ne hab das Fixlist.txt genannt.

Dann starte FRST und drücke den Scan Button. Poste danach die beiden Logfiles, die erstellt werden.

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-05-2013
Ran by user (administrator) on 22-05-2013 19:23:48
Running from C:\Users\user\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
(AVM Berlin) C:\Program Files (x86)\1&1\IGDCTRL.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Veoh Networks) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Farbar) C:\Users\user\Desktop\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cm108Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.cpl,CMICtrlWnd [6402048 2007-06-07] (C-Media Corporation)
HKLM\...\Run: [Cm106Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd [8757248 2010-10-08] (C-Media Corporation)
HKCU\...\Run: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2648184 2011-06-22] (Veoh Networks)
HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\user\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1635752 2013-05-04] (Valve Corporation)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [37888 2009-07-01] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2255184 2013-05-15] (LogMeIn Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\5iobvw9n.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Battlefield Heroes Updater - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\5iobvw9n.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\5iobvw9n.default\Extensions\ich@maltegoetz.de
FF Extension: adblockpopups - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\5iobvw9n.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: DivXWebPlayer - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\5iobvw9n.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\5iobvw9n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\5iobvw9n.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll (Kaspersky Lab ZAO)
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll (Kaspersky Lab ZAO)
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\plugin/npUrlAdvisor.dll (Kaspersky Lab ZAO)
CHR Plugin: (Skype Toolbars) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (ijji Auto Install Plugin for Mozilla) - C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U2) - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.20.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Unity Player) - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0
CHR Extension: (Virtual Keyboard) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0
CHR Extension: (Anti-Banner) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0

==================== Services (Whitelisted) =================

R2 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
R2 IGDCTRL; C:\Program Files (x86)\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4060984 2011-03-08] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] ()
S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll [x]
S2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-07] (DT Soft Ltd)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1310720 2010-08-12] (C-Media Electronics Inc)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dump_wmimmc; \??\C:\Program Files (x86)\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S0 PxHlpa64; System32\Drivers\PxHlpa64.sys [x]
S1 tuxnrfkk; \??\C:\Windows\system32\drivers\tuxnrfkk.sys [x]
S3 X6va006; \??\C:\Users\user\AppData\Local\Temp\00630D4.tmp [x]
S3 X6va007; \??\C:\Users\user\AppData\Local\Temp\00719DE.tmp [x]
S3 X6va008; \??\C:\Users\user\AppData\Local\Temp\0085C08.tmp [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-22 18:55 - 2013-05-22 18:55 - 00017538 ____A C:\Users\user\Desktop\Addition.txt
2013-05-22 18:41 - 2013-05-22 19:20 - 00000619 ____A C:\Users\user\Desktop\Fixlist.lnk
2013-05-22 18:40 - 2013-05-22 18:40 - 00000000 ____D C:\FRST
2013-05-22 18:39 - 2013-05-22 19:20 - 00000133 ____A C:\Users\user\Downloads\Fixlist.txt
2013-05-22 18:36 - 2013-05-22 18:36 - 01878460 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\_OTL
2013-05-22 17:53 - 2013-05-22 17:53 - 00002555 ____A C:\Users\user\Downloads\FSS.txt
2013-05-22 17:52 - 2013-05-22 17:52 - 00354299 ____A (Farbar) C:\Users\user\Downloads\FSS.exe
2013-05-22 17:19 - 2013-05-22 17:19 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-05-22 17:14 - 2013-05-22 17:14 - 00899584 ____A C:\Users\user\Downloads\MicrosoftFixit50535.msi
2013-05-22 17:14 - 2013-05-22 17:14 - 00014618 ____A C:\FixitRegBackup.reg
2013-05-22 16:23 - 2013-05-22 16:23 - 13503464 ____A (Microsoft Corporation) C:\Users\user\Downloads\mseinstall(1).exe
2013-05-22 13:25 - 2013-05-22 14:06 - 00000000 ____D C:\Users\user\Desktop\mbar
2013-05-22 13:25 - 2013-05-22 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-22 13:24 - 2013-05-22 13:24 - 12917756 ____A C:\Users\user\Desktop\mbar-1.05.0.1001.zip
2013-05-22 13:11 - 2013-05-22 13:11 - 13503464 ____A (Microsoft Corporation) C:\Users\user\Downloads\mseinstall.exe
2013-05-22 12:38 - 2013-05-22 12:38 - 00025183 ____A C:\ComboFix.txt
2013-05-22 12:20 - 2013-05-22 12:38 - 00000000 ____D C:\ComboFix
2013-05-22 01:50 - 2013-05-22 18:15 - 00032282 ____A C:\Users\user\Downloads\OTL.Txt
2013-05-22 01:23 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-05-22 01:23 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-05-22 01:23 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-05-22 01:23 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-05-22 01:23 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-05-22 01:23 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-05-22 01:23 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-05-22 01:23 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-05-22 01:22 - 2013-05-22 12:38 - 00000000 ___AD C:\Qoobox
2013-05-22 01:22 - 2013-05-22 12:30 - 00000000 ____D C:\Windows\erdnt
2013-05-22 01:10 - 2013-05-22 01:10 - 00015157 ____A C:\AdwCleaner[S1].txt
2013-05-22 01:08 - 2013-05-22 01:08 - 05068564 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2013-05-22 01:07 - 2013-05-22 01:07 - 00632031 ____A C:\Users\user\Downloads\adwcleaner.exe
2013-05-21 23:54 - 2013-05-21 23:54 - 01110476 ____A C:\Users\user\Downloads\7z920.exe
2013-05-21 23:54 - 2013-05-21 23:54 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-05-21 23:44 - 2013-05-22 01:50 - 00000000 ____D C:\Users\user\Desktop\otl.exe
2013-05-21 23:21 - 2013-05-21 23:21 - 00377856 ____A C:\Users\user\Downloads\gmer_2.1.19163.exe
2013-05-21 23:18 - 2013-05-21 23:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Downloads\OTL.exe
2013-05-21 23:17 - 2013-05-21 23:17 - 00050477 ____A C:\Users\user\Downloads\Defogger(1).exe
2013-05-21 20:27 - 2013-05-21 20:27 - 00377856 ____A C:\Users\user\Downloads\i2k5io6f.exe
2013-05-21 20:16 - 2013-05-21 23:23 - 00000342 ____A C:\Users\user\Downloads\defogger_enable.log
2013-05-21 20:15 - 2013-05-21 23:23 - 00000540 ____A C:\Users\user\Downloads\defogger_disable.log
2013-05-21 20:13 - 2013-05-21 20:14 - 00050477 ____A C:\Users\user\Downloads\Defogger.exe
2013-05-20 15:47 - 2013-05-21 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-17 18:20 - 2013-05-17 18:20 - 00000219 ____A C:\Users\user\Desktop\Dota 2.url
2013-05-16 02:52 - 2013-04-05 08:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 02:52 - 2013-04-05 08:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 02:52 - 2013-04-05 08:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-16 02:52 - 2013-04-05 08:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 02:52 - 2013-04-05 08:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-16 02:52 - 2013-04-05 07:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 02:52 - 2013-04-05 07:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 02:52 - 2013-04-05 07:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-16 02:52 - 2013-04-05 06:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-16 02:52 - 2013-04-05 06:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-16 02:52 - 2013-04-05 05:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-16 02:52 - 2013-04-05 05:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-15 12:00 - 2013-04-10 08:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 12:00 - 2013-04-10 08:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 12:00 - 2013-04-10 05:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 12:00 - 2013-03-19 07:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 12:00 - 2013-03-19 07:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-15 12:00 - 2013-02-27 08:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 12:00 - 2013-02-27 07:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 12:00 - 2013-02-27 07:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 12:00 - 2013-02-27 07:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 12:00 - 2013-02-27 07:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 12:00 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 12:00 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 12:00 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 12:00 - 2011-02-03 13:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-14 23:26 - 2013-05-14 23:26 - 17613192 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-05-14 21:39 - 2013-05-14 21:38 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-05-14 21:39 - 2013-05-14 21:38 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-05-14 21:39 - 2013-05-14 21:38 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-05-14 21:39 - 2013-05-14 21:38 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-05-08 17:19 - 2013-05-08 17:19 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-05-08 17:19 - 2013-05-08 17:19 - 00000000 ____D C:\Program Files (x86)\Rift Game
2013-05-07 19:17 - 2013-05-08 17:55 - 00000000 ____D C:\Users\user\AppData\Local\Warframe
2013-05-07 17:28 - 2013-05-07 17:28 - 00000222 ____A C:\Users\user\Desktop\Warframe.url
2013-05-07 16:57 - 2013-05-07 16:57 - 00000889 ____A C:\Users\Public\Desktop\Mass Effect 3.lnk
2013-05-07 14:38 - 2013-05-08 18:44 - 00000000 ____D C:\Users\user\AppData\Roaming\Origin
2013-05-07 14:38 - 2013-05-07 14:47 - 00000000 ____D C:\Users\user\AppData\Local\Origin
2013-05-07 14:38 - 2013-05-07 14:38 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-05-07 14:37 - 2013-05-07 14:47 - 00000000 ____D C:\ProgramData\Origin
2013-05-07 14:37 - 2013-05-07 14:38 - 00000000 ____D C:\Program Files (x86)\Origin
2013-05-07 14:37 - 2013-05-07 14:37 - 00000990 ____A C:\Users\Public\Desktop\Origin.lnk
2013-04-29 14:26 - 2013-04-29 14:26 - 00000000 ____D C:\Users\user\Desktop\Deardrops
2013-04-26 19:20 - 2013-04-26 19:20 - 00000222 ____A C:\Users\user\Desktop\Poker Night 2.url
2013-04-24 14:45 - 2013-04-12 16:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2013-05-22 19:20 - 2013-05-22 18:41 - 00000619 ____A C:\Users\user\Desktop\Fixlist.lnk
2013-05-22 19:20 - 2013-05-22 18:39 - 00000133 ____A C:\Users\user\Downloads\Fixlist.txt
2013-05-22 19:19 - 2011-06-23 18:23 - 00000000 ____D C:\Program Files (x86)\Giraffic
2013-05-22 18:55 - 2013-05-22 18:55 - 00017538 ____A C:\Users\user\Desktop\Addition.txt
2013-05-22 18:46 - 2012-03-03 03:12 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1910672903-869238230-1351456558-1000UA.job
2013-05-22 18:45 - 2012-07-09 22:18 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-22 18:40 - 2013-05-22 18:40 - 00000000 ____D C:\FRST
2013-05-22 18:36 - 2013-05-22 18:36 - 01878460 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-05-22 18:29 - 2011-04-04 15:37 - 01968222 ____A C:\Windows\WindowsUpdate.log
2013-05-22 18:26 - 2012-05-03 02:57 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-22 18:15 - 2013-05-22 01:50 - 00032282 ____A C:\Users\user\Downloads\OTL.Txt
2013-05-22 18:08 - 2011-04-04 17:59 - 00000000 ____D C:\Users\user\AppData\Roaming\TS3Client
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\_OTL
2013-05-22 17:53 - 2013-05-22 17:53 - 00002555 ____A C:\Users\user\Downloads\FSS.txt
2013-05-22 17:52 - 2013-05-22 17:52 - 00354299 ____A (Farbar) C:\Users\user\Downloads\FSS.exe
2013-05-22 17:27 - 2013-02-20 01:18 - 00002122 ____A C:\Windows\epplauncher.mif
2013-05-22 17:26 - 2013-02-20 01:18 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-05-22 17:26 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-22 17:26 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-22 17:24 - 2011-06-28 17:54 - 00000000 ____D C:\Users\user\AppData\Local\LogMeIn Hamachi
2013-05-22 17:19 - 2013-05-22 17:19 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-05-22 17:19 - 2012-07-23 20:10 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-22 17:19 - 2012-02-06 12:37 - 00000937 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-05-22 17:19 - 2011-10-07 15:51 - 00000000 ____D C:\Users\user\AppData\Local\Deployment
2013-05-22 17:19 - 2011-06-23 18:23 - 00000000 ____D C:\ProgramData\Giraffic
2013-05-22 17:18 - 2012-07-09 22:18 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-22 17:18 - 2011-07-13 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-22 17:18 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-22 17:18 - 2009-07-14 06:51 - 00101922 ____A C:\Windows\setupact.log
2013-05-22 17:14 - 2013-05-22 17:14 - 00899584 ____A C:\Users\user\Downloads\MicrosoftFixit50535.msi
2013-05-22 17:14 - 2013-05-22 17:14 - 00014618 ____A C:\FixitRegBackup.reg
2013-05-22 16:23 - 2013-05-22 16:23 - 13503464 ____A (Microsoft Corporation) C:\Users\user\Downloads\mseinstall(1).exe
2013-05-22 15:22 - 2011-04-04 15:54 - 00000000 ____D C:\Users\user\AppData\Roaming\Winamp
2013-05-22 14:06 - 2013-05-22 13:25 - 00000000 ____D C:\Users\user\Desktop\mbar
2013-05-22 13:45 - 2011-10-07 15:51 - 00000000 ____D C:\Users\user\AppData\Local\Apps\2.0
2013-05-22 13:45 - 2010-11-21 05:47 - 00212544 ____A C:\Windows\PFRO.log
2013-05-22 13:43 - 2012-06-12 22:21 - 00000000 ____D C:\Users\user\AppData\Roaming\OpenOffice.org
2013-05-22 13:43 - 2011-07-06 11:54 - 00000000 ____D C:\Users\user\AppData\Roaming\TeamViewer
2013-05-22 13:43 - 2011-04-04 17:57 - 00000000 ____D C:\Users\user\AppData\Roaming\Macromedia
2013-05-22 13:43 - 2011-04-04 15:56 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2013-05-22 13:25 - 2013-05-22 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-22 13:24 - 2013-05-22 13:24 - 12917756 ____A C:\Users\user\Desktop\mbar-1.05.0.1001.zip
2013-05-22 13:11 - 2013-05-22 13:11 - 13503464 ____A (Microsoft Corporation) C:\Users\user\Downloads\mseinstall.exe
2013-05-22 12:38 - 2013-05-22 12:38 - 00025183 ____A C:\ComboFix.txt
2013-05-22 12:38 - 2013-05-22 12:20 - 00000000 ____D C:\ComboFix
2013-05-22 12:38 - 2013-05-22 01:22 - 00000000 ___AD C:\Qoobox
2013-05-22 12:32 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-05-22 12:30 - 2013-05-22 01:22 - 00000000 ____D C:\Windows\erdnt
2013-05-22 01:50 - 2013-05-21 23:44 - 00000000 ____D C:\Users\user\Desktop\otl.exe
2013-05-22 01:39 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-05-22 01:29 - 2011-06-19 13:50 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2013-05-22 01:29 - 2011-04-04 18:53 - 00000000 ____D C:\Users\user\AppData\Roaming\RIFT
2013-05-22 01:10 - 2013-05-22 01:10 - 00015157 ____A C:\AdwCleaner[S1].txt
2013-05-22 01:08 - 2013-05-22 01:08 - 05068564 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2013-05-22 01:07 - 2013-05-22 01:07 - 00632031 ____A C:\Users\user\Downloads\adwcleaner.exe
2013-05-21 23:54 - 2013-05-21 23:54 - 01110476 ____A C:\Users\user\Downloads\7z920.exe
2013-05-21 23:54 - 2013-05-21 23:54 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-05-21 23:23 - 2013-05-21 20:16 - 00000342 ____A C:\Users\user\Downloads\defogger_enable.log
2013-05-21 23:23 - 2013-05-21 20:15 - 00000540 ____A C:\Users\user\Downloads\defogger_disable.log
2013-05-21 23:21 - 2013-05-21 23:21 - 00377856 ____A C:\Users\user\Downloads\gmer_2.1.19163.exe
2013-05-21 23:18 - 2013-05-21 23:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Downloads\OTL.exe
2013-05-21 23:17 - 2013-05-21 23:17 - 00050477 ____A C:\Users\user\Downloads\Defogger(1).exe
2013-05-21 22:47 - 2012-12-19 18:57 - 00000000 ____D C:\Users\user\AppData\Roaming\Mumble
2013-05-21 20:37 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-21 20:27 - 2013-05-21 20:27 - 00377856 ____A C:\Users\user\Downloads\i2k5io6f.exe
2013-05-21 20:14 - 2013-05-21 20:13 - 00050477 ____A C:\Users\user\Downloads\Defogger.exe
2013-05-21 20:04 - 2011-06-19 13:50 - 00000000 ____D C:\ProgramData\Skype
2013-05-21 19:38 - 2012-04-25 16:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-21 11:57 - 2013-05-20 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-21 11:46 - 2012-03-03 03:12 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1910672903-869238230-1351456558-1000Core.job
2013-05-18 18:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-05-18 15:35 - 2011-04-04 19:03 - 00378260 ____A C:\Windows\DirectX.log
2013-05-17 18:20 - 2013-05-17 18:20 - 00000219 ____A C:\Users\user\Desktop\Dota 2.url
2013-05-16 12:23 - 2009-07-14 06:45 - 00290704 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 02:57 - 2011-04-04 16:15 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-16 02:54 - 2010-11-21 08:50 - 00654150 ____A C:\Windows\System32\perfh007.dat
2013-05-16 02:54 - 2010-11-21 08:50 - 00130022 ____A C:\Windows\System32\perfc007.dat
2013-05-16 02:54 - 2009-07-14 07:13 - 01519798 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-14 23:26 - 2013-05-14 23:26 - 17613192 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-05-14 23:26 - 2012-05-03 02:57 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-14 23:26 - 2012-05-03 02:57 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-14 21:38 - 2013-05-14 21:39 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-05-14 21:38 - 2013-05-14 21:39 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-05-14 21:38 - 2013-05-14 21:39 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-05-14 21:38 - 2013-05-14 21:39 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-05-14 21:38 - 2012-04-04 03:41 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-05-14 21:38 - 2012-04-04 03:40 - 00000000 ____D C:\Program Files (x86)\Java
2013-05-14 21:38 - 2011-04-04 15:56 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-05-14 17:11 - 2011-09-28 08:45 - 00000000 ____D C:\Users\user\Desktop\Mucke
2013-05-14 00:47 - 2011-04-04 17:56 - 00000000 ____D C:\Users\user\AppData\Roaming\Mozilla
2013-05-08 18:44 - 2013-05-07 14:38 - 00000000 ____D C:\Users\user\AppData\Roaming\Origin
2013-05-08 17:55 - 2013-05-07 19:17 - 00000000 ____D C:\Users\user\AppData\Local\Warframe
2013-05-08 17:19 - 2013-05-08 17:19 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-05-08 17:19 - 2013-05-08 17:19 - 00000000 ____D C:\Program Files (x86)\Rift Game
2013-05-07 19:20 - 2011-04-11 19:07 - 00000000 ____D C:\Users\user\Documents\BioWare
2013-05-07 17:28 - 2013-05-07 17:28 - 00000222 ____A C:\Users\user\Desktop\Warframe.url
2013-05-07 16:57 - 2013-05-07 16:57 - 00000889 ____A C:\Users\Public\Desktop\Mass Effect 3.lnk
2013-05-07 14:47 - 2013-05-07 14:38 - 00000000 ____D C:\Users\user\AppData\Local\Origin
2013-05-07 14:47 - 2013-05-07 14:37 - 00000000 ____D C:\ProgramData\Origin
2013-05-07 14:38 - 2013-05-07 14:38 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-05-07 14:38 - 2013-05-07 14:37 - 00000000 ____D C:\Program Files (x86)\Origin
2013-05-07 14:37 - 2013-05-07 14:37 - 00000990 ____A C:\Users\Public\Desktop\Origin.lnk
2013-05-07 14:37 - 2011-04-13 16:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-05-02 17:29 - 2010-11-21 05:27 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-04-29 14:26 - 2013-04-29 14:26 - 00000000 ____D C:\Users\user\Desktop\Deardrops
2013-04-26 19:25 - 2013-02-26 16:47 - 00000000 ____D C:\Users\user\Documents\Telltale Games
2013-04-26 19:20 - 2013-04-26 19:20 - 00000222 ____A C:\Users\user\Desktop\Poker Night 2.url

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-14 12:59

==================== End Of Log ============================
         

das war alle was ich bekommen hab bei scan

Ok, ich seh jetzt, warum das vorhin nicht geklappt hat:

Zitat:

2013-05-22 18:41 - 2013-05-22 19:20 - 00000619 ____A C:\Users\user\Desktop\Fixlist.lnk
2013-05-22 18:39 - 2013-05-22 19:20 - 00000133 ____A C:\Users\user\Downloads\Fixlist.txt

Die Fixlist.txt muss direkt auf dem Desktop liegen (nicht wie hier im Download-Ordner). Es reicht nicht, nur eine Verknüpfung (fixlist.lnk) dorthin zu legen.
Wiederhole diese Schritte bitte nochmals wie folgt und achte, dass du die Fixlist.txt direkt auf den Desktop speicherst:



Schritt 1

Drücke die + R Taste und schreibe "notepad" in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument:

Code: Alles auswählenAufklappen

ATTFilter

DeleteJunctionsInDirectory: C:\Program Files\Microsoft Security Client
DeleteJunctionsInDirectory: C:\Program Files\Windows Defender
         

Speichere dieses dann bitte unter dem Dateinamen Fixlist.txt ebenfalls auf deinen Desktop neben FRST.

• Starte nun FRST64.exe und klicke den Fix Button.
• Das Tool erstellt eine Fixlog.txt. Poste mir deren Inhalt.
• Starte danach den Rechner neu auf.

Schritt 2

Downloade dir bitte Farbar Service Scanner

• Starte das Tool mit Doppelklick auf die FSS.exe
• Gehe sicher, dass folgende Optionen angehakt sind.
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other Services
• Klicke auf Scan.
• Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

Bitte poste in deiner nächsten Antwort:

• Fixlog von FRST
• Log von FSS

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-05-2013
Ran by user at 2013-05-22 19:36:34 Run:1
Running from C:\Users\user\Desktop
Boot Mode: Normal
==============================================

"C:\Program Files\Microsoft Security Client" => Deleting junctions completed successfully.
"C:\Program Files\Windows Defender" => Deleting junctions completed successfully.

==== End of Fixlog ====
         

Code: Alles auswählenAufklappen

ATTFilter

Farbar Service Scanner Version: 14-04-2013
Ran by user (administrator) on 22-05-2013 at 19:38:16
Running from "C:\Users\user\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

Prima.
Kannst du jetzt dein Antivirenprogramm wieder normal starten und bedienen?

warte ich probier es aus

also microsoft essentials kann ich nicht installieren und window defander oder wie das teil heißt geht auch nicht anzuschalten

Bleibt das nach einem Neustart gleich?
Bekommst du denn eine Fehlermeldung?

warte probier es mit neustart meld mich gleich wieder

ok.

also windows defender scheint zu gehen aber micrsoft essentials lässt sich nicht installieren da kommt eine fehler meldung wenn du noch ein gute kostenlose programm kennst sag bescheid^^

Zitat:

micrsoft essentials lässt sich nicht installieren da kommt eine fehler meldung

Microsoft Security Essetials sollte doch eigentlich bereits installiert sein.. Kannst du es nicht mehr starten oder was ist genau das Problem?
Kannst du mir bitte die genaue Fehlermeldung angeben?

Der Setup-Assitent für Security essetials konnte aufgrunde eines Fehlers nicht erfolgreich abgeschlossen werden.Starten sie den Computer neu, und wiederholen sie den vorgang.

so ist die fehler meldung ich hab den rechner schon 3 mal neugestartet aber es kommt immer wieder

Aber erklär mir bitte die Situation etwas genauer: Warum versuchst du überhaupt, Security Essentials zu installieren? Ist es nicht bereits installiert?

nein es ist nicht installiert freundin hat es gelöscht meint sie mit irgendein microsoft fixer und nun sollte ich es neu drauf machen