| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Langsames Internet, docs.google.com untrusted bei FirefoxWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.10.2014, 18:21
| #1 |
| |  Langsames Internet, docs.google.com untrusted bei Firefox Hallo, wie beschrieben ist mein Internet sehr langsam geworden, und seit neustem erkennt Nightly docs.google.com als untrusted an. Anbei logs von GMER, FRST und Defogger. Gruß |
|
15.10.2014, 18:37
| #2 |
| /// the machine /// TB-Ausbilder    | Langsames Internet, docs.google.com untrusted bei Firefox Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
15.10.2014, 18:41
| #3 |
| | Langsames Internet, docs.google.com untrusted bei Firefox Hallo,
__________________wie gefordert hier die Logfiles Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-10-2014 01
Ran by christian at 2014-10-15 18:47:58
Running from C:\Users\christian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.2.28500 - BitTorrent Inc.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{E94EFAB6-653F-4837-9E8A-F6377CA1EC0D}) (Version: 11.8.800.175 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 9.3 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC)
AMD Accelerated Video Transcoding (Version: 13.30.100.40915 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0915.1813.30937 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Command and Conquer - Generals (HKLM-x32\...\Command and Conquer - Generals_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - Relic)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.804 - Corel Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DC++ (remove only) (HKLM-x32\...\DC++) (Version: - )
Defcon (HKLM-x32\...\Defcon_is1) (Version: - Introversion Software Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
Don't Starve (HKLM-x32\...\Don't Starve_is1) (Version: - Klei Entertainment)
Euro Truck Simulator 2 v1.3.1 (HKLM-x32\...\Euro Truck Simulator 2 v1.3.11.3.1) (Version: 1.3.1 - Friends in War)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.4.2224 - Evernote Corp.)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube Uploader version 3.3.29.412 (HKLM-x32\...\Free YouTube Uploader_is1) (Version: 3.3.29.412 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software)
IMVU Avatar Chat Software (HKCU\...\IMVU Avatar chat client software BETA) (Version: - )
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Knights and Merchants (HKLM-x32\...\Steam App 253900) (Version: - Topware Interactive)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
Metal Slug 3 (HKLM-x32\...\Steam App 250180) (Version: - DotEmu)
METAL SLUG X (HKLM-x32\...\Steam App 312610) (Version: - DotEmu)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (Version: 4.5.50861 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.1 - Ubisoft)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nightly 32.0a1 (x64 en-US) (HKLM\...\Nightly 32.0a1 (x64 en-US)) (Version: 32.0a1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150 - Sony Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden
Railroad Tycoon 3 (HKLM-x32\...\{DE29025A-091F-4998-AD2D-24C84421190F}) (Version: 1.0 - )
RAR Password Recovery Professional (HKLM-x32\...\RAR Password Recovery Professional) (Version: - SmartKey, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation)
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy Media Creator Home (x32 Version: 10.3.351 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
ShockWave 1.1 (HKCU\...\ShockWave 1.1) (Version: - )
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
SONY VGP-UPR1 (Display Adapter) Utility (HKLM-x32\...\{E3D4D2B9-5333-41E2-A42B-D92A22C270B3}) (Version: 1.01.0003 - Sony Corporation)
SONY VGP-UPR1(Ethernet Adapter) (HKLM-x32\...\InstallShield_{22283E26-C409-4F3E-A2F9-151725EA8D48}) (Version: - )
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synergy (HKLM-x32\...\Steam App 17520) (Version: - Synergy Team)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Elder Scroll V - Skyrim version Patch 1.3 (HKLM-x32\...\{CA27E123-F2ED-44F6-A545-30DA2370D180}_is1) (Version: Patch 1.3 - Bethesda Studios)
The Guild II - Pirates of the European Seas (HKLM-x32\...\Steam App 39660) (Version: - 4 Head Studios)
The Guild II (HKLM-x32\...\Steam App 39650) (Version: - 4 Head Studios)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version: - Rune Forge)
Thief Gold (HKLM-x32\...\Steam App 211600) (Version: - Looking Glass Studios)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 beta 14 - Ghisler Software GmbH)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}) (Version: 1.5.10.06150 - Sony Corporation)
VAIO BD Menu Data (HKLM-x32\...\{DF0415CC-0563-407F-B560-9B7F277122C5}) (Version: 3.3.00.05300 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.4.00.05300 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 3.3.01.13200 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.5.00.05300 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
Version 1.15 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version: - Gilde2.de)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{3A1F3A32-7E9D-4AD2-A2E2-DFC98BAA9DC7}) (Version: 1.3.1403.1202 - SplitMediaLabs)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Z (HKLM-x32\...\Steam App 275530) (Version: - TickTock Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
15-10-2014 16:28:32 Removed altPUG.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {13C002A7-B657-4C67-93D1-67F25A65037B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {144C9E04-343F-4412-8C05-0D1A32835843} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {170DFF42-D3D5-4231-B5F5-1F5DB644BBC4} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {1C951494-2AA7-47F7-B2AA-2F566B2AD279} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {3B2EEB6A-9D6C-4664-8CBD-F6563DA300EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31] (Google Inc.)
Task: {403038DD-92D6-45A7-A729-5510BCD93628} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {5BEA893F-B3A9-4917-A699-94D643CE5440} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31] (Google Inc.)
Task: {64B9E36D-8CAF-4AAC-9759-BA4F1C05CD90} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {7FDD803D-98E7-4C2E-AF09-4A047BA61475} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {8CB0937B-FAD5-485F-B137-C8BE1A49FAED} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {8D95A083-4F69-43E4-A307-45264AA56369} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {A011C2CA-6383-477B-978D-A64C809100EE} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {CC768206-20A9-4D38-A9E6-A0725749C253} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {D3676507-5A4D-4158-A47F-0C6D0AF9E11F} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {D7D033AD-6F39-4A8A-A3F6-30FC5EC82C88} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {D9C203F5-BD9F-446D-9500-04603BAFA4C3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {EF622150-16D6-48D0-93A3-2AFCB2F5DF03} - \Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-14 02:36 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 14:39 - 2014-05-12 14:39 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-05-12 14:39 - 2014-05-12 14:39 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-05-12 14:39 - 2014-05-12 14:39 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2011-11-16 10:41 - 2014-09-17 20:08 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2011-11-16 10:41 - 2014-09-17 20:08 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-05-12 14:39 - 2014-05-12 14:39 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-05-12 14:39 - 2014-05-12 14:39 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2011-11-16 10:41 - 2014-09-17 20:08 - 00134088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2014-05-12 14:39 - 2014-05-12 14:39 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-03-22 22:53 - 2014-06-01 00:43 - 04919808 _____ () C:\Program Files\Nightly\mozjs.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-08-22 08:46 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-22 08:46 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-22 08:46 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-03-11 19:53 - 2014-10-02 01:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 12:44 - 2014-10-09 19:54 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-22 08:46 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-22 08:46 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-03-11 19:53 - 2014-10-09 19:53 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-03-11 19:52 - 2014-09-05 01:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-07-26 23:59 - 2014-09-05 01:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: Roxio UPnP Renderer 10 => 3
MSCONFIG\Services: Roxio Upnp Server 10 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDms => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VAIO Power Management => 2
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VcmIAlzMgr => 3
MSCONFIG\Services: VcmINSMgr => 3
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: SONY VGP-UPR1 (Display Adapter) => "C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: V-bates => C:\Program Files\V-bates\notifier.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-1664109576-739197433-2756214009-500 - Administrator - Disabled)
christian (S-1-5-21-1664109576-739197433-2756214009-1000 - Administrator - Enabled) => C:\Users\christian
Gast (S-1-5-21-1664109576-739197433-2756214009-501 - Limited - Disabled)
postgres (S-1-5-21-1664109576-739197433-2756214009-1001 - Limited - Enabled) => C:\Users\postgres
==================== Faulty Device Manager Devices =============
Name: regi
Description: regi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: regi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/15/2014 00:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
Error: (10/15/2014 00:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=2350} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
Error: (10/15/2014 07:47:19 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (10/14/2014 11:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.32.127.722, Zeitstempel: 0x543b93eb
Name des fehlerhaften Moduls: D3DCOMPILER_43.dll, Version: 9.29.952.3111, Zeitstempel: 0x4bf73239
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e5516
ID des fehlerhaften Prozesses: 0x103c
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3
Error: (10/14/2014 07:02:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.32.127.722, Zeitstempel: 0x543b93eb
Name des fehlerhaften Moduls: D3DCOMPILER_43.dll, Version: 9.29.952.3111, Zeitstempel: 0x4bf73239
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e5516
ID des fehlerhaften Prozesses: 0xbc0
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3
Error: (10/14/2014 08:14:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.0.5254, Zeitstempel: 0x537c8433
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.0.5254, Zeitstempel: 0x537c8305
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000001363
ID des fehlerhaften Prozesses: 0x2bcc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (10/14/2014 05:45:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.30.127.372, Zeitstempel: 0x54255879
Name des fehlerhaften Moduls: D3DCOMPILER_43.dll, Version: 9.29.952.3111, Zeitstempel: 0x4bf73239
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e5516
ID des fehlerhaften Prozesses: 0x3270
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3
Error: (10/14/2014 04:06:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.30.127.372, Zeitstempel: 0x54255879
Name des fehlerhaften Moduls: D3DCOMPILER_43.dll, Version: 9.29.952.3111, Zeitstempel: 0x4bf73239
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e5516
ID des fehlerhaften Prozesses: 0x2d58
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3
Error: (10/13/2014 01:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.30.127.372, Zeitstempel: 0x54255879
Name des fehlerhaften Moduls: D3DCOMPILER_43.dll, Version: 9.29.952.3111, Zeitstempel: 0x4bf73239
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e5516
ID des fehlerhaften Prozesses: 0x37bc
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3
Error: (10/13/2014 06:43:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3launcher.exe, Version: 1.0.126.671, Zeitstempel: 0x53e97a10
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.17206, Zeitstempel: 0x50e6605e
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x2554
Startzeit der fehlerhaften Anwendung: 0xarma3launcher.exe0
Pfad der fehlerhaften Anwendung: arma3launcher.exe1
Pfad des fehlerhaften Moduls: arma3launcher.exe2
Berichtskennung: arma3launcher.exe3
System errors:
=============
Error: (10/15/2014 06:27:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/15/2014 06:26:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/15/2014 06:26:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VUAgent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/15/2014 06:26:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "postgresql-x64-9.0 - PostgreSQL Server 9.0" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/15/2014 06:26:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/15/2014 02:40:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (10/15/2014 02:02:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "regi" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/15/2014 02:02:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (10/15/2014 02:02:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (10/15/2014 02:01:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Microsoft Office Sessions:
=========================
Error: (10/15/2014 00:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
The catalog is corrupt
Error: (10/15/2014 00:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
2350
Error: (10/15/2014 07:47:19 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (10/14/2014 11:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.32.127.722543b93ebD3DCOMPILER_43.dll9.29.952.31114bf73239c0000005001e5516103c01cfe7ee251e6affC:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exeC:\Windows\system32\D3DCOMPILER_43.dlldd927ede-53ea-11e4-bd34-90004efe23a2
Error: (10/14/2014 07:02:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.32.127.722543b93ebD3DCOMPILER_43.dll9.29.952.31114bf73239c0000005001e5516bc001cfe7c45cd066a5C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exeC:\Windows\system32\D3DCOMPILER_43.dlld286c545-53c3-11e4-bd34-90004efe23a2
Error: (10/14/2014 08:14:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.0.5254537c8433mozalloc.dll32.0.0.5254537c83058000000300000000000013632bcc01cfe774398a1c30C:\Program Files\Nightly\plugin-container.exeC:\Program Files\Nightly\mozalloc.dll5a1df70c-5369-11e4-86d7-90004efe23a2
Error: (10/14/2014 05:45:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.30.127.37254255879D3DCOMPILER_43.dll9.29.952.31114bf73239c0000005001e5516327001cfe7538260691aC:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exeC:\Windows\system32\D3DCOMPILER_43.dll95b767b0-5354-11e4-86d7-90004efe23a2
Error: (10/14/2014 04:06:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.30.127.37254255879D3DCOMPILER_43.dll9.29.952.31114bf73239c0000005001e55162d5801cfe744b40c5b44C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exeC:\Windows\system32\D3DCOMPILER_43.dllb583b765-5346-11e4-86d7-90004efe23a2
Error: (10/13/2014 01:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.30.127.37254255879D3DCOMPILER_43.dll9.29.952.31114bf73239c0000005001e551637bc01cfe6d7c80bcc50C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exeC:\Windows\system32\D3DCOMPILER_43.dll6e6109da-52d0-11e4-86d7-90004efe23a2
Error: (10/13/2014 06:43:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3launcher.exe1.0.126.67153e97a10KERNELBASE.dll6.1.7600.1720650e6605ee04343520000c41f255401cfe66c9d7d3e24C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exeC:\Windows\syswow64\KERNELBASE.dll799194b5-5293-11e4-86d7-90004efe23a2
CodeIntegrity Errors:
===================================
Date: 2014-10-15 14:02:54.047
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 14:02:54.000
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 14:02:53.501
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 14:02:53.454
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 12:31:06.604
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 12:31:06.557
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 12:31:06.495
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 12:31:06.448
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 12:05:22.235
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-15 12:05:22.188
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU M 640 @ 2.80GHz
Percentage of memory in use: 46%
Total physical RAM: 8046.1 MB
Available physical RAM: 4302.99 MB
Total Pagefile: 16090.33 MB
Available Pagefile: 12236.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:454 GB) (Free:43.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 31AE28FF)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 01
Ran by christian (administrator) on WILDCARD on 15-10-2014 18:47:04
Running from C:\Users\christian\Downloads
Loaded Profile: christian (Available profiles: christian & postgres)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Chip Digital GmbH) C:\Users\christian\AppData\Local\Temp\DMR\dmr_72.exe
(Trend Micro Inc.) C:\Users\christian\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-1664109576-739197433-2756214009-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1664109576-739197433-2756214009-1000\...\MountPoints2: {3fea8c9c-2e53-11e1-98ac-90004efe23a2} - F:\setup.exe
HKU\S-1-5-21-1664109576-739197433-2756214009-1000\...\MountPoints2: {e6c2ae6d-2f67-11e1-b2b2-90004efe23a2} - E:\setup.exe -a
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {3C2CEB3F-53E8-4373-B3AC-3EA61F429CD9} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {A4F8B5C2-C5A0-472D-8CA9-5DADC8CB1225} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {EDFC3053-377D-4085-B916-35FF505D3B9F} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\clee7zvc.default-1389100533455
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\clee7zvc.default-1389100533455\user.js
FF Extension: YouTube Unblocker - C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\clee7zvc.default-1389100533455\Extensions\youtubeunblocker@unblocker.yt [2014-05-10]
FF Extension: AntiGameOrigin - C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\clee7zvc.default-1389100533455\Extensions\antigameorigin@antigame.de.xpi [2014-09-12]
FF Extension: ProxTube - C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\clee7zvc.default-1389100533455\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Adblock Plus - C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\clee7zvc.default-1389100533455\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-08]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-10-15]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-10-15]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-10-15]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-12-13]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-06-30]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-30]
CHR Extension: (Virtual Keyboard) - C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-12-13]
CHR Extension: (Google Wallet) - C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-13]
CHR Extension: (Anti-Banner) - C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-12-13]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-13] () [File not signed]
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
S4 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2010-02-24] (Sonic Solutions)
S4 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2010-02-24] (Sonic Solutions)
S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S4 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
S2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 6077757b; C:\Windows\system32\drivers\regi.sys [14112 2007-04-17] (InterVideo)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-11-29] () [File not signed]
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-24] (DT Soft Ltd)
S3 FENU01; C:\Windows\System32\DRIVERS\FENU01.sys [75264 2009-08-28] (Sony Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-08-18] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [820232 2014-08-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [74424 2014-08-13] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-11-29] () [File not signed]
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-15 18:47 - 2014-10-15 18:47 - 00018136 _____ () C:\Users\christian\Downloads\FRST.txt
2014-10-15 18:46 - 2014-10-15 18:47 - 00000000 ____D () C:\FRST
2014-10-15 18:43 - 2014-10-15 18:46 - 02110976 _____ (Farbar) C:\Users\christian\Downloads\FRST64.exe
2014-10-15 18:43 - 2014-10-15 18:43 - 00000480 _____ () C:\Users\christian\Downloads\defogger_disable.log
2014-10-15 18:43 - 2014-10-15 18:43 - 00000000 _____ () C:\Users\christian\defogger_reenable
2014-10-15 18:41 - 2014-10-15 18:41 - 00050477 _____ () C:\Users\christian\Downloads\Defogger.exe
2014-10-15 18:40 - 2014-10-15 18:40 - 00380416 _____ () C:\Users\christian\Downloads\8bu5prp6.exe
2014-10-15 18:32 - 2014-10-15 18:32 - 01125200 _____ () C:\Users\christian\Downloads\HijackThis - CHIP-Installer.exe
2014-10-15 18:07 - 2014-10-15 18:07 - 00000000 _____ () C:\Users\christian\tracert
2014-10-15 13:04 - 2014-10-15 13:04 - 00002330 _____ () C:\Users\christian\Desktop\Sicherer Zahlungsverkehr.lnk
2014-10-15 13:03 - 2014-10-15 13:03 - 00002140 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-10-15 13:03 - 2014-10-15 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-10-15 13:02 - 2014-10-15 13:02 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-10-15 13:02 - 2014-10-15 13:02 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-10-15 13:02 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-10-15 13:01 - 2014-08-20 18:04 - 00820232 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-10-15 13:01 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-10-15 13:01 - 2014-08-12 18:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-10-15 12:34 - 2014-10-15 12:59 - 204164680 _____ () C:\Users\christian\Downloads\kis15.0.1.415de-de.exe
2014-10-15 12:30 - 2014-10-15 14:02 - 00000224 _____ () C:\Windows\setupact.log
2014-10-15 12:30 - 2014-10-15 12:30 - 00000558 _____ () C:\Windows\PFRO.log
2014-10-15 12:30 - 2014-10-15 12:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-15 12:24 - 2014-10-15 12:24 - 00035614 _____ () C:\Users\christian\Desktop\cc_20141015_122359.reg
2014-10-15 12:24 - 2014-10-15 12:24 - 00001012 _____ () C:\Users\christian\Desktop\cc_20141015_122413.reg
2014-10-15 12:20 - 2014-10-15 12:20 - 00425672 _____ () C:\Users\christian\Desktop\cc_20141015_122033.reg
2014-10-15 12:14 - 2014-10-15 12:14 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-15 12:14 - 2014-10-15 12:14 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-15 12:14 - 2014-10-15 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-15 12:14 - 2014-10-15 12:14 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-15 12:13 - 2014-10-15 12:13 - 04964600 _____ (Piriform Ltd) C:\Users\christian\Downloads\ccsetup418pro.exe
2014-10-15 12:02 - 2014-10-15 12:02 - 00000000 ____D () C:\Users\christian\Desktop\Kaspersky 2015 (AV+IS+PURE) + Trial Reset [danhuk]
2014-10-15 03:24 - 2014-10-15 03:47 - 204166464 _____ () C:\Users\christian\Downloads\kis15.0.1.415de_6844.exe
2014-10-15 02:46 - 2014-10-15 02:46 - 00000000 ____D () C:\OETemp
2014-10-14 21:50 - 2014-10-14 21:50 - 00000000 _____ () C:\Users\christian\Desktop\Neues Textdokument.txt
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 ____D () C:\ProgramData\ATI
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 ____D () C:\ProgramData\AMD
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-10-11 18:27 - 2014-10-11 18:27 - 00056720 _____ () C:\Windows\SysWOW64\CCCInstall_201410111827445478.log
2014-10-11 18:27 - 2014-10-11 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-10-11 18:26 - 2014-10-11 18:26 - 00017108 _____ () C:\Windows\SysWOW64\CCCInstall_201410111826215010.log
2014-10-11 18:26 - 2014-10-11 18:26 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-10-11 18:25 - 2014-10-11 18:25 - 00000000 ____D () C:\Program Files\AMD
2014-10-11 18:24 - 2014-10-11 18:24 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-10-11 18:22 - 2014-10-11 18:22 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\AMD
2014-10-11 18:14 - 2014-10-11 18:15 - 41177600 _____ () C:\Users\christian\Downloads\PhysX-9.13.1220-SystemSoftware.msi
2014-10-11 18:10 - 2014-10-11 18:10 - 00891224 _____ (AMD) C:\Users\christian\Downloads\amddriverdownloader.exe
2014-10-11 18:06 - 2014-10-11 18:07 - 00000000 ____D () C:\Users\christian\Downloads\Lucy-Cat_-_SKANDALCREAMPIE_im_PassfotoAutomat!_Gefahrlich_geil_im_Einkauscenter!
2014-10-11 17:58 - 2014-10-11 18:01 - 286582040 _____ (AMD Inc.) C:\Users\christian\Downloads\amd-catalyst-14-9-win7-win8.1-64bit-dd-ccc-whql.exe
2014-10-11 17:50 - 2014-10-11 17:50 - 00410906 _____ () C:\Users\christian\Downloads\Unpark-CPU-App.rar
2014-10-09 23:06 - 2014-10-09 23:06 - 00077824 _____ () C:\Users\christian\Downloads\LPManager.exe
2014-10-09 23:05 - 2014-10-09 23:05 - 00058368 _____ (Intel Corporation) C:\Users\christian\Downloads\tbbmalloc.dll
2014-10-07 06:22 - 2014-10-07 06:22 - 01790612 _____ () C:\Users\christian\stadler.wav
2014-10-07 06:10 - 2014-10-07 06:10 - 04059316 _____ () C:\Users\christian\ts3_recording_14_10_07_6_10_0.wav
2014-10-06 09:17 - 2014-10-06 09:17 - 00000000 ____D () C:\Users\christian\AppData\Local\mslugx
2014-09-25 04:42 - 2014-10-13 06:43 - 00000000 ____D () C:\Users\christian\AppData\Local\Arma 3 Launcher
2014-09-25 04:42 - 2014-09-25 04:42 - 00000000 ____D () C:\Users\christian\AppData\Local\Bohemia_Interactive
2014-09-25 04:19 - 2014-10-15 03:10 - 00000000 ____D () C:\Users\christian\AppData\Local\Arma 3
2014-09-25 04:19 - 2014-09-25 04:20 - 00000000 ____D () C:\Users\christian\Documents\Arma 3
2014-09-25 04:19 - 2014-09-25 04:19 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-09-25 00:11 - 2014-09-25 00:11 - 01749852 _____ () C:\Users\christian\ts3_recording_14_09_25_0_11_43.wav
2014-09-24 20:16 - 2014-09-24 20:29 - 242800203 _____ () C:\Users\christian\Downloads\Young-Devotion---Perverser-Baustellenfick-.wmv
2014-09-24 05:45 - 2014-09-24 05:45 - 00178895 _____ (Igor Pavlov) C:\Users\christian\Downloads\Scarcity0.14.exe
2014-09-24 05:45 - 2014-09-24 05:45 - 00178895 _____ (Igor Pavlov) C:\Users\christian\Downloads\Scarcity0.14(1).exe
2014-09-18 16:55 - 2014-09-18 16:55 - 00000000 ____D () C:\Users\christian\AppData\Roaming\Knights Saves
2014-09-18 01:41 - 2014-10-15 02:55 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-17 20:50 - 2014-09-17 20:50 - 04763176 _____ (Avira Operations GmbH & Co. KG) C:\Users\christian\Downloads\avira_en_av___ws.exe
2014-09-17 01:25 - 2014-09-19 00:41 - 00000000 ____D () C:\Users\christian\AppData\Local\dxhr
2014-09-17 01:24 - 2014-09-17 01:24 - 00000000 ____D () C:\Users\christian\AppData\Local\238010
2014-09-17 00:42 - 2014-09-17 00:44 - 104376661 _____ () C:\Users\christian\Desktop\inferno clutch.wmv
2014-09-17 00:22 - 2014-09-17 00:23 - 00000000 ____D () C:\Users\christian\AppData\Local\{A13DCBBE-ECC1-45FA-B584-A3CB62FA59BE}
2014-09-16 00:32 - 2014-09-16 00:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-09-16 00:32 - 2014-09-16 00:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-09-16 00:32 - 2014-09-16 00:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-09-16 00:32 - 2014-09-16 00:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-09-16 00:31 - 2014-09-16 00:31 - 09254184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-09-16 00:31 - 2014-09-16 00:31 - 08296296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-09-16 00:31 - 2014-09-16 00:31 - 08044976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-09-16 00:31 - 2014-09-16 00:31 - 01113576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-09-16 00:31 - 2014-09-16 00:31 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-09-16 00:31 - 2014-09-16 00:31 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-09-16 00:29 - 2014-09-16 00:29 - 00293088 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-09-16 00:26 - 2014-09-16 00:26 - 16750080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-09-16 00:18 - 2014-09-16 00:18 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2014-09-16 00:18 - 2014-09-16 00:18 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2014-09-16 00:18 - 2014-09-16 00:18 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2014-09-16 00:18 - 2014-09-16 00:18 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2014-09-16 00:18 - 2014-09-16 00:18 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2014-09-16 00:18 - 2014-09-16 00:18 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-09-16 00:17 - 2014-09-16 00:17 - 33867264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-09-16 00:17 - 2014-09-16 00:17 - 28770304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-09-16 00:17 - 2014-09-16 00:17 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-09-16 00:17 - 2014-09-16 00:17 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-09-16 00:17 - 2014-09-16 00:17 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-09-16 00:16 - 2014-09-16 00:16 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-16 00:16 - 2014-09-16 00:16 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-09-16 00:13 - 2014-09-16 00:13 - 27918336 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-09-16 00:09 - 2014-09-16 00:09 - 05639168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-09-16 00:09 - 2014-09-16 00:09 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-09-16 00:09 - 2014-09-16 00:09 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-09-16 00:09 - 2014-09-16 00:09 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-09-16 00:09 - 2014-09-16 00:09 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-09-16 00:08 - 2014-09-16 00:08 - 23375360 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-09-16 00:07 - 2014-09-16 00:07 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-09-16 00:07 - 2014-09-16 00:07 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-09-16 00:07 - 2014-09-16 00:07 - 00609272 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-09-16 00:07 - 2014-09-16 00:07 - 00609272 _____ () C:\Windows\system32\atiapfxx.blb
2014-09-16 00:07 - 2014-09-16 00:07 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-09-16 00:07 - 2014-09-16 00:07 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-09-16 00:07 - 2014-09-16 00:07 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-09-16 00:07 - 2014-09-16 00:07 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-09-16 00:07 - 2014-09-16 00:07 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-09-16 00:06 - 2014-09-16 00:06 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-09-16 00:06 - 2014-09-16 00:06 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-09-16 00:06 - 2014-09-16 00:06 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-09-16 00:06 - 2014-09-16 00:06 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-09-16 00:06 - 2014-09-16 00:06 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-09-16 00:05 - 2014-09-16 00:05 - 04480000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-09-16 00:03 - 2014-09-16 00:03 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-09-16 00:03 - 2014-09-16 00:03 - 00619008 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-09-16 00:03 - 2014-09-16 00:03 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-09-16 00:03 - 2014-09-16 00:03 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-09-16 00:03 - 2014-09-16 00:03 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-09-16 00:03 - 2014-09-16 00:03 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-09-16 00:03 - 2014-09-16 00:03 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-09-16 00:03 - 2014-09-16 00:03 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 01210880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 00900608 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 00827392 _____ (AMD) C:\Windows\system32\coinst_14.30.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 00576000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-09-15 23:59 - 2014-09-15 23:59 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-09-15 23:59 - 2014-09-15 23:59 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-09-15 23:58 - 2014-09-15 23:58 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-09-15 23:24 - 2014-09-15 23:25 - 08273088 _____ () C:\Users\christian\ts3_recording_14_09_15_23_24_17.wav
2014-09-15 18:21 - 2014-09-15 18:21 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-09-15 18:19 - 2014-09-15 18:19 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-15 18:46 - 2012-01-04 13:59 - 00000000 ____D () C:\Users\christian\AppData\Roaming\TS3Client
2014-10-15 18:43 - 2011-12-09 20:35 - 00000000 ____D () C:\Users\christian
2014-10-15 18:36 - 2011-10-31 15:12 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 18:27 - 2011-10-31 15:03 - 01557159 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 18:21 - 2014-06-05 21:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-15 18:02 - 2012-09-05 16:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-15 16:00 - 2012-11-18 19:58 - 00000000 ____D () C:\Users\christian\AppData\Roaming\uTorrent
2014-10-15 14:10 - 2009-07-14 06:45 - 00020032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-15 14:10 - 2009-07-14 06:45 - 00020032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-15 14:03 - 2011-10-31 15:12 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-15 14:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-15 14:01 - 2014-07-14 08:36 - 00012623 _____ () C:\Users\christian\Desktop\Neues Textdokument (2).txt
2014-10-15 13:16 - 2014-05-15 10:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 12:19 - 2014-03-24 16:32 - 00000000 ____D () C:\Users\christian\AppData\Roaming\TeamViewer
2014-10-15 12:19 - 2011-12-24 23:04 - 00000000 ____D () C:\Users\christian\AppData\Roaming\DAEMON Tools Lite
2014-10-15 12:17 - 2014-05-07 11:59 - 00000000 ____D () C:\Users\christian\AppData\Local\LogMeIn Hamachi
2014-10-15 12:17 - 2012-01-02 13:35 - 00000000 ____D () C:\Users\christian\Tracing
2014-10-15 12:16 - 2012-04-08 11:44 - 00000000 ____D () C:\Windows\Minidump
2014-10-15 12:16 - 2010-10-12 19:28 - 00000000 ____D () C:\Windows\Panther
2014-10-15 11:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-15 03:08 - 2014-04-22 00:04 - 00007593 _____ () C:\Users\christian\AppData\Local\Resmon.ResmonCfg
2014-10-15 02:49 - 2014-07-16 01:18 - 00000000 ____D () C:\Program Files\EslWire
2014-10-15 02:47 - 2011-12-24 23:11 - 00000000 ____D () C:\Games
2014-10-15 02:46 - 2014-06-21 20:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-15 02:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-15 02:32 - 2011-12-29 18:07 - 00000000 ____D () C:\Users\christian\AppData\Roaming\vlc
2014-10-11 18:59 - 2014-01-29 20:23 - 00000000 ____D () C:\Users\postgres
2014-10-11 18:06 - 2014-06-22 03:56 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-11 18:06 - 2011-10-31 14:57 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-10-11 18:06 - 2011-10-31 14:57 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-10-11 18:05 - 2009-07-14 07:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 17:51 - 2014-04-30 07:22 - 00000000 ____D () C:\Users\christian\Downloads\ct
2014-10-08 07:24 - 2014-06-30 10:16 - 00000000 ____D () C:\Users\christian\AppData\Roaming\IMVU
2014-09-25 03:11 - 2013-10-08 15:04 - 00000000 ____D () C:\Users\christian\AppData\Local\PokerStars.EU
2014-09-24 10:12 - 2013-10-08 15:03 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-24 05:47 - 2014-04-30 07:22 - 00000000 ____D () C:\Users\christian\Downloads\T
2014-09-17 20:51 - 2014-09-08 10:47 - 00000000 ____D () C:\ProgramData\Origin
2014-09-17 20:08 - 2012-01-04 13:59 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-09-17 00:42 - 2012-01-02 01:06 - 00000000 ____D () C:\Fraps
2014-09-16 00:31 - 2010-10-12 19:30 - 10826488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-09-16 00:31 - 2010-10-08 08:55 - 07207592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-09-16 00:31 - 2010-10-08 08:55 - 07028336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-09-16 00:31 - 2010-10-08 08:55 - 01335544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-09-16 00:31 - 2010-10-08 08:55 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-09-16 00:31 - 2010-10-08 08:55 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-09-15 09:06 - 2011-12-28 14:46 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 01:08
==================== End Of Log ============================
--- --- --- Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-15 19:17:11
Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O 465,76GB
Running: 8bu5prp6.exe; Driver: C:\Users\CHRIST~1\AppData\Local\Temp\pwdyqpob.sys
---- User code sections - GMER 2.1 ----
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlSecondsSince1970ToTime + 373 00000000778e1185 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 5 00000000778e1195 8 bytes {JMP 0xd}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 395 00000000778e131b 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 00000000778e13cf 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 00000000778e187e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 727 00000000778e1ad7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 204 00000000778e1bac 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 00000000778e1d35 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 721 00000000778e1e91 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 00000000778e1ebf 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!_ui64toa + 76 00000000778e1f3c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 81 00000000778e1f95 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelf + 7 00000000778e1fa7 8 bytes {JMP 0xb}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 572 00000000778e21ec 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 693 00000000778e2265 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 49 00000000778e24c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 563 00000000778e26c3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 318 00000000778e280e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 00000000778e2863 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 00000000778e2970 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 239 00000000778e2a6f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 00000000778e2af7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 371 00000000778e2bf3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000778e2c10 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000778e2c32 8 bytes {JMP 0x10}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 00000000778e2c8f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 176 00000000778e2cf0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 328 00000000778e3018 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 823 00000000778e3207 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 00000000778e36f0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 00000000778e37a1 8 bytes [10, 6A, F8, 7E, 00, 00, 00, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000778e3815 8 bytes [00, 6A, F8, 7E, 00, 00, 00, ...]
.text ... * 3
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000778e3956 8 bytes [D0, 69, F8, 7E, 00, 00, 00, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 00000000778e3994 8 bytes [C0, 69, F8, 7E, 00, 00, 00, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 653 00000000778e3c2d 16 bytes [B0, 69, F8, 7E, 00, 00, 00, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 000000007792f780 8 bytes {JMP QWORD [RIP-0x4bf0e]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 000000007792f900 8 bytes {JMP QWORD [RIP-0x4bfb0]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000000007792f930 8 bytes {JMP QWORD [RIP-0x4c195]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000000007792fa50 8 bytes {JMP QWORD [RIP-0x4c203]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 000000007792fb00 8 bytes {JMP QWORD [RIP-0x4c2f1]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077930130 8 bytes {JMP QWORD [RIP-0x4c501]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077930380 8 bytes {JMP QWORD [RIP-0x4c759]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077930be0 8 bytes {JMP QWORD [RIP-0x4d252]}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000074e313cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000074e3146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000074e316d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessTerm + 3 0000000074e316e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000074e319db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000074e319fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetInstructionPointer + 23 0000000074e31a1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuNotifyAffinityChange + 3 0000000074e31a27 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000074e31a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\christian\Downloads\8bu5prp6.exe[3004] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessDebugEvent + 3 0000000074e31a6f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27b11
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004efe23a2
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004efe23a2@7c1e526ed5e0 0x07 0xBE 0x44 0x6B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004efe23a2@84518137b55c 0x5F 0xF1 0x15 0xCC ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27b11 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004efe23a2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004efe23a2@7c1e526ed5e0 0x07 0xBE 0x44 0x6B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004efe23a2@84518137b55c 0x5F 0xF1 0x15 0xCC ...
---- EOF - GMER 2.1 ----
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:43 on 15/10/2014 (christian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
|
|
16.10.2014, 13:02
| #4 |
| /// the machine /// TB-Ausbilder | Langsames Internet, docs.google.com untrusted bei Firefox hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Langsames Internet, docs.google.com untrusted bei Firefox |
| erkenn, erkennt, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 0xe0434352, fehlercode 24, fehlercode windows, firefox, gmer, inter, interne, internet, internet sehr langsam, langsam, langsames, langsames internet, sehr langsam, trusted |
Linear-Darstellung
