| bitSteller | 27.04.2014 10:27 |
FRST-Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 03
Ran by bitSteller at 2014-04-27 10:49:54
Running from C:\Users\bitSteller\Desktop\Musik\FatPucker
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
==================== Restore Points =========================
24-04-2014 17:51:58 Windows Update
24-04-2014 18:13:01 DirectX wurde installiert
25-04-2014 00:39:20 Windows Update
25-04-2014 20:10:21 Removed Skype™ 6.14
25-04-2014 20:15:24 Entfernt HP Quick Launch Buttons
26-04-2014 01:55:21 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0C050EE6-48F8-4F91-8296-F8605D4B42C3} - System32\Tasks\{76D77925-1A7D-4FAF-BACE-1CF6C02C41C8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?source=lightinstaller&page=tsBing
Task: {1198F3AC-EB8D-498A-9F07-A394EC228ED2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {8CFCBD11-B406-4458-B828-5BC4FB6F62C4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C990D02B-281B-46FE-ABA9-D38E1A9DC8FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-24 20:09 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 19:38 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-23 20:39 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-23 20:39 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/26/2014 09:03:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2014 02:19:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (04/25/2014 08:54:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:47:59 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:44:46 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72a671fc
ID des fehlerhaften Prozesses: 0x698
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (04/25/2014 08:44:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72a671fc
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (04/25/2014 08:40:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 00:11:27 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (04/25/2014 00:10:42 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (04/25/2014 00:10:32 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
System errors:
=============
Error: (04/27/2014 10:03:28 AM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (04/26/2014 00:58:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (04/26/2014 08:52:05 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (04/25/2014 10:33:40 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (04/25/2014 08:59:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
Error: (04/25/2014 08:55:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (04/25/2014 08:54:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth-Unterstützungsdienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/25/2014 08:54:56 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth-Unterstützungsdienst erreicht.
Error: (04/25/2014 08:47:00 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 25.04.2014 um 08:45:23 unerwartet heruntergefahren.
Error: (04/25/2014 08:45:01 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (04/26/2014 09:03:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2014 02:19:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (04/25/2014 08:54:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:47:59 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:44:46 AM) (Source: Application Error)(User: )
Description: mbamservice.exe2.1.9.0530619b7unknown0.0.0.000000000c000000572a671fc69801cf60510238de84C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeunknown16b99a1f-cc45-11e3-bcb3-001a6bb0c718
Error: (04/25/2014 08:44:43 AM) (Source: Application Error)(User: )
Description: mbamscheduler.exe2.0.23.052f2947eunknown0.0.0.000000000c000000572a671fc65001cf60510167656cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeunknown150d226e-cc45-11e3-bcb3-001a6bb0c718
Error: (04/25/2014 08:40:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 00:11:27 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (04/25/2014 00:10:42 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (04/25/2014 00:10:32 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 2046.43 MB
Available physical RAM: 793.52 MB
Total Pagefile: 4092.86 MB
Available Pagefile: 2306.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.57 GB) (Free:104.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:7.48 GB) (Free:2.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 7AB6FC23)
Partition 1: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
ADW-Cleaner Code:
# AdwCleaner v3.204 - Bericht erstellt am 27/04/2014 um 10:37:06
# Aktualisiert 26/04/2014 von Xplode
# Betriebssystem : Windows 7 Professional N Service Pack 1 (64 bits)
# Benutzername : bitSteller - BITSTELLER-PC
# Gestartet von : C:\Users\bitSteller\Desktop\Musik\FatPucker\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16866
-\\ Google Chrome v34.0.1847.116
[ Datei : C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Startup_urls] : hxxp://istart.webssearches.com/?type=hp&ts=1397324781&from=tugs&uid=WDCXWD1600BEVS-60RST0_WD-WXE507F4361643616
Gefunden [Extension] : deghekbbihbapplmbffglehkdhkeibbm
Gefunden [Extension] : majjphhgppkndjjkmhhnbgafooenebhd
*************************
AdwCleaner[R0].txt - [948 octets] - [27/04/2014 10:37:06]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1007 octets] ##########
Malwarebytes:
Log1 Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 03
Ran by bitSteller at 2014-04-27 10:49:54
Running from C:\Users\bitSteller\Desktop\Musik\FatPucker
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
==================== Restore Points =========================
24-04-2014 17:51:58 Windows Update
24-04-2014 18:13:01 DirectX wurde installiert
25-04-2014 00:39:20 Windows Update
25-04-2014 20:10:21 Removed Skype™ 6.14
25-04-2014 20:15:24 Entfernt HP Quick Launch Buttons
26-04-2014 01:55:21 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0C050EE6-48F8-4F91-8296-F8605D4B42C3} - System32\Tasks\{76D77925-1A7D-4FAF-BACE-1CF6C02C41C8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?source=lightinstaller&page=tsBing
Task: {1198F3AC-EB8D-498A-9F07-A394EC228ED2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {8CFCBD11-B406-4458-B828-5BC4FB6F62C4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C990D02B-281B-46FE-ABA9-D38E1A9DC8FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-24 20:09 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 19:38 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-23 20:39 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-23 20:39 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/26/2014 09:03:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2014 02:19:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (04/25/2014 08:54:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:47:59 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:44:46 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72a671fc
ID des fehlerhaften Prozesses: 0x698
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (04/25/2014 08:44:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72a671fc
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (04/25/2014 08:40:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 00:11:27 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (04/25/2014 00:10:42 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (04/25/2014 00:10:32 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
System errors:
=============
Error: (04/27/2014 10:03:28 AM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (04/26/2014 00:58:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (04/26/2014 08:52:05 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (04/25/2014 10:33:40 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (04/25/2014 08:59:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
Error: (04/25/2014 08:55:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (04/25/2014 08:54:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth-Unterstützungsdienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/25/2014 08:54:56 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth-Unterstützungsdienst erreicht.
Error: (04/25/2014 08:47:00 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 25.04.2014 um 08:45:23 unerwartet heruntergefahren.
Error: (04/25/2014 08:45:01 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (04/26/2014 09:03:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2014 02:19:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (04/25/2014 08:54:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:47:59 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:44:46 AM) (Source: Application Error)(User: )
Description: mbamservice.exe2.1.9.0530619b7unknown0.0.0.000000000c000000572a671fc69801cf60510238de84C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeunknown16b99a1f-cc45-11e3-bcb3-001a6bb0c718
Error: (04/25/2014 08:44:43 AM) (Source: Application Error)(User: )
Description: mbamscheduler.exe2.0.23.052f2947eunknown0.0.0.000000000c000000572a671fc65001cf60510167656cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeunknown150d226e-cc45-11e3-bcb3-001a6bb0c718
Error: (04/25/2014 08:40:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 00:11:27 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (04/25/2014 00:10:42 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (04/25/2014 00:10:32 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 2046.43 MB
Available physical RAM: 793.52 MB
Total Pagefile: 4092.86 MB
Available Pagefile: 2306.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.57 GB) (Free:104.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:7.48 GB) (Free:2.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 7AB6FC23)
Partition 1: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Malwarebytes
Log2 Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 03
Ran by bitSteller at 2014-04-27 10:49:54
Running from C:\Users\bitSteller\Desktop\Musik\FatPucker
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
==================== Restore Points =========================
24-04-2014 17:51:58 Windows Update
24-04-2014 18:13:01 DirectX wurde installiert
25-04-2014 00:39:20 Windows Update
25-04-2014 20:10:21 Removed Skype™ 6.14
25-04-2014 20:15:24 Entfernt HP Quick Launch Buttons
26-04-2014 01:55:21 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0C050EE6-48F8-4F91-8296-F8605D4B42C3} - System32\Tasks\{76D77925-1A7D-4FAF-BACE-1CF6C02C41C8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?source=lightinstaller&page=tsBing
Task: {1198F3AC-EB8D-498A-9F07-A394EC228ED2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {8CFCBD11-B406-4458-B828-5BC4FB6F62C4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C990D02B-281B-46FE-ABA9-D38E1A9DC8FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-24 20:09 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 19:38 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-23 20:39 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-23 20:39 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-23 20:39 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/26/2014 09:03:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2014 02:19:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (04/25/2014 08:54:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:47:59 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:44:46 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72a671fc
ID des fehlerhaften Prozesses: 0x698
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (04/25/2014 08:44:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72a671fc
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (04/25/2014 08:40:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 00:11:27 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (04/25/2014 00:10:42 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (04/25/2014 00:10:32 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
System errors:
=============
Error: (04/27/2014 10:03:28 AM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (04/26/2014 00:58:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (04/26/2014 08:52:05 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (04/25/2014 10:33:40 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (04/25/2014 08:59:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
Error: (04/25/2014 08:55:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (04/25/2014 08:54:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth-Unterstützungsdienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/25/2014 08:54:56 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth-Unterstützungsdienst erreicht.
Error: (04/25/2014 08:47:00 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 25.04.2014 um 08:45:23 unerwartet heruntergefahren.
Error: (04/25/2014 08:45:01 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (04/26/2014 09:03:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2014 02:19:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (04/25/2014 08:54:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:47:59 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 08:44:46 AM) (Source: Application Error)(User: )
Description: mbamservice.exe2.1.9.0530619b7unknown0.0.0.000000000c000000572a671fc69801cf60510238de84C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeunknown16b99a1f-cc45-11e3-bcb3-001a6bb0c718
Error: (04/25/2014 08:44:43 AM) (Source: Application Error)(User: )
Description: mbamscheduler.exe2.0.23.052f2947eunknown0.0.0.000000000c000000572a671fc65001cf60510167656cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeunknown150d226e-cc45-11e3-bcb3-001a6bb0c718
Error: (04/25/2014 08:40:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2014 00:11:27 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (04/25/2014 00:10:42 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (04/25/2014 00:10:32 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 2046.43 MB
Available physical RAM: 793.52 MB
Total Pagefile: 4092.86 MB
Available Pagefile: 2306.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.57 GB) (Free:104.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:7.48 GB) (Free:2.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 7AB6FC23)
Partition 1: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Malwarebytes
Log3 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 26.04.2014 00:08:19, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.10, 2014.4.25.11,
Protection, 26.04.2014 00:08:25, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 26.04.2014 00:08:25, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 26.04.2014 00:08:29, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 26.04.2014 00:09:12, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 26.04.2014 00:09:12, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 26.04.2014 00:09:14, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 26.04.2014 08:52:42, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.11, 2014.4.26.1,
Protection, 26.04.2014 08:53:36, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 26.04.2014 08:53:37, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 26.04.2014 08:53:38, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 26.04.2014 08:53:43, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 26.04.2014 08:53:43, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 26.04.2014 08:53:47, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Protection, 26.04.2014 09:02:27, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Starting,
Protection, 26.04.2014 09:02:27, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Started,
Protection, 26.04.2014 09:02:27, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 26.04.2014 09:03:31, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 26.04.2014 15:45:37, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.26.1, 2014.4.26.2,
Protection, 26.04.2014 15:45:41, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 26.04.2014 15:45:41, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 26.04.2014 15:45:43, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 26.04.2014 15:46:11, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 26.04.2014 15:46:11, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 26.04.2014 15:46:19, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 26.04.2014 17:34:13, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.26.2, 2014.4.26.3,
Protection, 26.04.2014 17:34:18, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 26.04.2014 17:34:18, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 26.04.2014 17:34:19, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 26.04.2014 17:34:52, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 26.04.2014 17:34:52, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 26.04.2014 17:35:21, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 26.04.2014 20:47:38, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.26.3, 2014.4.26.4,
Protection, 26.04.2014 20:47:43, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 26.04.2014 20:47:43, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 26.04.2014 20:47:45, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 26.04.2014 20:48:17, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 26.04.2014 20:48:17, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 26.04.2014 20:48:27, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
(end)
Malwarebytes
Log4 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 26.04.2014
Scan Time: 02:16:04
Logfile: Malwarebytes_Log4.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.25.11
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bitSteller
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 236213
Time Elapsed: 13 min, 0 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.WebsSearches.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "hxxp://www.google.com/", "hxxp://istart.webssearches.com/?type=hp&ts=1397324781&from=tugs&uid=WDCXWD1600BEVS-60RST0_WD-WXE507F4361643616" ],), Replaced,[4c43b9759dde280ea28c114a35cf47b9]
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes
Log5 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 25.04.2014 08:38:55, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Starting,
Protection, 25.04.2014 08:38:55, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Started,
Protection, 25.04.2014 08:38:55, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 08:40:36, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Protection, 25.04.2014 08:47:30, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Starting,
Protection, 25.04.2014 08:47:30, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Started,
Protection, 25.04.2014 08:47:30, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 08:48:34, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Protection, 25.04.2014 08:53:23, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Starting,
Protection, 25.04.2014 08:53:23, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Started,
Protection, 25.04.2014 08:53:24, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 08:54:26, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 25.04.2014 11:37:00, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.24.9, 2014.4.25.4,
Protection, 25.04.2014 11:37:04, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 25.04.2014 11:37:04, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 25.04.2014 11:37:05, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 25.04.2014 11:37:38, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 25.04.2014 11:37:38, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 11:37:50, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 25.04.2014 13:42:51, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.4, 2014.4.25.5,
Protection, 25.04.2014 13:42:54, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 25.04.2014 13:42:54, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 25.04.2014 13:42:56, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 25.04.2014 13:43:18, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 25.04.2014 13:43:18, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 13:43:19, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 25.04.2014 15:43:28, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.5, 2014.4.25.6,
Protection, 25.04.2014 15:43:31, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 25.04.2014 15:43:31, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 25.04.2014 15:43:34, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 25.04.2014 15:44:17, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 25.04.2014 15:44:17, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 15:44:31, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 25.04.2014 16:58:10, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.6, 2014.4.25.7,
Protection, 25.04.2014 16:58:13, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 25.04.2014 16:58:13, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 25.04.2014 16:58:16, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 25.04.2014 16:59:07, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 25.04.2014 16:59:07, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 16:59:27, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 25.04.2014 18:10:30, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.7, 2014.4.25.8,
Protection, 25.04.2014 18:10:33, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 25.04.2014 18:10:33, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 25.04.2014 18:10:35, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 25.04.2014 18:11:18, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 25.04.2014 18:11:18, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 18:11:30, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 25.04.2014 19:07:28, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.8, 2014.4.25.9,
Protection, 25.04.2014 19:07:29, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 25.04.2014 19:07:29, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 25.04.2014 19:07:29, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 25.04.2014 19:07:35, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 25.04.2014 19:07:35, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 19:07:36, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 25.04.2014 21:06:43, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.25.9, 2014.4.25.10,
Protection, 25.04.2014 21:06:45, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 25.04.2014 21:06:45, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 25.04.2014 21:06:47, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 25.04.2014 21:07:21, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 25.04.2014 21:07:21, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 21:07:29, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
(end)
Malwarebytes
Log6 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 25.04.2014
Scan Time: 08:05:04
Logfile: Malwarebytes_Log6.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.24.09
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bitSteller
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 235210
Time Elapsed: 5 hr, 48 min, 20 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.WebsSearches.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "hxxp://www.google.com/", "hxxp://istart.webssearches.com/?type=hp&ts=1397324781&from=tugs&uid=WDCXWD1600BEVS-60RST0_WD-WXE507F4361643616" ],), Replaced,[0e1b79b5f2890333d0014316956fc33d]
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes
Log7 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 24.04.2014 19:08:33, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Starting,
Protection, 24.04.2014 19:08:33, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Started,
Protection, 24.04.2014 19:08:33, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 19:08:34, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 19:08:38, SYSTEM, BITSTELLER-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 24.04.2014 19:08:44, SYSTEM, BITSTELLER-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.24.7,
Protection, 24.04.2014 19:08:45, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 19:08:45, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 19:08:45, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 19:08:49, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 24.04.2014 19:08:49, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 19:08:50, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Protection, 24.04.2014 19:17:55, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Starting,
Protection, 24.04.2014 19:17:55, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Started,
Protection, 24.04.2014 19:17:55, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 19:17:55, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Protection, 24.04.2014 20:29:04, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Starting,
Protection, 24.04.2014 20:29:04, SYSTEM, BITSTELLER-PC, Protection, Malware Protection, Started,
Protection, 24.04.2014 20:29:04, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 20:30:53, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 20:33:45, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.24.7, 2014.4.24.8,
Protection, 24.04.2014 20:33:51, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 20:33:51, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 20:33:52, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 20:34:50, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 24.04.2014 20:34:50, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 20:34:59, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 23:12:13, SYSTEM, BITSTELLER-PC, Scheduler, Malware Database, 2014.4.24.8, 2014.4.24.9,
Protection, 24.04.2014 23:12:17, SYSTEM, BITSTELLER-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 23:12:17, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 23:12:20, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 23:13:15, SYSTEM, BITSTELLER-PC, Protection, Refresh, Success,
Protection, 24.04.2014 23:13:16, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 23:13:22, SYSTEM, BITSTELLER-PC, Protection, Malicious Website Protection, Started,
(end)
Malwarebytes
Log8 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 24.04.2014
Scan Time: 19:16:04
Logfile: Malwarebytes_Log8.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.24.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bitSteller
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 232275
Time Elapsed: 7 min, 12 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 4
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\0.1_0, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd, Quarantined, [a780022c6714f83ec74f6affea1837c9],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0, Quarantined, [a780022c6714f83ec74f6affea1837c9],
Files: 15
PUP.Optional.OutBrowse, C:\$Recycle.Bin\S-1-5-21-124233822-3207666316-1947705785-1000\$RTWI9J4.exe, Quarantined, [97905fcf7902ba7cc5aa135da35e8a76],
PUP.Optional.OutBrowse, C:\Users\bitSteller\Downloads\setup.exe, Quarantined, [e344cf5fe497b97d026db3bd04fd1fe1],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\0.1_0\background.js, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\0.1_0\bookmarklet.js, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\0.1_0\icon-128.png, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\0.1_0\icon-16.png, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\0.1_0\icon-48.png, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\0.1_0\manifest.json, Quarantined, [a97e022c39429b9b7cb5e97fee1460a0],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\background.js, Quarantined, [a780022c6714f83ec74f6affea1837c9],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\icon-128.png, Quarantined, [a780022c6714f83ec74f6affea1837c9],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\icon-16.png, Quarantined, [a780022c6714f83ec74f6affea1837c9],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\icon-48.png, Quarantined, [a780022c6714f83ec74f6affea1837c9],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\manifest.json, Quarantined, [a780022c6714f83ec74f6affea1837c9],
PUP.Optional.CrossRider.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\script.js, Quarantined, [a780022c6714f83ec74f6affea1837c9],
PUP.Optional.WebsSearches.A, C:\Users\bitSteller\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "hxxp://www.google.com/", "hxxp://istart.webssearches.com/?type=hp&ts=1397324781&from=tugs&uid=WDCXWD1600BEVS-60RST0_WD-WXE507F4361643616" ],), Replaced,[20072d01aad1be78abaac990d72d15eb]
Physical Sectors: 0
(No malicious items detected)
(end)
So das wars erstmal. Ich hoffe ich habe alles richtig gemacht?
Viele Grüße
bitSteller |
