INCA Internet Co., Ltd.) R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2014-06-01] () R2 RichVideo; c:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] () ==================== Drivers (Whitelisted) ==================== R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-01-16] () S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.) R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-01-16] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation) R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation) S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-14] (OLYMPUS IMAGING CORP.) S3 spc999; C:\Windows\System32\drivers\spc999.sys [487936 2009-12-14] ( ) S3 spc999m; C:\Windows\System32\drivers\spc999m.sys [7680 2009-12-14] ( ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-23] () U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation) S3 catchme; \??\C:\uninstall.exe\catchme.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 vtany; \??\C:\Windows\vtany.sys [X] S3 WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-07 21:19 - 2014-06-07 21:20 - 00027997 _____ () C:\Users\jules\Desktop\FRST.txt 2014-06-07 21:19 - 2014-06-07 21:20 - 00000000 ___DC () C:\FRST 2014-06-07 21:09 - 2014-06-07 21:09 - 00380416 _____ () C:\Users\jules\Desktop\GMER.exe 2014-06-07 21:07 - 2014-06-07 21:07 - 01063424 _____ (Farbar) C:\Users\jules\Desktop\FRST.exe 2014-06-04 20:09 - 2014-06-04 20:20 - 00000000 ____D () C:\Users\jules\Desktop\MakroTetragon 2014-06-01 22:21 - 2014-06-01 22:21 - 00000000 ____D () C:\Users\jules\Documents\Battlefield 3 2014-06-01 22:20 - 2014-06-01 22:20 - 00000000 ____D () C:\Users\jules\AppData\Local\ESN 2014-06-01 22:20 - 2014-06-01 22:20 - 00000000 ____D () C:\Program Files\Battlelog Web Plugins 2014-06-01 22:17 - 2014-06-01 22:17 - 00000000 ____D () C:\ProgramData\EA Core 2014-06-01 22:16 - 2014-06-01 22:16 - 00000967 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk 2014-06-01 22:16 - 2014-06-01 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 2014-06-01 20:52 - 2014-06-01 20:52 - 00000000 ____D () C:\Users\jules\AppData\Roaming\Origin 2014-06-01 20:22 - 2014-06-01 20:23 - 00002163 ____C () C:\DelFix.txt 2014-06-01 20:19 - 2014-06-01 20:19 - 00000000 __SDC () C:\32788R22FWJFW 2014-06-01 20:17 - 2014-06-07 21:20 - 00000000 ____D () C:\Users\jules\AppData\Local\temp 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-05-29 18:35 - 2014-05-29 18:35 - 00000000 ____D () C:\Users\jules\AppData\Local\Adobe 2014-05-29 18:31 - 2014-05-29 18:33 - 00000000 ____D () C:\Program Files\Origin Games 2014-05-29 18:30 - 2014-05-29 18:31 - 00000000 ____D () C:\Users\jules\AppData\Local\Origin 2014-05-29 18:29 - 2014-06-02 01:04 - 00000000 ____D () C:\ProgramData\Origin 2014-05-29 18:29 - 2014-06-01 22:17 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-05-29 18:29 - 2014-05-29 18:29 - 00000780 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-05-29 18:28 - 2014-06-01 20:51 - 00000000 ____D () C:\Program Files\Origin 2014-05-29 09:37 - 2014-05-29 09:37 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-28 21:02 - 2014-05-28 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bwin Poker 2014-05-28 16:28 - 2014-06-01 20:22 - 00000000 ____D () C:\Windows\ERUNT 2014-05-28 16:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll 2014-05-28 15:56 - 2014-06-07 18:34 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-28 15:56 - 2014-05-28 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-28 15:56 - 2014-05-28 15:56 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-28 15:56 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-28 15:56 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-27 09:48 - 2014-06-01 20:19 - 00000000 ____D () C:\Windows\erdnt 2014-05-27 09:21 - 2014-05-27 09:21 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-05-26 23:22 - 2014-05-26 23:22 - 00166520 _____ () C:\Windows\Minidump\Mini052614-02.dmp 2014-05-26 22:44 - 2014-05-26 22:44 - 00166520 _____ () C:\Windows\Minidump\Mini052614-01.dmp 2014-05-26 16:43 - 2014-05-26 16:46 - 00000000 ____D () C:\Users\jules\Documents\BIS Core Engine 2014-05-21 20:19 - 2014-05-21 20:19 - 00000285 _____ () C:\Users\jules\Desktop\makrofaebookkack.txt 2014-05-15 01:36 - 2014-05-15 01:36 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-14 22:54 - 2014-05-07 02:26 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 22:54 - 2014-05-07 02:26 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 22:54 - 2014-05-07 00:58 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 22:54 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-11 22:01 - 2014-05-11 22:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2014-06-07 21:20 - 2014-06-07 21:19 - 00027997 _____ () C:\Users\jules\Desktop\FRST.txt 2014-06-07 21:20 - 2014-06-07 21:19 - 00000000 ___DC () C:\FRST 2014-06-07 21:20 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\jules\AppData\Local\temp 2014-06-07 21:09 - 2014-06-07 21:09 - 00380416 _____ () C:\Users\jules\Desktop\GMER.exe 2014-06-07 21:08 - 2012-09-02 11:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-07 21:07 - 2014-06-07 21:07 - 01063424 _____ (Farbar) C:\Users\jules\Desktop\FRST.exe 2014-06-07 21:00 - 2009-12-05 17:31 - 00000000 ____D () C:\Users\jules\AppData\Roaming\Skype 2014-06-07 20:54 - 2014-04-29 20:37 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746654511-3761473265-4038029783-1000UA.job 2014-06-07 20:53 - 2010-04-01 11:41 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-07 20:20 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-07 20:20 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-07 19:02 - 2013-06-23 21:52 - 00000000 ____D () C:\Users\jules\AppData\Roaming\Dropbox 2014-06-07 18:34 - 2014-05-28 15:56 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-07 18:28 - 2009-01-19 22:35 - 01612692 _____ () C:\Windows\WindowsUpdate.log 2014-06-07 18:24 - 2013-06-23 21:57 - 00000000 ___RD () C:\Users\jules\Dropbox 2014-06-07 18:24 - 2009-12-14 21:56 - 00000000 ____D () C:\Program Files\Steam 2014-06-07 18:23 - 2014-05-07 09:03 - 00000000 ____D () C:\Users\jules\AppData\Roaming\DropboxMaster 2014-06-07 18:23 - 2012-10-17 10:16 - 00308473 _____ () C:\Windows\AutoKMS.log 2014-06-07 18:22 - 2014-01-29 12:28 - 00000000 ___RD () C:\Users\jules\Google Drive 2014-06-07 18:21 - 2010-04-01 11:41 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-07 18:20 - 2008-11-20 05:53 - 00000147 _____ () C:\Windows\system32\agent.log 2014-06-07 18:20 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-07 10:15 - 2006-11-02 15:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-04 20:20 - 2014-06-04 20:09 - 00000000 ____D () C:\Users\jules\Desktop\MakroTetragon 2014-06-04 20:07 - 2011-05-17 13:26 - 00000474 ____H () C:\Windows\Tasks\Norton Security Scan for jules.job 2014-06-04 15:54 - 2014-04-29 20:37 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746654511-3761473265-4038029783-1000Core.job 2014-06-02 01:04 - 2014-05-29 18:29 - 00000000 ____D () C:\ProgramData\Origin 2014-06-01 23:14 - 2012-10-22 17:45 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-06-01 22:21 - 2014-06-01 22:21 - 00000000 ____D () C:\Users\jules\Documents\Battlefield 3 2014-06-01 22:21 - 2009-06-16 22:42 - 00280904 _____ () C:\Windows\system32\PnkBstrB.xtr 2014-06-01 22:21 - 2009-06-16 20:50 - 00000000 ____D () C:\Users\jules\AppData\Local\PunkBuster 2014-06-01 22:21 - 2009-06-16 20:30 - 00140072 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys 2014-06-01 22:21 - 2009-06-16 20:29 - 00280904 _____ () C:\Windows\system32\PnkBstrB.exe 2014-06-01 22:20 - 2014-06-01 22:20 - 00000000 ____D () C:\Users\jules\AppData\Local\ESN 2014-06-01 22:20 - 2014-06-01 22:20 - 00000000 ____D () C:\Program Files\Battlelog Web Plugins 2014-06-01 22:17 - 2014-06-01 22:17 - 00000000 ____D () C:\ProgramData\EA Core 2014-06-01 22:17 - 2014-05-29 18:29 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-06-01 22:16 - 2014-06-01 22:16 - 00000967 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk 2014-06-01 22:16 - 2014-06-01 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 2014-06-01 22:16 - 2009-06-16 20:30 - 00138056 _____ () C:\Users\jules\AppData\Roaming\PnkBstrK.sys 2014-06-01 22:15 - 2009-06-16 20:29 - 00189248 _____ () C:\Windows\system32\PnkBstrB.ex0 2014-06-01 22:15 - 2009-06-16 20:29 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe 2014-06-01 20:52 - 2014-06-01 20:52 - 00000000 ____D () C:\Users\jules\AppData\Roaming\Origin 2014-06-01 20:51 - 2014-05-29 18:28 - 00000000 ____D () C:\Program Files\Origin 2014-06-01 20:23 - 2014-06-01 20:22 - 00002163 ____C () C:\DelFix.txt 2014-06-01 20:22 - 2014-05-28 16:28 - 00000000 ____D () C:\Windows\ERUNT 2014-06-01 20:19 - 2014-06-01 20:19 - 00000000 __SDC () C:\32788R22FWJFW 2014-06-01 20:19 - 2014-05-27 09:48 - 00000000 ____D () C:\Windows\erdnt 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-06-01 20:17 - 2014-06-01 20:17 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-06-01 20:10 - 2006-11-02 12:23 - 00000215 ____C () C:\Windows\system.ini 2014-06-01 20:08 - 2008-01-21 04:47 - 03425824 _____ () C:\Windows\PFRO.log 2014-06-01 19:33 - 2009-06-16 17:03 - 00000000 ____D () C:\Users\jules 2014-05-29 18:35 - 2014-05-29 18:35 - 00000000 ____D () C:\Users\jules\AppData\Local\Adobe 2014-05-29 18:33 - 2014-05-29 18:31 - 00000000 ____D () C:\Program Files\Origin Games 2014-05-29 18:31 - 2014-05-29 18:30 - 00000000 ____D () C:\Users\jules\AppData\Local\Origin 2014-05-29 18:29 - 2014-05-29 18:29 - 00000780 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-05-29 09:37 - 2014-05-29 09:37 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-29 09:37 - 2009-12-05 17:30 - 00000000 ___RD () C:\Program Files\Skype 2014-05-29 09:37 - 2009-10-08 15:15 - 00000000 ____D () C:\ProgramData\Skype 2014-05-28 21:02 - 2014-05-28 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bwin Poker 2014-05-28 21:02 - 2014-02-13 20:38 - 00001431 _____ () C:\Users\jules\Desktop\bwin Poker.lnk 2014-05-28 21:02 - 2013-03-18 02:57 - 00001437 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\bwin Poker.lnk 2014-05-28 21:02 - 2006-11-02 14:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-05-28 18:00 - 2012-08-14 14:48 - 00000000 ____D () C:\Users\jules\AppData\Local\ArmA 2 OA 2014-05-28 16:52 - 2014-03-24 01:18 - 00002379 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-28 16:16 - 2010-10-28 20:17 - 00000000 ____D () C:\ProgramData\ICQ 2014-05-28 16:16 - 2009-06-24 20:25 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-05-28 15:56 - 2014-05-28 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-28 15:56 - 2014-05-28 15:56 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-28 15:56 - 2013-05-13 21:35 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-28 15:56 - 2012-05-03 15:36 - 00000000 ____D () C:\Users\jules\AppData\Roaming\Malwarebytes 2014-05-28 15:56 - 2012-05-03 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-27 10:17 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default 2014-05-27 10:17 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public 2014-05-27 09:21 - 2014-05-27 09:21 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-05-27 09:17 - 2010-04-05 17:25 - 00000000 ____D () C:\Users\jules\Tracing 2014-05-26 23:26 - 2009-12-14 21:56 - 00000000 ____D () C:\Program Files\Common Files\Steam 2014-05-26 23:22 - 2014-05-26 23:22 - 00166520 _____ () C:\Windows\Minidump\Mini052614-02.dmp 2014-05-26 23:22 - 2012-04-27 21:45 - 318719702 _____ () C:\Windows\MEMORY.DMP 2014-05-26 23:22 - 2012-04-27 21:45 - 00000000 ____D () C:\Windows\Minidump 2014-05-26 22:44 - 2014-05-26 22:44 - 00166520 _____ () C:\Windows\Minidump\Mini052614-01.dmp 2014-05-26 20:54 - 2009-06-16 17:04 - 00000000 ____D () C:\Users\jules\AppData\Local\Google 2014-05-26 16:46 - 2014-05-26 16:43 - 00000000 ____D () C:\Users\jules\Documents\BIS Core Engine 2014-05-23 09:03 - 2013-06-23 21:57 - 00000923 _____ () C:\Users\jules\Desktop\Dropbox.lnk 2014-05-23 09:03 - 2013-06-23 21:55 - 00000000 ____D () C:\Users\jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-22 00:10 - 2013-11-03 22:57 - 00000000 ____D () C:\Users\jules\Desktop\Makro 2014-05-21 20:54 - 2009-06-16 18:23 - 00000000 ____D () C:\Users\jules\AppData\Roaming\Mozilla 2014-05-21 20:19 - 2014-05-21 20:19 - 00000285 _____ () C:\Users\jules\Desktop\makrofaebookkack.txt 2014-05-21 15:54 - 2010-04-01 16:53 - 00001967 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-05-15 09:39 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-05-15 09:38 - 2012-10-11 19:06 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-15 01:39 - 2008-11-20 05:57 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-15 01:36 - 2014-05-15 01:36 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-15 01:35 - 2013-08-16 19:09 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-15 01:32 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-05-13 22:09 - 2012-09-02 11:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-05-13 22:09 - 2011-07-10 20:28 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-05-12 14:41 - 2006-11-02 12:33 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-12 09:02 - 2012-05-03 15:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-12 07:26 - 2014-05-28 15:56 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-05-28 15:56 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:25 - 2012-05-03 15:35 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-11 22:35 - 2014-01-06 02:12 - 00000139 _____ () C:\Users\jules\Desktop\xxxxxxxxxxxx.txt 2014-05-11 22:02 - 2014-05-11 22:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-08 15:54 - 2014-01-29 12:20 - 00001911 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-05-08 15:54 - 2014-01-29 12:20 - 00001909 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-05-08 15:54 - 2014-01-29 12:20 - 00001899 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-05-08 15:54 - 2014-01-29 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-05-08 10:17 - 2014-05-07 11:12 - 00001246 _____ () C:\Users\jules\Desktop\KurseWarschaumadness.txt Some content of TEMP: ==================== C:\Users\jules\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiv6r4x.dll C:\Users\jules\AppData\Local\temp\RtkBtMnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-06-07 18:27 ==================== End Of Log ============================ --- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-06-2014
Ran by jules at 2014-06-07 21:21:10
Running from C:\Users\jules\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (HKLM\...\uTorrent) (Version: 3.1.0 - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Acer Crystal Eye webcam Ver:1.1.57.409 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.57.409 - Chicony Electronics Co.,Ltd.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer Product Registration (HKLM\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.10 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.02.1111 - Acer Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alliance of Valiant Arms (HKLM\...\Alliance of Valiant Arms) (Version: - )
Apple Mobile Device Support (HKLM\...\{B5C3B892-0849-476C-9F46-B12F84819D57}) (Version: 3.0.0.102 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ARMA 2 (HKLM\...\Steam App 33910) (Version: - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM\...\Steam App 33930) (Version: - Bohemia Interactive)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM\...\BattlEye for OA) (Version: - )
Broadcom Gigabit Integrated Controller (HKLM\...\{F870B987-18BC-45FC-9BE8-35C02DCDA10F}) (Version: 11.32.03 - Broadcom Corporation)
bwin Poker (HKLM\...\bwincomPoker) (Version: - bwincom)
bwin Poker 1.0.0 (HKLM\...\bwin Poker_is1) (Version: 1.0.0 - bwin)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7 - Activision) Hidden
Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward)
Camera RAW Plug-In for EPSON Creativity Suite (HKLM\...\{42EDF895-158C-484E-A7F2-42B90759F281}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.3023d - CyberLink Corp.)
CyberLink PowerDirector (Version: 6.5.3023d - CyberLink Corp.) Hidden
DayZ Commander (HKLM\...\{05B1529B-C423-42AA-B981-4ECA247E9FC0}) (Version: 1.09.73 - Dotjosh Studios)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.5.0.8 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EPSON Stylus SX200 Series Printer Uninstall (HKLM\...\EPSON Stylus SX200 Series) (Version: - SEIKO EPSON Corporation)
Free Audio CD Burner version 1.4 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download 2.4 (HKLM\...\Free YouTube Download_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.8 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0_RC_10 - )
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Drive (HKLM\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Talk Plugin (HKLM\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
GTA San Andreas (HKLM\...\{E0303B6A-C675-4102-95DA-C013625BFA99}) (Version: 1.00.00001 - Rockstar Games)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Java Auto Updater (Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Logitech GamePanel Software 2.00 (HKLM\...\{948BE614-F37B-4A73-AD43-0245F23C110D}) (Version: 2.00.171 - Logitech)
Mafia 2 (HKLM\...\{A716BE0A-331D-4603-9E70-319153D1943F}_is1) (Version: - By Hasbihal)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access 2010 (HKLM\...\Office14.AccessR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Access 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.3.2 (HKLM\...\MTA:SA 1.3) (Version: v1.3.2 - Multi Theft Auto)
MySQL Connector/ODBC 5.2(w) (HKLM\...\{410BB59D-840E-4408-8D85-D74A0F7E113B}) (Version: 5.2.2 - Oracle Corporation)
Norton Security Scan (HKLM\...\NSS) (Version: 2.7.6.13 - Symantec Corporation)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems)
NTI Backup Now Standard (Version: 5.1.2.606 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems)
NTI Media Maker 8 (Version: 8.0.2.6329 - NewTech Infosystems) Hidden
Nuvoton EC Generic HID Driver (HKLM\...\{302E9B7B-2B6A-4C29-9A02-9F2110649779}) (Version: 7.80.5000 - Nuvoton Technology Corporation)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OLYMPUS ib (HKLM\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1210c - OLYMPUS IMAGING CORP.)
OLYMPUS ib (Version: 1.1.1210c - OLYMPUS IMAGING CORP.) Hidden
OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)
Play withSIX (HKLM\...\{61873A7A-38DD-4973-90A9-69E4560A1DC6}) (Version: 1.00.0068 - SIX Networks)
PokerTH (HKLM\...\PokerTH 0.9.5) (Version: 0.9.5 - www.pokerth.net)
Portal (HKLM\...\Steam App 400) (Version: - Valve)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 2.15.1 (HKLM\...\R for Windows 2.15.1_is1) (Version: 2.15.1 - R Core Team)
R for Windows 3.1.0 (HKLM\...\R for Windows 3.1.0_is1) (Version: 3.1.0 - R Core Team)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5704 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
RStudio (HKLM\...\RStudio) (Version: 0.96.331 - RStudio)
Scan2PDF 1.6 (HKLM\...\Scan2PDF_is1) (Version: - Koma-Code)
Secure Download Manager (HKLM\...\{9268B41D-6045-4F5F-A14E-3F8E51CD2666}) (Version: 3.0.5 - e-academy Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SopCast 3.3.2 (HKLM\...\SopCast) (Version: 3.3.2 - www.sopcast.com)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
StarCraft II (HKLM\...\StarCraft II) (Version: 2.0.9.26147 - Blizzard Entertainment)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.4.0 - Synaptics)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20202 - TeamViewer)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.AccessR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
USB MP3 Player WIN98 Drivers (HKLM\...\USB MP3 Player WIN98 Drivers) (Version: - )
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.5 - Flagship Industries, Inc.)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
Xfire (remove only) (HKLM\...\Xfire) (Version: - )
XP-Games JRE (HKLM\...\XP-Games JRE) (Version: - )
==================== Restore Points =========================
01-06-2014 18:22:42 Ende der Bereinigung
01-06-2014 20:13:46 DirectX wurde installiert
03-06-2014 20:10:49 Windows Update
==================== Hosts content: ==========================
2006-11-02 12:23 - 2014-06-01 20:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1222D404-87FD-4E23-B51C-5636FE9DDB87} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2EA02FA6-45CB-4902-9CB9-D02F99350F1C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - jules => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42B55020-E593-4710-881E-E36B0FFE7D5D} - System32\Tasks\{23EF95EB-77C0-43F5-9288-F408955B2D31} => C:\Program Files\Skype\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4B69729F-4A53-417A-949B-CCA909BA187F} - System32\Tasks\Norton Security Scan for jules => C:\Program Files\Norton Security Scan\Engine\2.7.6.13\Nss.exe [2011-05-17] (Symantec Corporation)
Task: {4F368E01-46D7-491A-A60B-0597FA5BBC5E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {5559BF42-53DB-4104-9AE2-ECF529964DEA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {6D40101D-0A39-4A92-ADCA-5A61C00AB411} - System32\Tasks\{70F3F7B7-F755-4831-BEBE-3A34F629A904} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.166.217&LastError=206
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {A9D99EE3-B89E-40FB-A0CA-97A856949A3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)
Task: {BDA4A639-588E-4111-BC6C-0888177FA87B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1746654511-3761473265-4038029783-1000UA => C:\Users\jules\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-02] (Google Inc.)
Task: {D9EF614E-519B-41DE-B9B2-9558C87F27D0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2012-10-17] (Microsoft)
Task: {DEF6DB21-60B7-43ED-AEAE-EA6438708FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1746654511-3761473265-4038029783-1000Core => C:\Users\jules\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-02] (Google Inc.)
Task: {E4C5552A-23FE-4720-A239-7F12469FF02F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746654511-3761473265-4038029783-1000Core.job => C:\Users\jules\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746654511-3761473265-4038029783-1000UA.job => C:\Users\jules\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for jules.job => C:\Program Files\Norton Security Scan\Engine\2.7.6.13\Nss.exe
==================== Loaded Modules (whitelisted) =============
2007-06-24 20:09 - 2007-06-24 20:09 - 01024000 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 00098304 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 00061440 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2010-09-27 12:03 - 2010-09-27 12:03 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2008-11-20 06:09 - 2007-12-06 17:15 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe
2008-11-20 06:09 - 2007-11-27 16:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2008-04-25 22:36 - 2008-04-25 22:36 - 00131072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2009-06-16 20:29 - 2014-06-01 22:15 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2008-11-20 05:55 - 2007-01-09 20:25 - 00272024 _____ () c:\Program Files\Cyberlink\Shared files\RichVideo.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-05-23 20:08 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2008-04-25 22:36 - 2008-04-25 22:36 - 00028672 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
2008-04-28 10:49 - 2008-04-28 10:49 - 00003072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2009-01-19 22:42 - 2007-10-23 11:56 - 00200704 _____ () C:\Windows\PLFSetI.exe
2009-01-20 07:24 - 2003-06-07 23:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll
2009-06-16 17:03 - 2010-08-13 02:04 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2014-06-07 18:23 - 2014-06-07 18:23 - 00043008 _____ () c:\users\jules\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiv6r4x.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\jules\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-11 22:01 - 2014-05-11 22:02 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:DAFD38AE
AlternateDataStreams: C:\ProgramData\Temp:F3176E45
AlternateDataStreams: C:\Users\jules\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\jules\AppData\Roaming:NT
AlternateDataStreams: C:\Users\jules\Documents\dvr irc test.mp4:TOC.WMV
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/07/2014 08:52:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/07/2014 08:52:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/07/2014 08:37:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung FlashPlayerPlugin_13_0_0_214.exe, Version 13.0.0.214, Zeitstempel 0x5359c61d, fehlerhaftes Modul FlashPlayerPlugin_13_0_0_214.exe, Version 13.0.0.214, Zeitstempel 0x5359c61d, Ausnahmecode 0x40000015, Fehleroffset 0x000180d0,
Prozess-ID 0xe0c, Anwendungsstartzeit FlashPlayerPlugin_13_0_0_214.exe0.
Error: (06/07/2014 06:21:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2014 09:20:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2014 06:35:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2014 06:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2014 09:48:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/05/2014 09:48:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/05/2014 09:00:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (06/07/2014 06:21:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (06/07/2014 06:21:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (06/07/2014 06:21:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (06/07/2014 09:20:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (06/07/2014 09:19:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (06/07/2014 09:19:50 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (06/06/2014 06:35:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (06/06/2014 06:35:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (06/06/2014 06:35:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (06/06/2014 06:52:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Microsoft Office Sessions:
=========================
Error: (06/07/2014 08:52:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Programs\bwincom\DM.dll
Error: (06/07/2014 08:52:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Programs\bwincom\DM.dll
Error: (06/07/2014 08:37:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_13_0_0_214.exe13.0.0.2145359c61dFlashPlayerPlugin_13_0_0_214.exe13.0.0.2145359c61d40000015000180d0e0c01cf8278f5fee8ca
Error: (06/07/2014 06:21:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2014 09:20:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2014 06:35:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2014 06:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2014 09:48:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Programs\bwincom\DM.dll
Error: (06/05/2014 09:48:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Programs\bwincom\DM.dll
Error: (06/05/2014 09:00:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Programs\bwincom\DM.dll
CodeIntegrity Errors:
===================================
Date: 2014-06-07 21:20:59.243
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:58.916
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:58.604
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:58.292
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:57.964
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:57.652
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:57.325
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:57.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:56.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-07 21:20:56.217
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 3065.93 MB
Available physical RAM: 1554.13 MB
Total Pagefile: 6336.13 MB
Available Pagefile: 4472.42 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.79 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:142.65 GB) (Free:26.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:142.67 GB) (Free:4.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 841F2730)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=143 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=143 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=12)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-07 21:43:20
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVT-22ZCT0 rev.11.01A11 298,09GB
Running: GMER.exe; Driver: C:\Users\jules\AppData\Local\Temp\fwdoypow.sys
---- System - GMER 2.1 ----
INT 0x52 ? 87952F00
INT 0x72 ? 87952F00
INT 0x72 ? 87952F00
INT 0x72 ? 87952F00
INT 0x72 ? 87952F00
INT 0x72 ? 87952F00
INT 0x82 ? 87952F00
INT 0x92 ? 85F8CBF8
INT 0x92 ? 85F8CBF8
INT 0x92 ? 85F8CBF8
INT 0x92 ? 85F8CBF8
INT 0x92 ? 85F8CBF8
INT 0xA2 ? 87952F00
---- Kernel code sections - GMER 2.1 ----
? System32\Drivers\spov.sys Das System kann den angegebenen Pfad nicht finden. !
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA34E8300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA35BB300, 0x1BEE, 0xE8000020]
---- Devices - GMER 2.1 ----
Device \FileSystem\Ntfs \Ntfs 869281F8
Device \FileSystem\fastfat \FatCdrom 8A5C21F8
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
Device \Driver\volmgr \Device\VolMgrControl 85F8E1F8
Device \Driver\usbuhci \Device\USBPDO-0 8796E500
Device \Driver\usbuhci \Device\USBPDO-1 8796E500
Device \Driver\usbuhci \Device\USBPDO-2 8796E500
Device \Driver\usbehci \Device\USBPDO-3 878E71F8
Device \Driver\usbuhci \Device\USBPDO-4 8796E500
Device \Driver\usbuhci \Device\USBPDO-5 8796E500
Device \Driver\usbuhci \Device\USBPDO-6 8796E500
Device \Driver\volmgr \Device\HarddiskVolume1 85F8E1F8
Device \Driver\volmgr \Device\HarddiskVolume2 85F8E1F8
Device \Driver\cdrom \Device\CdRom0 878DE1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{24B3DBA1-5C1B-4453-86AA-763AE61AB23F} 8B574308
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 869261F8
Device \Driver\atapi \Device\Ide\IdePort0 869261F8
Device \Driver\atapi \Device\Ide\IdePort1 869261F8
Device \Driver\atapi \Device\Ide\IdePort2 869261F8
Device \Driver\atapi \Device\Ide\IdePort3 869261F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 869261F8
Device \Driver\msahci \Device\Ide\PciIde0Channel0 869271F8
Device \Driver\msahci \Device\Ide\PciIde0Channel1 869271F8
Device \Driver\msahci \Device\Ide\PciIde0Channel4 869271F8
Device \Driver\msahci \Device\Ide\PciIde0Channel5 869271F8
Device \Driver\volmgr \Device\HarddiskVolume3 85F8E1F8
Device \Driver\volmgr \Device\HarddiskVolume4 85F8E1F8
Device \Driver\netbt \Device\NetBt_Wins_Export 8B574308
Device \Driver\Smb \Device\NetbiosSmb 8B368358
Device \Driver\iScsiPrt \Device\RaidPort0 87C131F8
Device \Driver\netbt \Device\NetBT_Tcpip_{3FAFED2A-826B-479E-B6A9-4636C777D5EA} 8B574308
Device \Driver\usbuhci \Device\USBFDO-0 8796E500
Device \Driver\usbuhci \Device\USBFDO-1 8796E500
Device \Driver\usbuhci \Device\USBFDO-2 8796E500
Device \Driver\usbehci \Device\USBFDO-3 878E71F8
Device \Driver\usbuhci \Device\USBFDO-4 8796E500
Device \Driver\usbuhci \Device\USBFDO-5 8796E500
Device \Driver\usbuhci \Device\USBFDO-6 8796E500
Device \Driver\usbehci \Device\USBFDO-7 878E71F8
Device \FileSystem\fastfat \Fat 8A5C21F8
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
Device \FileSystem\cdfs \Cdfs 879FA1F8
---- Trace I/O - GMER 2.1 ----
Trace ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x869261f8]<< 869261f8
Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x870bbac8] 870bbac8
Trace 3 CLASSPNP.SYS[8bb9f8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8697cb98] 8697cb98
Trace \Driver\atapi[0x869b3a60] -> IRP_MJ_CREATE -> 0x869261f8 869261f8
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 07.06.2014 Suchlauf-Zeit: 18:34:32 Logdatei: logdateiMBAM.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.07.05 Rootkit Datenbank: v2014.06.02.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x86 Dateisystem: NTFS Benutzer: jules Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 292418 Verstrichene Zeit: 14 Min, 16 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Geändert von Dirknash (07.06.2014 um 21:08 Uhr) |
| Themen zu Firefox spinnt - 'Man-in-the-Browser' ? |
| 4d36e972-e325-11ce-bfc1-08002be10318, akamai, association, browser, chromium, classpnp.sys, converter, device driver, error, excel, fehler, firefox, flash player, home, homepage, install.exe, launch, mozilla, mp3, olympus, popup, realtek, registry, rundll, scan, schutz, security, services.exe, siteadvisor, svchost.exe, symantec, system, usb |
Baum-Darstellung