Win7 - 'PUP.Optional.Babylon.A' und 'PUP.Optional.DownloadSponsor.A' gefunden
Hallo!
Malwarebytes hat bei mir zwei infizierte Dateien gefunden. Gravierende Probleme kann ich nicht feststellen, hätte aber natürlich gerne ein sauberes System.
Hier meine Logs: Malwarebyts Anti-Malware Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.11.02.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Sebastian :: SEBASTIAN-PC [Administrator]
02.11.2013 13:23:52
MBAM-log-2013-11-02 (15-32-22).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 262071
Laufzeit: 7 Minute(n), 20 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\Users\Sebastian\AppData\Local\Temp\InstallShare10721\bab_setup.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
E:\Temp\OCS\ocs_v7f.exe (PUP.Optional.DownloadSponsor.A) -> Keine Aktion durchgeführt.
(Ende)
Defogger Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:14 on 02/11/2013 (Sebastian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Sebastian (administrator) on SEBASTIAN-PC on 02-11-2013 16:16:59
Running from C:\Users\Sebastian\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Sebastian\AppData\Local\FluxSoftware\Flux\flux.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [F.lux] - C:\Users\Sebastian\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKCU\...\Run: [Google Update] - C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-07-27] (Google Inc.)
HKCU\...\Runonce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [LGODDFU] - blrun
Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x97270A7D4675CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKCU - {8D03B865-11EE-4DDE-93D8-BD299DD7434A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
DPF: HKLM {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://news.google.de/
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "ftp", "80.193.214.234"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "80.193.214.234"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "80.193.214.234"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "80.193.214.234"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @innoplus.de/ino3DViewer - C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sebastian\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sebastian\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\donottrackplus@abine.com
FF Extension: WOT - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Evernote Web Clipper - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
FF Extension: jid1-xUfzOsOFlzSOXg - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi
FF Extension: mediahint - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\mediahint@jetpack.xpi
FF Extension: stealthyextension - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: aios - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: pref - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
FF Extension: noscript - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF Extension: fireftp - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: leechblock - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
FF Extension: No Name - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
FF Extension: Adblock Plus - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: dta - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\u9cys550.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: wtxpcom - C:\Program Files (x86)\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com
FF Extension: youtubedownloader - C:\Program Files (x86)\Mozilla Firefox\extensions\youtubedownloader@mybrowserbar.com
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-22] (Adobe Systems)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [246256 2010-05-14] (CyberLink)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] ()
==================== Drivers (Whitelisted) ====================
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-27] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [111696 2011-12-02] ()
R3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [222064 2012-03-30] (Focusrite A.E.)
R3 SaffireAudio; C:\Windows\System32\drivers\SaffireAudio.sys [40176 2012-03-30] (Focusrite A.E.)
R3 SaffireMidi; C:\Windows\System32\drivers\SaffireMidi.sys [50800 2012-03-30] (Focusrite A.E.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-02 16:16 - 2013-11-02 16:16 - 00000000 ____D C:\FRST
2013-11-02 16:15 - 2013-11-02 16:14 - 00000480 _____ C:\Users\Sebastian\Desktop\defogger_disable.log
2013-11-02 16:15 - 2013-11-02 16:12 - 00050477 _____ C:\Users\Sebastian\Desktop\Defogger.exe
2013-11-02 16:14 - 2013-11-02 16:14 - 00000000 _____ C:\Users\Sebastian\defogger_reenable
2013-11-02 16:13 - 2013-11-02 16:13 - 01957098 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST64.exe
2013-11-02 13:23 - 2013-11-02 13:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-02 13:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-31 21:53 - 2013-10-31 21:54 - 02760672 _____ C:\Users\Sebastian\Desktop\bg_music_new.zip
2013-10-30 17:34 - 2013-10-30 17:34 - 02972342 _____ C:\Users\Sebastian\Desktop\bg_music.zip
2013-10-30 17:27 - 2013-10-30 17:30 - 12880576 ____T C:\Users\Sebastian\Desktop\wordpuzzle01.wav
2013-10-30 15:40 - 2013-10-30 15:41 - 11416496 ____T C:\Users\Sebastian\Desktop\wordpuzzle03.wav
2013-10-29 18:59 - 2013-10-30 15:09 - 09172844 ____T C:\Users\Sebastian\Desktop\wordpuzzle02.wav
2013-10-25 14:49 - 2013-10-25 14:49 - 04688640 _____ C:\Users\Sebastian\Desktop\04.raw
2013-10-25 14:36 - 2013-10-25 14:36 - 14580054 _____ C:\Users\Sebastian\Desktop\P1090264.bmp
2013-10-15 20:18 - 2013-10-15 20:16 - 17424195 _____ C:\Users\Sebastian\Desktop\CAPTURE (03).mp4
2013-10-14 14:35 - 2013-10-30 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-11 14:07 - 2013-10-11 14:07 - 00000000 ____D C:\Program Files (x86)\Ffmpeg For Audacity
2013-10-11 14:04 - 2013-10-11 14:04 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 16:06 - 2013-10-31 19:06 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Audacity
2013-10-10 16:06 - 2013-10-10 16:06 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-10-10 09:52 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 09:52 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 09:52 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 09:52 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 09:52 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 09:52 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 09:52 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 09:52 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 09:52 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 09:52 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 09:52 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 09:52 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 14:27 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 14:27 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 14:27 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 14:27 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 14:27 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 14:27 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 14:27 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 14:27 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 14:27 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 14:27 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 14:27 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 14:27 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 14:27 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 14:27 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 14:27 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 14:27 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 14:27 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 14:27 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 14:27 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 14:27 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 14:27 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 14:27 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 14:27 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 14:27 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 14:27 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 14:27 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 14:27 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 14:27 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 14:27 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 14:27 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:27 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:27 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 14:27 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-09 14:27 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 14:27 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 14:27 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 14:27 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 14:27 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 14:27 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 14:27 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 14:27 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 14:27 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 14:27 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 14:27 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 14:27 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 14:27 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 14:27 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 14:27 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 14:27 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 14:27 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 14:27 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 14:27 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 14:27 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 14:27 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-03 14:17 - 2013-10-03 14:17 - 00000000 ____D C:\Program Files\VideoLAN
==================== One Month Modified Files and Folders =======
2013-11-02 16:16 - 2013-11-02 16:16 - 00000000 ____D C:\FRST
2013-11-02 16:14 - 2013-11-02 16:15 - 00000480 _____ C:\Users\Sebastian\Desktop\defogger_disable.log
2013-11-02 16:14 - 2013-11-02 16:14 - 00000000 _____ C:\Users\Sebastian\defogger_reenable
2013-11-02 16:14 - 2011-05-17 10:36 - 00000000 ____D C:\Users\Sebastian
2013-11-02 16:13 - 2013-11-02 16:13 - 01957098 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST64.exe
2013-11-02 16:12 - 2013-11-02 16:15 - 00050477 _____ C:\Users\Sebastian\Desktop\Defogger.exe
2013-11-02 16:06 - 2012-05-25 17:04 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-02 15:57 - 2011-07-27 21:54 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000UA.job
2013-11-02 15:45 - 2012-04-27 11:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-02 15:41 - 2011-12-02 15:30 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2013-11-02 15:31 - 2011-05-16 11:45 - 01828905 _____ C:\Windows\WindowsUpdate.log
2013-11-02 13:23 - 2013-11-02 13:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-02 12:22 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-02 12:22 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-02 12:19 - 2010-11-21 07:50 - 00696848 _____ C:\Windows\system32\perfh007.dat
2013-11-02 12:19 - 2010-11-21 07:50 - 00148144 _____ C:\Windows\system32\perfc007.dat
2013-11-02 12:19 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-02 12:15 - 2012-05-25 17:04 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-02 12:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-02 12:14 - 2009-07-14 05:51 - 00199875 _____ C:\Windows\setupact.log
2013-11-01 11:57 - 2011-07-27 21:54 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000Core.job
2013-10-31 21:54 - 2013-10-31 21:53 - 02760672 _____ C:\Users\Sebastian\Desktop\bg_music_new.zip
2013-10-31 19:56 - 2013-07-30 12:10 - 00000000 ____D C:\Users\UpdatusUser.Sebastian-PC
2013-10-31 19:06 - 2013-10-10 16:06 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Audacity
2013-10-31 10:32 - 2012-05-07 10:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-30 18:31 - 2013-10-14 14:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-30 17:34 - 2013-10-30 17:34 - 02972342 _____ C:\Users\Sebastian\Desktop\bg_music.zip
2013-10-30 17:30 - 2013-10-30 17:27 - 12880576 ____T C:\Users\Sebastian\Desktop\wordpuzzle01.wav
2013-10-30 15:41 - 2013-10-30 15:40 - 11416496 ____T C:\Users\Sebastian\Desktop\wordpuzzle03.wav
2013-10-30 15:09 - 2013-10-29 18:59 - 09172844 ____T C:\Users\Sebastian\Desktop\wordpuzzle02.wav
2013-10-27 21:08 - 2012-03-19 14:27 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Spotify
2013-10-27 15:48 - 2011-06-15 20:47 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\vlc
2013-10-25 14:49 - 2013-10-25 14:49 - 04688640 _____ C:\Users\Sebastian\Desktop\04.raw
2013-10-25 14:36 - 2013-10-25 14:36 - 14580054 _____ C:\Users\Sebastian\Desktop\P1090264.bmp
2013-10-24 14:37 - 2011-06-03 11:48 - 00000132 _____ C:\Users\Sebastian\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-10-20 13:21 - 2011-09-19 09:02 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-17 11:01 - 2012-05-25 17:04 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-17 11:01 - 2012-05-25 17:04 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-17 10:52 - 2011-07-27 21:54 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000UA
2013-10-17 10:52 - 2011-07-27 21:54 - 00003718 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000Core
2013-10-15 20:26 - 2013-02-21 11:09 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\BitTorrent
2013-10-15 20:16 - 2013-10-15 20:18 - 17424195 _____ C:\Users\Sebastian\Desktop\CAPTURE (03).mp4
2013-10-15 10:17 - 2011-11-28 16:56 - 00000462 _____ C:\Users\Sebastian\Desktop\Minecraft.lnk
2013-10-11 14:07 - 2013-10-11 14:07 - 00000000 ____D C:\Program Files (x86)\Ffmpeg For Audacity
2013-10-11 14:04 - 2013-10-11 14:04 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 16:06 - 2013-10-10 16:06 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-10-10 13:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 12:31 - 2009-07-14 05:45 - 05042816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 12:30 - 2013-03-13 22:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 12:30 - 2013-03-13 22:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 09:51 - 2011-05-18 15:59 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 09:47 - 2013-07-15 21:24 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 09:45 - 2011-08-26 09:16 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 09:40 - 2011-05-18 15:59 - 00002154 _____ C:\Windows\epplauncher.mif
2013-10-10 09:40 - 2011-05-18 15:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-10 09:40 - 2011-05-18 15:58 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-09 10:46 - 2012-04-27 11:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 10:46 - 2012-04-27 11:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 10:46 - 2011-05-17 18:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-07 20:16 - 2013-03-30 23:31 - 00000000 ____D C:\Users\Sebastian\Documents\GTA San Andreas User Files
2013-10-03 15:11 - 2011-06-15 20:47 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-03 14:17 - 2013-10-03 14:17 - 00000000 ____D C:\Program Files\VideoLAN
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-01 14:56
==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Sebastian at 2013-11-02 16:18:06
Running from C:\Users\Sebastian\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
3D-Viewer-innoplus (x32 Version: 14.00.70)
Ableton Live 8 (x32 Version: 8.0.0.0)
Adobe AIR (x32 Version: 3.4.0.2540)
Adobe Bridge 1.0 (x32 Version: 001.000.000)
Adobe Common File Installer (x32 Version: 1.00.0000)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Creative Suite 5.5 Production Premium (x32 Version: 5.5)
Adobe Download Assistant (x32 Version: 1.0.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Help Center 1.0 (x32 Version: 001.000.000)
Adobe InDesign CS2 (x32 Version: 004.000.000)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000)
Adobe Story (x32 Version: 1.0.1063)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
Apple Application Support (x32 Version: 1.4.1)
Apple Software Update (x32 Version: 2.1.1.116)
Audacity 2.0.4 (x32 Version: 2.0.4)
Avid Codecs LE (x32 Version: 2.3.2)
Avidemux 2.6 (x32 Version: 2.6.1.8321)
AviSynth 2.5 (x32)
Bass Station 1.6 (x32 Version: 1.6)
BitTorrent (x32 Version: 7.8.0.29112)
Blender (Version: 2.61-release)
Bluetooth Win7 Suite (64) (Version: 7.2.0.40)
CamStudio OSS Desktop Recorder (x32 Version: 2.6 Beta r294)
CPUID CPU-Z 1.65.1
CyberLink BD Advisor 2.0 (x32)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.3226)
CyberLink LabelPrint (x32 Version: 2.5.1916)
CyberLink LG Burning Tool (x32 Version: 6.2.3714)
CyberLink MediaShow (x32 Version: 4.1.3402)
CyberLink PowerDVD 9 (x32 Version: 9.0.2919.52)
CyberLink PowerProducer (x32 Version: 5.0.1.1520)
CyberLink YouCam (x32 Version: 1.0.2609)
DAEMON Tools Lite (x32 Version: 4.45.1.0236)
Dropbox (HKCU Version: 2.0.22)
DVD Decrypter (Remove Only) (x32)
DVDx 4.0 Open Edition (x32 Version: 4.0 (Open Edition))
DxO FilmPack 3 (Version: 3.4.94.0)
f.lux (HKCU)
FFmpeg v0.6.2 for Audacity (x32)
Firebird v2.0 (x32)
FireOne Driver 1.10 (x32 Version: 1.1.0)
FMOD Studio (x32)
Focusrite Plug-in Suite 1.1 (x32 Version: 1.1)
Foxit Reader (x32 Version: 4.3.1.323)
Free Screen Video Recorder version 2.5.22.608 (x32 Version: 2.5.22.608)
Geschichte der Zeit (x32 Version: 1.00.0000)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google SketchUp 8 (x32 Version: 3.0.14358)
Google Update Helper (x32 Version: 1.3.21.165)
Grand Theft Auto III (x32)
Grand Theft Auto: San Andreas (x32)
Grand Theft Auto: Vice City (x32)
HandBrake 0.9.8 (x32 Version: 0.9.8)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java Auto Updater (x32 Version: 2.0.6.1)
Java SE Development Kit 7 Update 25 (64-bit) (Version: 1.7.0.250)
Java(TM) 6 Update 29 (x32 Version: 6.0.290)
JBridge (x32)
Kurzweil PC3 Sound Editor 2.0.2.1 (x32)
L.A. Noire (x32)
LAME v3.99.3 (for Windows) (x32)
LG Tool Kit (x32 Version: 10.01.0712.01)
LightScribe System Software (x32 Version: 1.18.14.1)
LinuxLive USB Creator (x32 Version: 2.8)
Live 8.2.6 (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 91xx driver (x32 Version: 1.0.0.1051)
MediaInfo 0.7.50 (Version: 0.7.50)
Mediaport (x32)
Melodyne 3.2 (x32 Version: 3.2.0202)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Camera Codec Pack (Version: 16.0.0652.0621)
Microsoft Keyboard Layout Creator 1.4 (x32 Version: 1.4.6000)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.1.0)
Mozilla Thunderbird 24.1.0 (x86 de) (x32 Version: 24.1.0)
Mp3tag v2.49 (x32 Version: v2.49)
Native Instruments Abbey Road 60s Drums (Version: 1.2.0.003)
Native Instruments Abbey Road 60s Drums (x32)
Native Instruments Absynth 5 (Version: 5.1.0.1013)
Native Instruments Absynth 5 (x32)
Native Instruments Action Strings (Version: 1.0.0.002)
Native Instruments Action Strings (x32)
Native Instruments Battery 3 (Version: 3.2.2.633)
Native Instruments Battery 3 (x32)
Native Instruments Battery Library Importer for Maschine (Version: 1.0.0.003)
Native Instruments Battery Library Importer for Maschine (x32)
Native Instruments Berlin Concert Grand (Version: 1.3.0.004)
Native Instruments Berlin Concert Grand (x32)
Native Instruments FM8 (Version: 1.2.0.1016)
Native Instruments FM8 (x32)
Native Instruments Guitar Rig 5 (Version: 5.0.0.2354)
Native Instruments Guitar Rig 5 (x32)
Native Instruments Komplete 8 (Version: 8.0.0.001)
Native Instruments Komplete 8 (x32)
Native Instruments Kontakt 5 (Version: 5.0.3.5812)
Native Instruments Kontakt 5 (x32)
Native Instruments Kontakt Factory Library (Version: 1.0.1.006)
Native Instruments Kontakt Factory Library (x32)
Native Instruments Massive (Version: 1.3.0.2050)
Native Instruments Massive (x32)
Native Instruments Mikro Prism (Version: 1.0.0.001)
Native Instruments Mikro Prism (x32)
Native Instruments New York Concert Grand (Version: 1.3.0.004)
Native Instruments New York Concert Grand (x32)
Native Instruments Rammfire (Version: 1.1.0.003)
Native Instruments Rammfire (x32)
Native Instruments Reaktor 5 (Version: 5.7.0.264)
Native Instruments Reaktor 5 (x32)
Native Instruments Reaktor Factory Selection (Version: 1.1.0.002)
Native Instruments Reaktor Factory Selection (x32)
Native Instruments Reaktor Prism (Version: 1.2.0.005)
Native Instruments Reaktor Prism (x32)
Native Instruments Reaktor Spark R2 (Version: 1.1.0.004)
Native Instruments Reaktor Spark R2 (x32)
Native Instruments Reflektor (Version: 1.2.0.003)
Native Instruments Reflektor (x32)
Native Instruments Retro Machines Mk2 (Version: 1.0.0.007)
Native Instruments Retro Machines Mk2 (x32)
Native Instruments Scarbee MM-Bass (Version: 1.2.0.006)
Native Instruments Scarbee MM-Bass (x32)
Native Instruments Scarbee Vintage Keys (Version: 1.1.0.002)
Native Instruments Scarbee Vintage Keys (x32)
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Service Center (x32)
Native Instruments Studio Drummer (Version: 1.0.0.005)
Native Instruments Studio Drummer (x32)
Native Instruments The Finger R2 (Version: 1.1.0.004)
Native Instruments The Finger R2 (x32)
Native Instruments Traktors 12 (Version: 1.1.0.002)
Native Instruments Traktors 12 (x32)
Native Instruments Transient Master (Version: 1.0.0.004)
Native Instruments Transient Master (x32)
Native Instruments Upright Piano (Version: 1.3.0.004)
Native Instruments Upright Piano (x32)
Native Instruments Vienna Concert Grand (Version: 1.3.0.003)
Native Instruments Vienna Concert Grand (x32)
Native Instruments Vintage Organs (Version: 1.1.0.007)
Native Instruments Vintage Organs (x32)
Native Instruments West Africa (Version: 1.1.0.004)
Native Instruments West Africa (x32)
Neat Image v7.0 Demo plug-in for Photoshop (64-bit)
Neat Image v7.0 Demo Standalone
Neat Video v3.0 Demo plug-in for After Effects (64-bit)
NetBeans IDE 7.3.1 (Version: 7.3.1)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
Nvu 1.0 (x32 Version: 1.0)
Open Broadcaster Software (x32)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
P2PFilter 3.0.5 (x32 Version: 3.0.5)
Paint.NET v3.5.8 (Version: 3.58.0)
PDF Settings CS5 (x32 Version: 10.0)
Poladroid (x32 Version: 0.9.6.0)
Portal (x32)
Portal 2 (x32)
PxMergeModule (x32 Version: 1.00.0000)
QuickTime (x32 Version: 7.69.80.9)
Raw Therapee V4.0.9.50 x64 (Version: 4.0.950)
Realtek Ethernet Controller Driver (x32 Version: 7.37.1229.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6235)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
Rockstar Games Social Club (x32 Version: 1.1.0.6)
Room EQ Wizard V5 (x32)
RTAS MixControl 1.0 (x32 Version: 1.0)
Saffire MixControl 3.0 (Version: 3.0)
ScummVM 1.5.0 (x32)
ShiftN 3.6 (x32 Version: 3.6)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3)
Skype™ 6.1 (x32 Version: 6.1.129)
SopCast 3.8.2 (x32 Version: 3.8.2)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
SSL LMC-1 v1.0 (x32 Version: v1.0)
SSL X-ISM v1.1 (x32 Version: v1.1)
SSL X-ORCISM v1.1 (x32 Version: v1.1)
Star Wars - Jedi Knight II: Jedi Outcast (x32)
Steam (x32 Version: 1.0.0.0)
Steinberg Denoiser v1.51 (x32)
Stellarium 0.12.1 (Version: 0.12.1)
StreamTransport version: 1.0.2.2171 (x32)
SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48 (x32 Version: v2011.build.48)
SuperWave P8 (x32 Version: 2.4)
Sylenth1 Demo v2.20 (x32)
TeamViewer 8 (x32 Version: 8.0.18051)
TogglDesktop (x32 Version: 6.18.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
VLC media player 2.1.0 (Version: 2.1.0)
VueScan
VueScan (x32)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
XviD MPEG4 Video Codec (remove only) (x32)
Yahoo! Detect (x32)
YouTube Downloader Toolbar v4.6 (x32 Version: 4.6)
Zattoo4 4.0.5 (x32 Version: 4.0.5)
==================== Restore Points =========================
17-10-2013 09:12:52 Windows Update
19-10-2013 17:20:38 Installed SuperWave P8
21-10-2013 08:11:14 Windows Update
24-10-2013 12:30:54 Windows Update
27-10-2013 13:30:49 Windows Update
27-10-2013 18:18:10 Windows-Sicherung
31-10-2013 09:43:08 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0FADA454-52B5-4E98-AADF-A4A6781609DF} - System32\Tasks\{4252FB9F-7012-45ED-AE7E-1C02D478685C} => C:\Windows\twain_32\ESCNDV\Escndv.exe
Task: {166CAEB9-63CB-4E17-A6E1-A354CDB1FE28} - System32\Tasks\{FD0B5CE8-BC0A-449A-8BAE-AAAC43DB9F0E} => C:\Windows\twain_32\escndv\escndv.exe
Task: {23F860A8-009E-4432-A43A-A68F5F704E6F} - System32\Tasks\{8DF2BD9B-18B4-446C-9B0E-9D64FB6563A5} => C:\Windows\twain_32\ESCNDV\Escndv.exe
Task: {32275629-5EC4-4424-BCDE-E887534E6776} - System32\Tasks\{E0DF6831-51CA-4BE9-BB38-BF6C908091DA} => C:\Program Files (x86)\Smart Panel\SmaPanel.exe
Task: {384DF4A6-BD89-44DC-8CA8-2FF1F2995D51} - System32\Tasks\{378DCCAE-3C35-4100-BBF7-D0709B85E51A} => C:\Program Files (x86)\Syncrosoft\POS\H2O\cledx.exe
Task: {3F8AB14E-EBF7-48BB-8E62-564F221BB213} - System32\Tasks\{5EE3D803-0E80-4449-A7A9-04E4A0A6F3AC} => C:\Windows\twain_32\escndv\escndv.exe
Task: {57F55316-F36A-4EC4-99E6-8B3FDBB02CAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-25] (Google Inc.)
Task: {582863B7-B1FA-4E25-95FE-5ACB602320F1} - System32\Tasks\AdobeAAMUpdater-1.0-Sebastian-PC-Sebastian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {6A5796C5-9E7D-4C77-800C-D1E79A9BCD05} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000Core => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {76770716-C13C-4897-8A90-407D8E123445} - System32\Tasks\{A4580CB2-2C1C-42C7-85AE-530CA2711702} => C:\Windows\twain_32\escndv\escndv.exe
Task: {7E4BFC88-7C46-4EEE-85A0-18E7F9B65AF8} - System32\Tasks\{0A460B26-5176-4C2B-A4FB-13DC34298259} => C:\Windows\TWAIN_32\ESCNDV\ESCNDV.EXE
Task: {8448FF60-CFA5-45C3-9E11-5941D733054C} - System32\Tasks\{05C66E35-D344-4E38-9321-8F01110853AF} => C:\Windows\twain_32\ESCNDV\Escndv.exe
Task: {90C632EC-89A5-43C4-AE17-0A33B52B2F71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-25] (Google Inc.)
Task: {97DA19BA-F773-45EE-A832-8B7D1E61D716} - System32\Tasks\{80B29D0B-6065-4C3E-96A0-8590592E3E24} => C:\Program Files (x86)\Smart Panel\SmaPanel.exe
Task: {A1324829-7FCC-42BB-8E05-4DAA47980B87} - System32\Tasks\{D3558C74-BF2C-4043-A721-3FF67DE2314D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.59.105/en/abandoninstall?page=tsProgressBar
Task: {A30824C4-35A3-4014-827C-B5713BD827E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000UA => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {AE669A30-8971-4E48-BC3C-2419C64D4AC7} - System32\Tasks\{D952380E-264C-4DB0-90EB-1546BBE4EF7F} => C:\Program Files (x86)\Syncrosoft\POS\H2O\cledx.exe
Task: {AED8FB62-30B1-4FDB-869D-94691C0F0D3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {B61C30A7-8C97-42F8-9DB5-A0CFF1D4C837} - System32\Tasks\{DF6C7333-E9C3-4A55-8470-D7AFB5402093} => C:\Windows\twain_32\escndv\escndv.exe
Task: {EB59B247-93D9-41C9-8EA2-AAF59875A875} - System32\Tasks\{44298606-2FAC-4B51-8250-F9633958F1F6} => C:\Program Files (x86)\Smart Panel\SmaPanel.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000Core.job => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646551761-2381646346-3619639162-1000UA.job => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-12-16 02:37 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-10-14 14:35 - 2013-10-30 18:31 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-14 14:35 - 2013-10-30 18:31 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-14 14:35 - 2013-10-30 18:31 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-10-01 11:02 - 2013-10-01 11:02 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Sebastian\Lokale Einstellungen:nnzfmSdLsXBCbgpuN98
AlternateDataStreams: C:\Users\Sebastian\AppData\Local:nnzfmSdLsXBCbgpuN98
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/02/2013 00:16:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2013 11:39:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2013 07:57:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2013 10:34:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/30/2013 09:57:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 10:12:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2013 02:09:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AAM Updates Notifier.exe, Version: 2.0.242.0, Zeitstempel: 0x4d92a325
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xd94
Startzeit der fehlerhaften Anwendung: 0xAAM Updates Notifier.exe0
Pfad der fehlerhaften Anwendung: AAM Updates Notifier.exe1
Pfad des fehlerhaften Moduls: AAM Updates Notifier.exe2
Berichtskennung: AAM Updates Notifier.exe3
Error: (10/28/2013 09:59:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/27/2013 07:00:01 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (10/27/2013 02:21:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/27/2013 09:08:38 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (10/27/2013 09:08:37 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (10/27/2013 09:08:36 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (10/15/2013 08:28:51 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error: (10/15/2013 08:28:51 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error: (10/15/2013 08:28:50 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error: (10/12/2013 11:26:19 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/12/2013 11:26:19 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (10/10/2013 09:52:09 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.159.1713.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.3.0219.00
Quellpfad: 4.3.0219.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (10/10/2013 09:52:09 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.159.1713.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.3.0219.00
Quellpfad: 4.3.0219.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Microsoft Office Sessions:
=========================
Error: (11/02/2013 00:16:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2013 11:39:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2013 07:57:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2013 10:34:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/30/2013 09:57:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 10:12:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2013 02:09:33 PM) (Source: Application Error)(User: )
Description: AAM Updates Notifier.exe2.0.242.04d92a325unknown0.0.0.000000000c000000500000000d9401ced3bd3ea3ff2fC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeunknown2f9c81e0-3fd2-11e3-bb72-f46d049c1502
Error: (10/28/2013 09:59:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/27/2013 07:00:01 PM) (Source: Windows Backup)(User: )
Description: G:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (10/27/2013 02:21:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 16360.88 MB
Available physical RAM: 13692.42 MB
Total Pagefile: 32719.93 MB
Available Pagefile: 29519.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:294.51 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:680.22 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:1081.04 GB) NTFS
Drive z: () (Removable) (Total:14.83 GB) (Free:4.9 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 98238AD0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F6293F66)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F6293F67)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================
Gmer Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-02 16:31:21
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-001CA0 rev.15.01H15 465,76GB
Running: 4io05eqq.exe; Driver: E:\Temp\kglyauoc.sys
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\svchost.exe [1152:1476] 000007fefa788274
Thread C:\Windows\system32\svchost.exe [1152:1556] 000007fefa788274
Thread C:\Windows\System32\spoolsv.exe [1344:2352] 000007fef6c910c8
Thread C:\Windows\System32\spoolsv.exe [1344:2360] 000007fef6c56144
Thread C:\Windows\System32\spoolsv.exe [1344:2364] 000007fef6a45fd0
Thread C:\Windows\System32\spoolsv.exe [1344:2368] 000007fef6a33438
Thread C:\Windows\System32\spoolsv.exe [1344:2372] 000007fef6a463ec
Thread C:\Windows\System32\spoolsv.exe [1344:2380] 000007fef7915e5c
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00268315b248
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00268315b248 (not active ControlSet)
---- EOF - GMER 2.1 ----
Schon mal danke im Voraus! |
AdwCleaner auf deinen Desktop.
SecurityCheck und:
