| |
| |||||||
Log-Analyse und Auswertung: Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.07.2014, 18:58
| #1 |
 |  Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Hallo, ein plötzlich auftretendes Problem zieht mich mal wieder hierher. Und zwar ist es so, dass auf einmal Seiten wie die Google Suche/Maps, Facebook und Youtube nicht mehr richtig bzw. nur teilweise geladen werden. Internetverbindung ist Ok. Mein Laptop hat diese Probleme nicht. Andere Internetseiten auf den ich sonst verkehre, zeigen auch kein solches Verhalten. Auch ein Browserwechsel hat nichts gebracht. Lediglich funktionierte Avast Antivirus nicht mehr richtig worauf ich es dann deinstalliert habe und Antivir installiert habe. Avast wurde zwar gestartet und vom System scheinbar ausgeführt, aber ich konnte nicht mehr auf das Programm zugreifen oder es steuern. Hier die Logs: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:36 on 05/07/2014 (Infar)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by Infar (administrator) on ASUSI5 on 05-07-2014 19:38:19 Running from C:\Users\Infar\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbirt\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Users\Infar\Desktop\Tor Browser\Browser\firefox.exe () C:\Users\Infar\Desktop\Tor Browser\Tor\tor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe [1783296 2006-07-23] (Logitech Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-17] (Avira Operations GmbH & Co. KG) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEBFBA7B13BE9CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default FF Homepage: about:home FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\searchplugins\duckduckgo.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: German Dictionary - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08] FF Extension: Ghostery - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\firefox@ghostery.com.xpi [2013-08-03] FF Extension: NoScript - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-25] FF Extension: Adblock Plus - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-21] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25] CHR Extension: (Google Drive) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25] CHR Extension: (YouTube) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25] CHR Extension: (Google-Suche) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25] CHR Extension: (Google Wallet) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25] CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-06-25] CHR Extension: (Google Mail) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25] CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-29] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-17] (Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-14] () ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-17] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-20] (DT Soft Ltd) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-05] (Malwarebytes Corporation) S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) [File not signed] S3 usbser64; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation) S3 catchme; \??\C:\cofi\catchme.sys [X] S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X] S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X] S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-05 19:38 - 2014-07-05 19:38 - 00012127 _____ () C:\Users\Infar\Desktop\FRST.txt 2014-07-05 19:38 - 2014-07-05 19:38 - 00000000 ____D () C:\FRST 2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00380416 _____ () C:\Users\Infar\Downloads\4v6e52ng.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable 2014-07-05 19:35 - 2014-07-05 19:35 - 00050477 _____ () C:\Users\Infar\Downloads\Defogger.exe 2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser 2014-07-02 17:48 - 2014-07-02 17:50 - 27437354 _____ () C:\Users\Infar\Downloads\torbrowser-install-3.6.2_de.exe 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios 2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk 2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle 2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url 2014-07-01 16:48 - 2014-07-05 17:07 - 00000280 _____ () C:\Windows\setupact.log 2014-07-01 16:48 - 2014-07-01 16:48 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-26 11:44 - 2014-06-26 11:44 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-25 22:01 - 2014-06-25 22:01 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-25 21:59 - 2014-06-17 16:25 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-25 21:59 - 2014-06-17 16:25 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-25 21:59 - 2014-06-17 16:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-25 21:42 - 2014-07-05 19:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-25 21:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-25 21:41 - 2014-07-05 18:51 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-25 21:41 - 2014-07-05 17:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-25 21:41 - 2014-06-26 02:46 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-25 21:41 - 2014-06-26 02:46 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-25 21:41 - 2014-06-25 21:42 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google 2014-06-25 21:41 - 2014-06-25 21:41 - 40514640 _____ (Google Inc.) C:\Users\Infar\Downloads\ChromeStandaloneSetup_35.0.1916.153.exe 2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-25 20:25 - 2014-06-25 20:30 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa 2014-06-17 11:59 - 2014-06-17 12:01 - 00000000 ____D () C:\Users\Infar\Documents\Sony PMB 2014-06-17 11:58 - 2014-06-25 21:35 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-06-17 11:54 - 2014-06-25 21:35 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation 2014-06-17 11:44 - 2014-06-25 21:33 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url 2014-06-14 00:45 - 2014-06-14 00:46 - 00000000 ____D () C:\Users\Infar\Documents\BFH.Beta 2014-06-12 09:13 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 09:13 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-12 09:13 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 09:13 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 09:13 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 09:13 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 09:13 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 09:13 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 09:13 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 09:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 09:13 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 09:13 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 09:13 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 09:13 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 09:13 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 09:13 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 09:13 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 09:13 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 09:13 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 09:13 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 09:13 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 09:13 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 09:13 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 09:13 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 09:13 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 09:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 09:13 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 09:13 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 09:13 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 09:13 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 09:13 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 09:13 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 09:13 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 09:13 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 09:13 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 09:13 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 09:13 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 09:13 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 09:13 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 09:13 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 09:13 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 09:13 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 09:13 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 09:13 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 09:13 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 09:13 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 09:13 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 09:13 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 09:13 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 09:13 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 09:13 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 09:13 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 09:13 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 09:13 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 09:13 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 09:13 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 09:13 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 09:13 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 09:13 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 09:13 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 09:13 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 09:13 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-09 14:55 - 2014-07-01 17:29 - 00001056 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt 2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast ==================== One Month Modified Files and Folders ======= 2014-07-05 19:38 - 2014-07-05 19:38 - 00012127 _____ () C:\Users\Infar\Desktop\FRST.txt 2014-07-05 19:38 - 2014-07-05 19:38 - 00000000 ____D () C:\FRST 2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00380416 _____ () C:\Users\Infar\Downloads\4v6e52ng.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable 2014-07-05 19:36 - 2011-01-20 19:03 - 00000000 ____D () C:\Users\Infar 2014-07-05 19:35 - 2014-07-05 19:35 - 00050477 _____ () C:\Users\Infar\Downloads\Defogger.exe 2014-07-05 19:30 - 2014-06-25 21:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-05 18:55 - 2013-09-12 17:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-05 18:51 - 2014-06-25 21:41 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-05 17:46 - 2011-07-14 15:03 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\TS3Client 2014-07-05 17:16 - 2012-05-08 21:01 - 01710122 _____ () C:\Windows\WindowsUpdate.log 2014-07-05 17:16 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-05 17:16 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-05 17:15 - 2011-01-21 19:21 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E32FF8B6-3DA1-40CE-9FEC-BE9BD0085B0F} 2014-07-05 17:10 - 2012-10-10 18:29 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-05 17:08 - 2014-06-25 21:41 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-05 17:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-05 17:07 - 2014-07-01 16:48 - 00000280 _____ () C:\Windows\setupact.log 2014-07-03 17:59 - 2012-09-18 18:31 - 00000000 ____D () C:\ProgramData\Origin 2014-07-03 17:41 - 2013-03-06 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-07-03 17:02 - 2012-10-28 11:57 - 00000000 ____D () C:\Users\Infar\AppData\Local\Canon Easy-PhotoPrint EX 2014-07-03 17:02 - 2012-10-28 11:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-03 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser 2014-07-02 20:21 - 2012-08-07 21:49 - 00000000 ____D () C:\Users\Infar\AppData\Local\CrashDumps 2014-07-02 17:50 - 2014-07-02 17:48 - 27437354 _____ () C:\Users\Infar\Downloads\torbrowser-install-3.6.2_de.exe 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios 2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk 2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle 2014-07-01 19:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-01 19:13 - 2013-03-06 16:36 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url 2014-07-01 19:02 - 2012-10-10 18:35 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-01 17:29 - 2014-06-09 14:55 - 00001056 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt 2014-07-01 16:48 - 2014-07-01 16:48 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-30 17:51 - 2014-05-25 13:26 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Tropico 5 2014-06-29 13:43 - 2011-07-14 15:00 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-26 11:44 - 2014-06-26 11:44 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-26 11:40 - 2012-12-13 17:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\vlc 2014-06-26 02:46 - 2014-06-25 21:41 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-26 02:46 - 2014-06-25 21:41 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-25 22:01 - 2014-06-25 22:01 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:41 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google 2014-06-25 21:42 - 2012-01-15 19:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-25 21:42 - 2011-05-22 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-25 21:42 - 2011-05-15 19:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Malwarebytes 2014-06-25 21:41 - 2014-06-25 21:41 - 40514640 _____ (Google Inc.) C:\Users\Infar\Downloads\ChromeStandaloneSetup_35.0.1916.153.exe 2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-25 21:41 - 2011-05-22 09:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-06-25 21:35 - 2014-06-17 11:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-06-25 21:35 - 2014-06-17 11:54 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-06-25 21:33 - 2014-06-17 11:44 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-06-25 21:32 - 2012-04-23 21:28 - 00000000 ____D () C:\Windows\pss 2014-06-25 21:10 - 2014-04-22 16:23 - 00000000 ____D () C:\Users\Infar\Desktop\qp33 2014-06-25 20:30 - 2014-06-25 20:25 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa 2014-06-17 16:25 - 2014-06-25 21:59 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-17 16:25 - 2014-06-25 21:59 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-17 16:25 - 2014-06-25 21:59 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-17 12:03 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-06-17 12:03 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-06-17 12:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-17 12:01 - 2014-06-17 11:59 - 00000000 ____D () C:\Users\Infar\Documents\Sony PMB 2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation 2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url 2014-06-16 10:03 - 2013-09-12 17:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-16 10:03 - 2012-12-23 13:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-16 10:03 - 2012-12-23 13:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-14 00:46 - 2014-06-14 00:45 - 00000000 ____D () C:\Users\Infar\Documents\BFH.Beta 2014-06-14 00:44 - 2013-11-05 19:25 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-06-14 00:06 - 2013-04-27 13:14 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-06-14 00:06 - 2011-10-29 14:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-06-12 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 13:13 - 2011-01-20 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-12 11:56 - 2013-08-14 20:40 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 11:55 - 2011-02-25 21:45 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-12 11:53 - 2014-04-30 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-12 09:08 - 2011-11-18 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbirt 2014-06-08 11:13 - 2014-06-12 09:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-12 09:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast 2014-06-07 09:36 - 2013-10-25 21:11 - 00000000 ____D () C:\Users\Infar\AppData\Local\Battle.net 2014-06-07 09:30 - 2013-10-25 21:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-07 08:57 - 2014-03-21 20:59 - 00000000 ____D () C:\Users\Infar\Documents\NCSOFT 2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Users\Infar\AppData\Local\NCSOFT 2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Program Files (x86)\NCSOFT Some content of TEMP: ==================== C:\Users\Infar\AppData\Local\Temp\avgnt.exe C:\Users\Infar\AppData\Local\Temp\Gw2.exe C:\Users\Infar\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Infar\AppData\Local\Temp\raptrpatch.exe C:\Users\Infar\AppData\Local\Temp\raptr_stub.exe C:\Users\Infar\AppData\Local\Temp\sonarinst.exe C:\Users\Infar\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-29 18:15 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Infar at 2014-07-05 19:38:52
Running from C:\Users\Infar\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.02 - Piriform)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
FlashFXP (x32 Version: 4.3.0.1904 - OpenSight Software LLC) Hidden
FlashFXP 4.3.0.1904 (HKLM-x32\...\FlashFXP 4.3.0.1904) (Version: 4.3.0.1904 - OpenSight Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (HKLM-x32\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt))
Logitech G11 Keyboard Software 1.03 (HKLM\...\{59427B1F-852F-4AF1-8215-E5B12F966D89}) (Version: 1.3.166.0 - Logitech)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 91xx console driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 1.9 - Krzysztof Kowalczyk)
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Tropico 5 - Steam Special Edition (HKLM-x32\...\{96C8FF19-C95E-44A7-A238-95692578538F}_is1) (Version: 1.1.0 - Kalypso)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
03-07-2014 16:51:32 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-17 11:17 - 2013-08-17 11:18 - 00000025 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {01F12F72-6552-4D69-862E-DA9856A19B8D} - System32\Tasks\9625c7e0 => C:\Users\Infar\AppData\Local\Temp\\setup1280905984.exe <==== ATTENTION
Task: {1E68A066-1766-4FA5-919C-C2095E778786} - System32\Tasks\fc55d6c0 => C:\Users\Infar\AppData\Local\Temp\\setup3322390240.exe <==== ATTENTION
Task: {26F9F759-4111-4C6A-A465-B373BFAC0D8E} - System32\Tasks\c20c4a00 => C:\Users\Infar\AppData\Local\Temp\\setup3092055936.exe <==== ATTENTION
Task: {29542135-9888-456F-85A9-BD6F10514AEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-16] (Adobe Systems Incorporated)
Task: {33489E1B-29BA-4FD3-8AB0-244B576A1C27} - System32\Tasks\e52f9740 => C:\Users\Infar\AppData\Local\Temp\\setup3004092320.exe <==== ATTENTION
Task: {362E9211-A2DE-4FC9-887B-8106CAD0461A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {3AFE7A13-A293-4F31-BBC3-0B00EDB8CD40} - System32\Tasks\68b11ec0 => C:\Users\Infar\AppData\Local\Temp\\setup1546186528.exe <==== ATTENTION
Task: {3F0D9AED-91CE-48AB-B909-414F9B1B1CE7} - System32\Tasks\59cfc740 => C:\Users\Infar\AppData\Local\Temp\\setup1273175168.exe <==== ATTENTION
Task: {69305CED-2633-4C7B-87E8-F73C9BD09A96} - System32\Tasks\b95ef480 => C:\Users\Infar\AppData\Local\Temp\\setup2152194208.exe <==== ATTENTION
Task: {6CB6A6E2-2D44-4F76-9874-5792760B6749} - System32\Tasks\385c8bc0 => C:\Users\Infar\AppData\Local\Temp\\setup455001152.exe <==== ATTENTION
Task: {7ABA8DD1-B35C-4A36-A46B-83182D0559A2} - System32\Tasks\64adbf40 => C:\Users\Infar\AppData\Local\Temp\\setup778016896.exe <==== ATTENTION
Task: {83416F08-FBA6-4917-A50F-7F0CDB5A5B52} - System32\Tasks\a1945f00 => C:\Users\Infar\AppData\Local\Temp\\setup2477241408.exe <==== ATTENTION
Task: {8FA7EF5C-C4A9-410C-B456-5AA48DD63459} - System32\Tasks\c9a238a0 => C:\Users\Infar\AppData\Local\Temp\\setup2144701664.exe <==== ATTENTION
Task: {9F8CC47E-3CDE-4A21-8807-24CB510743B2} - System32\Tasks\{F2C16F8C-53CC-49B0-8DE3-102A0D9D93E3} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {BB79EA4E-B064-406B-B5A2-FDC59666FA9E} - System32\Tasks\d77f9220 => C:\Users\Infar\AppData\Local\Temp\\setup2727730528.exe <==== ATTENTION
Task: {C960F8EE-304C-42FA-947B-BAAF38459912} - System32\Tasks\7a727260 => C:\Users\Infar\AppData\Local\Temp\\setup3522564512.exe <==== ATTENTION
Task: {DBABEAFE-6462-4ACC-8676-38C0172AC15B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {E3B4099A-63F1-4DCE-8DD2-56F24013BAC5} - System32\Tasks\10a885c0 => C:\Users\Infar\AppData\Local\Temp\\setup3733440320.exe <==== ATTENTION
Task: {EAC93F13-0F1A-4517-8B9D-C14AE012A115} - System32\Tasks\1b3cb880 => C:\Users\Infar\AppData\Local\Temp\\setup3934284800.exe <==== ATTENTION
Task: {F495F307-1CD7-41F3-8ED8-91BF0695AE21} - System32\Tasks\473b5de0 => C:\Users\Infar\AppData\Local\Temp\\setup400786272.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-10-28 11:51 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2011-10-29 14:42 - 2014-06-14 00:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-01-22 20:17 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-10-29 12:08 - 2014-06-29 13:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 12:08 - 2014-06-29 13:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-10-29 12:08 - 2014-06-29 13:43 - 00563144 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-11 16:16 - 2014-06-29 13:43 - 00577480 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2010-12-22 05:39 - 2010-12-22 05:39 - 00028672 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 02138112 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\tor.exe
2011-11-18 21:44 - 2014-06-12 09:08 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbirt\mozjs.dll
2011-11-18 21:44 - 2014-06-12 09:08 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbirt\NSLDAP32V60.dll
2011-11-18 21:44 - 2014-06-12 09:08 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbirt\NSLDAPPR32V60.dll
2012-01-21 10:01 - 2014-06-12 13:13 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-23 12:56 - 2014-05-31 03:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-27 12:33 - 2014-05-31 03:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-23 12:56 - 2014-05-31 03:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 20:54 - 2014-05-31 03:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-23 12:56 - 2014-06-30 23:47 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-23 12:56 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2012-10-10 18:30 - 2014-06-30 23:46 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-10-10 18:30 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-10-10 18:30 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-10-10 18:30 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-10-10 18:30 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-16 10:03 - 2014-06-16 10:03 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 04541454 _____ () C:\Users\Infar\Desktop\Tor Browser\Browser\mozjs.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00510788 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\libevent-2-0-5.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00090112 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\zlib1.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00104451 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\libssp-0.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssSrv => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Free Antivirus.lnk => C:\Windows\pss\avast! Free Antivirus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Infar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
MSCONFIG\startupreg: UPI11_COM => Regsvr32.exe /s "C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\upiExtractImage.dll"
==================== Faulty Device Manager Devices =============
Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2014 08:21:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 30.0.0.5269 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c30
Startzeit: 01cf9602a72beb16
Endzeit: 52
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: a7178148-0215-11e4-82ac-bcaec5ab10ea
Error: (07/02/2014 08:21:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x106c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/02/2014 08:16:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EoCApp.exe, Version: 1.0.41.0, Zeitstempel: 0x53b2e333
Name des fehlerhaften Moduls: EoCApp.exe, Version: 1.0.41.0, Zeitstempel: 0x53b2e333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0056714c
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xEoCApp.exe0
Pfad der fehlerhaften Anwendung: EoCApp.exe1
Pfad des fehlerhaften Moduls: EoCApp.exe2
Berichtskennung: EoCApp.exe3
Error: (06/24/2014 05:55:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0xf68
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:53:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x13ec
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:51:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x3b8
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0xd24
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:25:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x688
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0xb80
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:20:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x13c8
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
System errors:
=============
Error: (07/03/2014 06:48:39 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/03/2014 04:20:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/03/2014 04:20:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/26/2014 01:35:36 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (06/24/2014 05:55:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 13 Mal passiert.
Error: (06/24/2014 05:53:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 12 Mal passiert.
Error: (06/24/2014 05:51:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 11 Mal passiert.
Error: (06/24/2014 05:32:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 10 Mal passiert.
Error: (06/24/2014 05:25:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 9 Mal passiert.
Error: (06/24/2014 05:23:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 8 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (07/02/2014 08:21:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe30.0.0.5269c3001cf9602a72beb1652C:\Program Files (x86)\Mozilla Firefox\firefox.exea7178148-0215-11e4-82ac-bcaec5ab10ea
Error: (07/02/2014 08:21:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b106c01cf9616f9215498C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb0c0f18e-0215-11e4-82ac-bcaec5ab10ea
Error: (07/02/2014 08:16:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EoCApp.exe1.0.41.053b2e333EoCApp.exe1.0.41.053b2e333c00000050056714c65001cf960d47d2c68dC:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exeC:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exefae8992b-0214-11e4-82ac-bcaec5ab10ea
Error: (06/24/2014 05:55:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3cf6801cf8fc47e8b6f7bC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dlle51a2ef4-fbb7-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:53:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c13ec01cf8fc43e11363bC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dllbbfa3ccd-fbb7-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:51:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c3b801cf8fc19f079182C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dll69b1f3ef-fbb7-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3cd2401cf8fc09a3f287aC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dllcaa14a3b-fbb4-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:25:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c68801cf8fc05d0e0c0aC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dllc5e627d5-fbb3-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3cb8001cf8fbfee2d3eabC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dll88b02953-fbb3-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:20:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c13c801cf8fbee5834727C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dll19cfaa15-fbb3-11e3-9eba-bcaec5ab10ea
CodeIntegrity Errors:
===================================
Date: 2011-05-17 15:54:55.671
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cofi\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-17 15:54:55.656
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cofi\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 8168.77 MB
Available physical RAM: 5448.07 MB
Total Pagefile: 16335.72 MB
Available Pagefile: 13051.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:667.55 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 48605CD9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-05 19:56:19
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST31000528AS rev.CC38 931,51GB
Running: 4v6e52ng.exe; Driver: C:\Users\Infar\AppData\Local\Temp\pfldrpoc.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800035b4000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800035b402f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076b41465 2 bytes [B4, 76]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076b414bb 2 bytes [B4, 76]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 00000000727e1a22 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 00000000727e1ad0 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 00000000727e1b08 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 00000000727e1bba 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 00000000727e1bda 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076b41465 2 bytes [B4, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076b414bb 2 bytes [B4, 76]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002683112bd2
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002683112bd2 (not active ControlSet)
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Program Files (x86)\Wizards of the Coast\Magic 2014 \x2014 Duels of the Planeswalkers\Uninstall\unins000.exe 1
---- EOF - GMER 2.1 ----
Der Addition.txt scheint ja doch etwas auffälliges zu beinhalten. Gruß Infar |
| Themen zu Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. |
| adobe, antivirus, avira, branding, browser, canon, defender, firefox, flash player, google, helper, homepage, iexplore.exe, launch, lightning, mozilla, problem, programm, realtek, refresh, registry, scan, security, services.exe, software, svchost.exe, system, teamspeak, usb, windows |
Baum-Darstellung