Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ist der GVU Trojaner vollständig entfernt worden? (Windows7)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 09.07.2013, 14:04   #1
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Guten Tag liebes Trojaner-Board Team,
ich möchte mich vorab für Ihre Unterstützung herzlich bedanken.

Ich habe mir am 08.07.2013 einen GVU-Trojaner eingefangen (gegen 22:14). Diesen habe ich mit Hilfe einer Anleitung auch "entfernt". Und dies ist apostrophiert, weil ich eben nicht weiß, ob er komplett von meinem System verschwunden ist.

Ich habe nach dem Entfernen NSI und Malwarebytes mein System scannen lassen, wobei zweiteres 4 Dateien entfernt hat.
Aus dem Malwarebytes Log:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.09.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Felix :: ***-PC [Administrator]

Schutz: Aktiviert

09.07.2013 07:18:15
mbam-log-2013-07-09 (07-18-15).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 661962
Laufzeit: 1 Stunde(n), 17 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\Software\Microsoft\Windows NT\CurrentVersion\WinlogoN|Shell (PUM.Shell.CMD) -> Daten: cmd.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\ProgramData\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\***\AppData\Roaming\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\***\AppData\Local\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Nun erbitte ich Hilfe bei meinem Problem: Ist mein System wieder sicher?

Beim Ausführen von defogger trat kein Fehler auf.

Die 3 restlichen Logfiles befinden sich im Anhang (Ich hoffe, dass dies richtig ist, denn so besagt es mir hier eine Meldung).

Ich bedanke mich noch einmal für ihren Aufwand und Hilfe!

Mit freundlichen Grüßen,
iTelix

Alt 09.07.2013, 14:11   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 09.07.2013, 15:19   #3
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Danke für deine rasche Antwort

Hier die FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2013
Ran by *** (administrator) on 09-07-2013 16:16:52
Running from C:\Users\***\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TuneUp Software) D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesApp64.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Command Processor: "C:\Users\***\AppData\Local\Temp\kyvhgctkakiuavpeb.exe" <======= ATTENTION
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: []  [x]
IMEO\AcroRd32.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\adobe air application installer.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\extendscript toolkit.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hamachi-2-ui.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hpwucli.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\overwolflauncher.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\pdapp.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\switchboard.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\teamviewer.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
SearchScopes: HKCU - {0BF262BC-E618-400C-B64B-1FD001F586DF} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {CAB8EA08-FEE6-49AA-8351-1ED690DCBB63} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=ebb6b3e5-3d0b-4bfc-aba5-9c5981911b24&apn_sauid=B63E8B57-CC20-4FC5-82AF-E729171E3613
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
S4 Hamachi2Svc; D:\***\Programme\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-03] ()
R2 TuneUp.UtilitiesSvc; D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-05-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130708.022\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130708.022\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130708.022\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130708.022\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
S3 NTIOLib_1_0_4; D:\***\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_4; D:\***\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 MSI_MSIBIOS_010507; \??\D:\***\Programme\MSI\Live Update 5\msibios64_100507.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\***\Desktop\logfiles.zip
2013-07-09 14:56 - 2013-07-09 14:23 - 00063559 ____A C:\Users\***\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\***\Desktop\gmer.log
2013-07-09 13:49 - 2013-07-09 13:33 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-09 13:46 - 2013-07-09 13:45 - 00108704 ____A C:\Users\***\Desktop\OTL.Txt
2013-07-09 13:46 - 2013-07-09 13:44 - 00147554 ____A C:\Users\***\Desktop\Extras.Txt
2013-07-09 13:46 - 2013-07-09 13:35 - 00000472 ____A C:\Users\***\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\***\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 07:12 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-07 21:37 - 2013-07-07 21:38 - 00000000 ____D C:\Users\***\AppData\Local\NPE
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\***\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\***\.recently-used.xbel
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\***\Desktop\Audacity.lnk
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:08 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-03 18:08 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-02 00:03 - 2013-07-02 00:13 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:03 - 2013-07-02 00:13 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Local\UWebKit
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\***\Documents\Klei
2013-06-26 19:00 - 2013-06-26 19:02 - 00000000 ____D C:\Users\***\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\***\AppData\Local\Arma 3
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\***\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:14 - 2013-06-24 19:34 - 00000000 ____D C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-21 20:23 - 1998-06-18 00:00 - 00089360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 21:00 - 2013-06-17 00:27 - 00000000 ____D C:\Users\***\Documents\dragoon
2013-06-16 20:59 - 2013-06-30 18:25 - 00101440 ____A C:\Windows\DirectX.log
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 19:52 - 2013-06-26 19:00 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-15 19:42 - 2013-07-08 20:54 - 00019310 ____A C:\Windows\PFRO.log
2013-06-12 14:30 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 14:30 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 14:30 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 14:30 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 14:30 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 14:30 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 14:30 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 14:30 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 14:30 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 14:30 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 14:30 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 14:30 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 14:30 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:28 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:28 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:28 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:28 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:28 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 14:28 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 14:28 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:24 - 2013-07-09 14:25 - 00004043 ____A C:\Windows\setupact.log
2013-06-09 11:24 - 2013-07-03 13:37 - 00075080 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-09 11:24 - 2013-07-03 13:36 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-06-09 01:16 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-06-09 01:16 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-06-09 01:16 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

==================== One Month Modified Files and Folders =======

2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 16:16 - 2012-02-10 20:50 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-07-09 15:28 - 2012-04-02 14:48 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\***\Desktop\logfiles.zip
2013-07-09 14:33 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:33 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:30 - 2011-04-12 09:43 - 00707462 ____A C:\Windows\System32\perfh007.dat
2013-07-09 14:30 - 2011-04-12 09:43 - 00153054 ____A C:\Windows\System32\perfc007.dat
2013-07-09 14:30 - 2009-07-14 07:13 - 01642812 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-09 14:28 - 2012-01-30 11:31 - 01067544 ____A C:\Windows\WindowsUpdate.log
2013-07-09 14:25 - 2013-06-09 11:24 - 00004043 ____A C:\Windows\setupact.log
2013-07-09 14:25 - 2012-05-28 16:43 - 00000374 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-09 14:25 - 2012-01-31 04:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-09 14:25 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-09 14:23 - 2013-07-09 14:56 - 00063559 ____A C:\Users\***\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\***\Desktop\gmer.log
2013-07-09 13:45 - 2013-07-09 13:46 - 00108704 ____A C:\Users\***\Desktop\OTL.Txt
2013-07-09 13:44 - 2013-07-09 13:46 - 00147554 ____A C:\Users\***\Desktop\Extras.Txt
2013-07-09 13:35 - 2013-07-09 13:46 - 00000472 ____A C:\Users\***\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-09 13:35 - 2012-02-10 20:12 - 00000000 ____D C:\users\***
2013-07-09 13:33 - 2013-07-09 13:49 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-09 12:59 - 2012-01-30 11:23 - 00000000 ____D C:\Windows\Panther
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\***\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 00:39 - 2009-07-14 04:34 - 00524288 ____A C:\Windows\System32\config\DEFAULT.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SAM.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 68943872 ____A C:\Windows\System32\config\SOFTWARE.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 23330816 ____A C:\Windows\System32\config\SYSTEM.bak
2013-07-08 22:08 - 2013-03-01 17:46 - 00000000 ____D C:\Users\***\AppData\Roaming\.minecraft
2013-07-08 20:54 - 2013-06-15 19:42 - 00019310 ____A C:\Windows\PFRO.log
2013-07-08 19:49 - 2012-05-26 15:56 - 00007649 ____A C:\Users\***\AppData\Local\Resmon.ResmonCfg
2013-07-08 16:02 - 2013-05-12 20:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-07 21:38 - 2013-07-07 21:37 - 00000000 ____D C:\Users\***\AppData\Local\NPE
2013-07-07 21:38 - 2012-09-09 16:24 - 00000000 ____D C:\ProgramData\Norton
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-07 18:06 - 2012-02-10 23:59 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-07 00:25 - 2012-02-11 01:25 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-07 00:25 - 2012-02-11 01:12 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-07 00:25 - 2012-02-11 01:12 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-06 14:54 - 2012-02-12 00:29 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\***\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\***\.recently-used.xbel
2013-07-04 00:31 - 2012-03-10 18:07 - 00000000 ____D C:\Users\***\AppData\Roaming\gtk-2.0
2013-07-04 00:31 - 2012-03-10 18:03 - 00000000 ____D C:\Users\***\.gimp-2.6
2013-07-03 20:59 - 2012-08-31 23:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Audacity
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\***\Desktop\Audacity.lnk
2013-07-03 18:15 - 2013-03-19 20:56 - 00000000 ____D C:\Users\***\AppData\Local\LogMeIn Hamachi
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:09 - 2012-01-31 04:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-03 13:37 - 2013-06-09 11:24 - 00075080 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 13:36 - 2013-06-09 11:24 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-02 00:13 - 2013-07-02 00:03 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:13 - 2013-07-02 00:03 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-01 14:59 - 2012-11-23 18:41 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Local\UWebKit
2013-07-01 13:07 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\***\Documents\Klei
2013-06-30 18:25 - 2013-06-16 20:59 - 00101440 ____A C:\Windows\DirectX.log
2013-06-26 19:02 - 2013-06-26 19:00 - 00000000 ____D C:\Users\***\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\***\AppData\Local\Arma 3
2013-06-26 19:00 - 2013-06-15 19:52 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\***\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:34 - 2013-06-24 19:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-22 02:24 - 2012-02-10 22:46 - 00000000 ____D C:\Users\***\AppData\Roaming\HpUpdate
2013-06-21 20:26 - 2012-01-30 11:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-21 14:06 - 2013-07-03 18:08 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-03 18:08 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-06 20:05 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2012-08-21 21:16 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2012-02-24 20:53 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2012-01-31 04:02 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2012-01-31 04:02 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 12:23 - 2013-02-08 14:22 - 00002501 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-06-20 12:23 - 2012-09-09 16:24 - 00000000 ____D C:\Windows\System32\Drivers\NISx64
2013-06-20 06:17 - 2012-02-24 20:55 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-19 13:02 - 2012-09-09 16:24 - 00177312 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2013-06-19 13:02 - 2012-09-09 16:24 - 00007631 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2013-06-17 00:27 - 2013-06-16 21:00 - 00000000 ____D C:\Users\***\Documents\dragoon
2013-06-16 21:13 - 2012-02-11 01:25 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-16 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-16 00:18 - 2013-02-09 15:51 - 00000000 ____D C:\ProgramData\WarThunder
2013-06-16 00:17 - 2012-08-22 18:07 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-15 22:06 - 2012-02-11 23:22 - 00000000 ____D C:\ProgramData\Adobe
2013-06-15 22:05 - 2012-02-12 00:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-06-15 22:05 - 2012-02-11 23:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-15 22:03 - 2012-02-10 20:30 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 21:55 - 2012-02-11 03:33 - 00000000 ____D C:\Users\***\Documents\My Games
2013-06-15 19:52 - 2013-03-28 00:08 - 00000000 ____D C:\Users\***\AppData\Local\Arma 3 Alpha
2013-06-15 19:40 - 2012-06-23 22:20 - 00000000 ____D C:\Users\***\AppData\Local\ArmA 2 OA
2013-06-15 09:19 - 2012-02-11 23:22 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-06-13 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 18:28 - 2012-04-02 14:48 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:28 - 2012-02-10 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 16:23 - 2012-12-16 23:22 - 01619770 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-12 14:29 - 2012-02-11 11:39 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 23:40 - 2012-03-10 18:05 - 00000000 ____D C:\Users\***\.thumbnails
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 11:24 - 2013-02-23 20:37 - 00001120 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA.job
2013-06-09 11:24 - 2013-02-23 20:37 - 00001068 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core.job
2013-06-09 01:20 - 2013-05-25 00:08 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-08 23:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Und die Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2013
Ran by *** at 2013-07-09 16:17:09
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 3.3.0.3670)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
AION Free-to-Play Version 1.0 (x32 Version: 1.0)
Alan Wake (x32)
Alan Wake's American Nightmare (x32)
Alien Swarm (x32)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Fuel (Version: 2012.0704.2139.36919)
ANNO 2070 (x32 Version: 1.0.0.0)
ARMA 2 (x32)
Arma 2: DayZ Mod (x32)
ARMA 2: Operation Arrowhead (x32)
Arma 3 Alpha (x32)
Ask Toolbar (x32 Version: 1.14.1.0)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.4.7.0)
Assassin's Creed(R) III v1.05 (x32 Version: 1.05)
Audacity 2.0.3 (x32 Version: 2.0.3)
Audials (x32 Version: 8.0.54900.0)
Audials TV (x32 Version: 1.3.10803.300)
Bandisoft MPEG-1 Decoder (x32)
Battlefield 1942™ (x32 Version: 1.6.20.0)
Battlefield 3™ (x32 Version: 1.4.0.0)
Battlefront Extreme 2.2 (x32)
BattlEye for OA Uninstall (x32)
Borderlands (x32)
Borderlands 2 (x32)
BufferChm (x32 Version: 140.0.212.000)
CANYON USB PC CAMERA (x32 Version: 1.0.20)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0704.2139.36919)
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.2139.36919)
Catalyst Control Center Localization All (x32 Version: 2012.0704.2139.36919)
CCC Help Chinese Standard (x32 Version: 2012.0704.2138.36919)
CCC Help Chinese Traditional (x32 Version: 2012.0704.2138.36919)
CCC Help Czech (x32 Version: 2012.0704.2138.36919)
CCC Help Danish (x32 Version: 2012.0704.2138.36919)
CCC Help Dutch (x32 Version: 2012.0704.2138.36919)
CCC Help English (x32 Version: 2012.0704.2138.36919)
CCC Help Finnish (x32 Version: 2012.0704.2138.36919)
CCC Help French (x32 Version: 2012.0704.2138.36919)
CCC Help German (x32 Version: 2012.0704.2138.36919)
CCC Help Greek (x32 Version: 2012.0704.2138.36919)
CCC Help Hungarian (x32 Version: 2012.0704.2138.36919)
CCC Help Italian (x32 Version: 2012.0704.2138.36919)
CCC Help Japanese (x32 Version: 2012.0704.2138.36919)
CCC Help Korean (x32 Version: 2012.0704.2138.36919)
CCC Help Norwegian (x32 Version: 2012.0704.2138.36919)
CCC Help Polish (x32 Version: 2012.0704.2138.36919)
CCC Help Portuguese (x32 Version: 2012.0704.2138.36919)
CCC Help Russian (x32 Version: 2012.0704.2138.36919)
CCC Help Spanish (x32 Version: 2012.0704.2138.36919)
CCC Help Swedish (x32 Version: 2012.0704.2138.36919)
CCC Help Thai (x32 Version: 2012.0704.2138.36919)
CCC Help Turkish (x32 Version: 2012.0704.2138.36919)
ccc-utility64 (Version: 2012.0704.2139.36919)
Command & Conquer 3 Tiberium Wars™ (x32 Version: 1.0.0.0)
Copy (x32 Version: 140.0.212.000)
Crysis (x32)
Crysis 2 Maximum Edition (x32)
Crysis Warhead (x32)
Darth Vader Theme Win7 (x32)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000)
Don't Starve (x32)
Dota 2 (x32)
Dragon's Prophet (x32 Version: 1.0.1087.10)
EA Shared Game Component: Activation (x32 Version: 2.2.0)
EA Shared Game Component: Activation (x32 Version: 2.2.0.62)
Empire: Total War (x32)
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
Euro Truck Simulator 2 (x32 Version: 1.1.1)
F4500 (x32 Version: 140.0.690.000)
Far Cry 3 (x32 Version: 1.05)
FormatFactory 2.90 (x32 Version: 2.90)
Fraps (remove only) (x32)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
Galactic Civilizations II: Ultimate Edition (x32)
Gameforge Live 1.0 "Legend" (x32 Version: 1.1.1724)
GameSpy Comrade (x32 Version: 1.5.0.156)
Geeks3D.com FurMark 1.9.0 (x32)
GIMP 2.6.8
Google Talk Plugin (x32 Version: 3.19.1.13088)
GPBaseService2 (x32 Version: 140.0.211.000)
GPL Ghostscript (x32 Version: 9.05)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
Guild Wars 2 (x32)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Product Detection (x32 Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.003.001.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
HPSSupply (x32 Version: 140.0.211.000)
Imaging Device Functions 14.0 (Version: 14.0)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (x32 Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.0)
JDownloader 0.9 (x32 Version: 0.9)
Kalydo Player 5.00.01 (HKCU Version: 5.00.01)
League of Legends (x32 Version: 1.3)
Live Update 5 (x32 Version: 5.0.099)
Logitech Gaming Software (Version: 8.35.18)
Logitech Gaming Software 8.35 (Version: 8.35.18)
Logitech SetPoint 6.32 (Version: 6.32.20)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mango Skin Pack 2.0-X86 (x32 Version: 2.0-X86)
March of War (x32)
MarketResearch (x32 Version: 140.0.212.000)
Mass Effect (x32 Version: 1.00)
Mass Effect 2 (x32 Version: 1.2.1604.0)
Mass Effect™ 3 (x32 Version: 1.05.0.0)
Metro 2033 (x32)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Minecraft Texturepack Editor (x32)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Napoleon: Total War (x32)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Norton Internet Security (x32 Version: 20.4.0.40)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
Opera 12.16 (x32 Version: 12.16.1860)
Origin (x32 Version: 8.5.0.4518)
Pando Media Booster (x32 Version: 2.6.0.6)
PlanetSide 2 (x32)
PSPad editor (x32)
PunkBuster Services (x32 Version: 0.993)
PxMergeModule (x32 Version: 1.00.0000)
RCRN v3.6 - Steam Workshop Optimized (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.53.216.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
RealWorld Change Cursor (Version: 2.0.0)
Republic at War 1.1.5 (x32 Version: 1.1.5)
Republic at War 1.1.5 Deutsch (x32 Version: 1.1.5)
Runes of Magic (x32 Version: 5.0.5.2592)
RunesOfMagic (HKCU Version: 5.00.10.2634)
Scan (x32 Version: 140.0.80.000)
Shop for HP Supplies (Version: 14.0)
Sid Meier's Civilization V (x32)
SimCity™ (x32 Version: 1.0.0.0)
SimCity™ Closed Beta (x32 Version: 1.0.0.0)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.107)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.213.000)
Sonic Adventure™ 2  (x32)
Star Trek Online (x32)
Star Wars - Battlefront II (x32)
Star Wars Empire at War (x32 Version: 1.0)
Star Wars Empire at War Forces of Corruption (x32 Version: 1.0)
Star Wars: Knights of the Old Republic (x32)
Star Wars: Knights of the Old Republic II (x32)
Star Wars: The Force Unleashed 2 (x32 Version: 1.0)
Star Wars: The Old Republic (x32 Version: 1.00)
Status (x32 Version: 140.0.212.000)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
Team Fortress 2 (x32)
TeamSpeak 3 Client (HKCU Version: 3.0.9.2)
The Binding of Isaac (x32)
The Elder Scrolls V: Skyrim (x32)
The Lord of the Rings: War in the North (x32)
The Walking Dead (x32)
Toolbox (x32 Version: 140.0.428.000)
Total War: SHOGUN 2 (x32)
TrayApp (x32 Version: 140.0.212.000)
TSLRCM 1.8.1 (x32)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
War Thunder Launcher 1.0.1.246 (x32)
Warframe (x32)
WebReg (x32 Version: 140.0.212.017)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.11 (64-Bit) (Version: 4.11.0)
XCOM: Enemy Unknown (x32)
Zip Motion Block Video codec (Remove Only) (x32)

==================== Restore Points  =========================

08-07-2013 21:21:12 Geplanter Prüfpunkt
09-07-2013 10:59:06 Windows Modules Installer

==================== Hosts content: ==========================

2012-05-23 17:45 - 2013-04-21 23:08 - 00002799 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/rus/index.html
127.0.0.1 www.nero.com/rus/support.html
127.0.0.1 www.nero.com/rus/store-upgrade-center.html
127.0.0.1 www.nero.com/rus/store-volume-licensing.html
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html
127.0.0.1 support.nero.com
127.0.0.1 nero.net
127.0.0.1 nero.com
127.0.0.1 activate.nero.com
127.0.0.1 www.activate.nero.com
127.0.0.1 nero.de
127.0.0.1 activate.nero.de
127.0.0.1 www.activate.nero.de
127.0.0.1 zero.nero.net
127.0.0.1 cell.nero.net
127.0.0.1 heffiji.nero.net
127.0.0.1 limbo.nero.net
127.0.0.1 nero.net
127.0.0.1 netfoo.nero.net
127.0.0.1 ns2.nero.net
127.0.0.1 oemba.org

There are 13 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {063585B2-0D45-4C14-82E9-2A2B071F1090} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {52046DEE-717D-437B-A135-1BA97FFCB3E9} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {6932DC68-B7E6-45A7-8C76-F128CF6E4832} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.)
Task: {71C9F9D5-C5F0-4B1F-B06A-65B6E2991BD9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.)
Task: {909616F2-CC53-4F07-B6CD-8826CF207253} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {9A14A314-08A5-4885-8CF1-0C417CABC143} - System32\Tasks\Game_Booster_AutoUpdate => C:\***\Programme\Game Booster 3\AutoUpdate.exe No File
Task: {9B84B640-00D9-45EF-901B-57E439D29006} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {A395046B-8B68-4A6F-9FD7-AB244A41F35F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {B1A31320-69F6-44D0-81CA-0105BAB7A72B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {B3D6C90C-76E2-496F-84C5-1AF4C4509494} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\***\Programme\TuneUpUtilities\OneClick.exe No File
Task: {BB104867-A9E6-43A3-ADB2-1422B3F1AD72} - System32\Tasks\RealCreateProcessScheduledTask206794S-1-5-21-3461110047-3363698456-2598581639-1002 => C:\program files (x86)\real\realplayer\realplay.exe No File
Task: {D0D8D25B-D2A7-4F92-A0D9-610CF2168572} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {F6315600-8E80-43EF-B437-A0B2433FC0C2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F6A56299-0D0B-4207-A918-6E048D25B8E6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FEB38777-53A4-4ADC-9C40-84B5A5B42536} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2013 02:27:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 01:49:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 01:38:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 01:30:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 00:55:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 00:29:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 00:11:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2013 10:56:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2013 10:45:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2013 10:34:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/09/2013 02:29:14 PM) (Source: NetBT) (User: )
Description: Der Name "***-PC       :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.100
registriert werden. Der Computer mit IP-Adresse 192.168.2.103 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (07/09/2013 02:29:11 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/09/2013 02:29:11 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/09/2013 02:25:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 02:25:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:47:51 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/09/2013 01:47:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:47:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:37:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:37:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 8162.15 MB
Available physical RAM: 6083.45 MB
Total Pagefile: 8560.34 MB
Available Pagefile: 6402.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.8 GB) (Free:14.11 GB) NTFS (Disk=0 Partition=2)
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:262.68 GB) NTFS (Disk=1 Partition=1)
Drive e: (Volume) (Fixed) (Total:1763.01 GB) (Free:1752.97 GB) NTFS (Disk=2 Partition=1)
Drive f: (Systemabbild) (Fixed) (Total:100 GB) (Free:99.91 GB) NTFS (Disk=2 Partition=2)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 56 GB) (Disk ID: 5EDE2BD1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=56 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 8471AA3F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E514680D)
Partition 1: (Not Active) - (Size=-306000691200) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Geändert von iTelix (09.07.2013 um 15:31 Uhr)

Alt 09.07.2013, 16:55   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Kurz und knapp: Nee wurde er nicht.

Zitat:
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 Nero - Privacy
127.0.0.1 support.nero.com
127.0.0.1 nero.net
127.0.0.1 nero.com
127.0.0.1 activate.nero.com
127.0.0.1 www.activate.nero.com
127.0.0.1 nero.de
127.0.0.1 activate.nero.de
127.0.0.1 www.activate.nero.de
127.0.0.1 zero.nero.net
127.0.0.1 cell.nero.net
127.0.0.1 heffiji.nero.net
127.0.0.1 limbo.nero.net
127.0.0.1 nero.net
127.0.0.1 netfoo.nero.net
127.0.0.1 ns2.nero.net
geklaute Software ist für den Popo

deinstalliere alles von nero und eventuelle andere gecrackte Software, Cracks und co. Wenn ich noch was finde muss ich den Support einstellen.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 17:03   #5
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Also laut meiner Suchfunktion und laut meiner Programmübersicht besitze ich nichts von Nero .... Weder einfache Dateien noch installierte Programme.
Sonst wüsste ich auch nichts von anderen gecrackten Programmen...


Alt 09.07.2013, 17:11   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Du hast recht, hab nochmal geschaut

Aber die Einträge in der Host stammen von einem Crack. merkwürdig.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKCU\...\Command Processor: "C:\Users\***\AppData\Local\Temp\kyvhgctkakiuavpeb.exe" <======= ATTENTION
C:\Users\***\AppData\Local\Temp\kyvhgctkakiuavpeb.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


und ein frisches FRST Log bitte.
__________________
--> Ist der GVU Trojaner vollständig entfernt worden? (Windows7)

Alt 09.07.2013, 17:24   #7
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



So hier FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2013
Ran by *** (administrator) on 09-07-2013 18:17:32
Running from C:\Users\***\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TuneUp Software) D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesApp64.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Command Processor: "C:\Users\***\AppData\Local\Temp\kyvhgctkakiuavpeb.exe" <======= ATTENTION
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: []  [x]
IMEO\AcroRd32.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\adobe air application installer.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\extendscript toolkit.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hamachi-2-ui.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hpwucli.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\overwolflauncher.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\pdapp.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\switchboard.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\teamviewer.exe: [Debugger] "D:\***\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
SearchScopes: HKCU - {0BF262BC-E618-400C-B64B-1FD001F586DF} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {CAB8EA08-FEE6-49AA-8351-1ED690DCBB63} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=ebb6b3e5-3d0b-4bfc-aba5-9c5981911b24&apn_sauid=B63E8B57-CC20-4FC5-82AF-E729171E3613
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
S4 Hamachi2Svc; D:\***\Programme\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-03] ()
R2 TuneUp.UtilitiesSvc; D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-05-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
S3 NTIOLib_1_0_4; D:\***\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_4; D:\***\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; D:\***\Programme\TuneUpUtilities\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 MSI_MSIBIOS_010507; \??\D:\***\Programme\MSI\Live Update 5\msibios64_100507.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-09 18:14 - 2013-07-09 18:14 - 00000157 ____A C:\Users\***\Desktop\Fixlist.txt
2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\***\Desktop\logfiles.zip
2013-07-09 14:56 - 2013-07-09 14:23 - 00063559 ____A C:\Users\***\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\***\Desktop\gmer.log
2013-07-09 13:49 - 2013-07-09 13:33 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-09 13:46 - 2013-07-09 13:45 - 00108704 ____A C:\Users\***\Desktop\OTL.Txt
2013-07-09 13:46 - 2013-07-09 13:44 - 00147554 ____A C:\Users\***\Desktop\Extras.Txt
2013-07-09 13:46 - 2013-07-09 13:35 - 00000472 ____A C:\Users\***\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\***\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 07:12 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-07 21:37 - 2013-07-07 21:38 - 00000000 ____D C:\Users\***\AppData\Local\NPE
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\***\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\***\.recently-used.xbel
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\***\Desktop\Audacity.lnk
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:08 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-03 18:08 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-02 00:03 - 2013-07-02 00:13 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:03 - 2013-07-02 00:13 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Local\UWebKit
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\***\Documents\Klei
2013-06-26 19:00 - 2013-06-26 19:02 - 00000000 ____D C:\Users\***\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\***\AppData\Local\Arma 3
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\***\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:14 - 2013-06-24 19:34 - 00000000 ____D C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-21 20:23 - 1998-06-18 00:00 - 00089360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 21:00 - 2013-06-17 00:27 - 00000000 ____D C:\Users\***\Documents\dragoon
2013-06-16 20:59 - 2013-06-30 18:25 - 00101440 ____A C:\Windows\DirectX.log
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 19:52 - 2013-06-26 19:00 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-15 19:42 - 2013-07-08 20:54 - 00019310 ____A C:\Windows\PFRO.log
2013-06-12 14:30 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 14:30 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 14:30 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 14:30 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 14:30 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 14:30 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 14:30 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 14:30 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 14:30 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 14:30 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 14:30 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 14:30 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 14:30 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:28 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:28 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:28 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:28 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:28 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 14:28 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 14:28 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:24 - 2013-07-09 14:25 - 00004043 ____A C:\Windows\setupact.log
2013-06-09 11:24 - 2013-07-03 13:37 - 00075080 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-09 11:24 - 2013-07-03 13:36 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-06-09 01:16 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-06-09 01:16 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-06-09 01:16 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

==================== One Month Modified Files and Folders =======

2013-07-09 18:14 - 2013-07-09 18:14 - 00000157 ____A C:\Users\***\Desktop\Fixlist.txt
2013-07-09 17:52 - 2012-02-10 20:50 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-07-09 17:28 - 2012-04-02 14:48 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 15:23 - 2012-01-30 11:31 - 01067544 ____A C:\Windows\WindowsUpdate.log
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\***\Desktop\logfiles.zip
2013-07-09 14:33 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:33 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:30 - 2011-04-12 09:43 - 00707462 ____A C:\Windows\System32\perfh007.dat
2013-07-09 14:30 - 2011-04-12 09:43 - 00153054 ____A C:\Windows\System32\perfc007.dat
2013-07-09 14:30 - 2009-07-14 07:13 - 01642812 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-09 14:25 - 2013-06-09 11:24 - 00004043 ____A C:\Windows\setupact.log
2013-07-09 14:25 - 2012-05-28 16:43 - 00000374 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-09 14:25 - 2012-01-31 04:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-09 14:25 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-09 14:23 - 2013-07-09 14:56 - 00063559 ____A C:\Users\***\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\***\Desktop\gmer.log
2013-07-09 13:45 - 2013-07-09 13:46 - 00108704 ____A C:\Users\***\Desktop\OTL.Txt
2013-07-09 13:44 - 2013-07-09 13:46 - 00147554 ____A C:\Users\***\Desktop\Extras.Txt
2013-07-09 13:35 - 2013-07-09 13:46 - 00000472 ____A C:\Users\***\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-09 13:35 - 2012-02-10 20:12 - 00000000 ____D C:\users\***
2013-07-09 13:33 - 2013-07-09 13:49 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-09 12:59 - 2012-01-30 11:23 - 00000000 ____D C:\Windows\Panther
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\***\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 00:39 - 2009-07-14 04:34 - 00524288 ____A C:\Windows\System32\config\DEFAULT.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SAM.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 68943872 ____A C:\Windows\System32\config\SOFTWARE.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 23330816 ____A C:\Windows\System32\config\SYSTEM.bak
2013-07-08 22:08 - 2013-03-01 17:46 - 00000000 ____D C:\Users\***\AppData\Roaming\.minecraft
2013-07-08 20:54 - 2013-06-15 19:42 - 00019310 ____A C:\Windows\PFRO.log
2013-07-08 19:49 - 2012-05-26 15:56 - 00007649 ____A C:\Users\***\AppData\Local\Resmon.ResmonCfg
2013-07-08 16:02 - 2013-05-12 20:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-07 21:38 - 2013-07-07 21:37 - 00000000 ____D C:\Users\***\AppData\Local\NPE
2013-07-07 21:38 - 2012-09-09 16:24 - 00000000 ____D C:\ProgramData\Norton
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-07 18:06 - 2012-02-10 23:59 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-07 00:25 - 2012-02-11 01:25 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-07 00:25 - 2012-02-11 01:12 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-07 00:25 - 2012-02-11 01:12 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-06 14:54 - 2012-02-12 00:29 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\***\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\***\.recently-used.xbel
2013-07-04 00:31 - 2012-03-10 18:07 - 00000000 ____D C:\Users\***\AppData\Roaming\gtk-2.0
2013-07-04 00:31 - 2012-03-10 18:03 - 00000000 ____D C:\Users\***\.gimp-2.6
2013-07-03 20:59 - 2012-08-31 23:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Audacity
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\***\Desktop\Audacity.lnk
2013-07-03 18:15 - 2013-03-19 20:56 - 00000000 ____D C:\Users\***\AppData\Local\LogMeIn Hamachi
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:09 - 2012-01-31 04:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-03 13:37 - 2013-06-09 11:24 - 00075080 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 13:36 - 2013-06-09 11:24 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-02 00:13 - 2013-07-02 00:03 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:13 - 2013-07-02 00:03 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-01 14:59 - 2012-11-23 18:41 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\***\AppData\Local\UWebKit
2013-07-01 13:07 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\***\Documents\Klei
2013-06-30 18:25 - 2013-06-16 20:59 - 00101440 ____A C:\Windows\DirectX.log
2013-06-26 19:02 - 2013-06-26 19:00 - 00000000 ____D C:\Users\***\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\***\AppData\Local\Arma 3
2013-06-26 19:00 - 2013-06-15 19:52 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\***\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:34 - 2013-06-24 19:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-22 02:24 - 2012-02-10 22:46 - 00000000 ____D C:\Users\***\AppData\Roaming\HpUpdate
2013-06-21 20:26 - 2012-01-30 11:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-21 14:06 - 2013-07-03 18:08 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-03 18:08 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-06 20:05 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2012-08-21 21:16 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2012-02-24 20:53 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2012-01-31 04:02 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2012-01-31 04:02 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 12:23 - 2013-02-08 14:22 - 00002501 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-06-20 12:23 - 2012-09-09 16:24 - 00000000 ____D C:\Windows\System32\Drivers\NISx64
2013-06-20 06:17 - 2012-02-24 20:55 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-19 13:02 - 2012-09-09 16:24 - 00177312 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2013-06-19 13:02 - 2012-09-09 16:24 - 00007631 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2013-06-17 00:27 - 2013-06-16 21:00 - 00000000 ____D C:\Users\***\Documents\dragoon
2013-06-16 21:13 - 2012-02-11 01:25 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-16 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-16 00:18 - 2013-02-09 15:51 - 00000000 ____D C:\ProgramData\WarThunder
2013-06-16 00:17 - 2012-08-22 18:07 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-15 22:06 - 2012-02-11 23:22 - 00000000 ____D C:\ProgramData\Adobe
2013-06-15 22:05 - 2012-02-12 00:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-06-15 22:05 - 2012-02-11 23:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-15 22:03 - 2012-02-10 20:30 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 21:55 - 2012-02-11 03:33 - 00000000 ____D C:\Users\***\Documents\My Games
2013-06-15 19:52 - 2013-03-28 00:08 - 00000000 ____D C:\Users\***\AppData\Local\Arma 3 Alpha
2013-06-15 19:40 - 2012-06-23 22:20 - 00000000 ____D C:\Users\***\AppData\Local\ArmA 2 OA
2013-06-15 09:19 - 2012-02-11 23:22 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-06-13 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 18:28 - 2012-04-02 14:48 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:28 - 2012-02-10 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 16:23 - 2012-12-16 23:22 - 01619770 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-12 14:29 - 2012-02-11 11:39 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 23:40 - 2012-03-10 18:05 - 00000000 ____D C:\Users\***\.thumbnails
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 11:24 - 2013-02-23 20:37 - 00001120 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA.job
2013-06-09 11:24 - 2013-02-23 20:37 - 00001068 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core.job
2013-06-09 01:20 - 2013-05-25 00:08 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-08 23:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Und addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2013
Ran by *** at 2013-07-09 18:17:48
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 3.3.0.3670)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
AION Free-to-Play Version 1.0 (x32 Version: 1.0)
Alan Wake (x32)
Alan Wake's American Nightmare (x32)
Alien Swarm (x32)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Fuel (Version: 2012.0704.2139.36919)
ANNO 2070 (x32 Version: 1.0.0.0)
ARMA 2 (x32)
Arma 2: DayZ Mod (x32)
ARMA 2: Operation Arrowhead (x32)
Arma 3 Alpha (x32)
Ask Toolbar (x32 Version: 1.14.1.0)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.4.7.0)
Assassin's Creed(R) III v1.05 (x32 Version: 1.05)
Audacity 2.0.3 (x32 Version: 2.0.3)
Audials (x32 Version: 8.0.54900.0)
Audials TV (x32 Version: 1.3.10803.300)
Bandisoft MPEG-1 Decoder (x32)
Battlefield 1942™ (x32 Version: 1.6.20.0)
Battlefield 3™ (x32 Version: 1.4.0.0)
Battlefront Extreme 2.2 (x32)
BattlEye for OA Uninstall (x32)
Borderlands (x32)
Borderlands 2 (x32)
BufferChm (x32 Version: 140.0.212.000)
CANYON USB PC CAMERA (x32 Version: 1.0.20)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0704.2139.36919)
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.2139.36919)
Catalyst Control Center Localization All (x32 Version: 2012.0704.2139.36919)
CCC Help Chinese Standard (x32 Version: 2012.0704.2138.36919)
CCC Help Chinese Traditional (x32 Version: 2012.0704.2138.36919)
CCC Help Czech (x32 Version: 2012.0704.2138.36919)
CCC Help Danish (x32 Version: 2012.0704.2138.36919)
CCC Help Dutch (x32 Version: 2012.0704.2138.36919)
CCC Help English (x32 Version: 2012.0704.2138.36919)
CCC Help Finnish (x32 Version: 2012.0704.2138.36919)
CCC Help French (x32 Version: 2012.0704.2138.36919)
CCC Help German (x32 Version: 2012.0704.2138.36919)
CCC Help Greek (x32 Version: 2012.0704.2138.36919)
CCC Help Hungarian (x32 Version: 2012.0704.2138.36919)
CCC Help Italian (x32 Version: 2012.0704.2138.36919)
CCC Help Japanese (x32 Version: 2012.0704.2138.36919)
CCC Help Korean (x32 Version: 2012.0704.2138.36919)
CCC Help Norwegian (x32 Version: 2012.0704.2138.36919)
CCC Help Polish (x32 Version: 2012.0704.2138.36919)
CCC Help Portuguese (x32 Version: 2012.0704.2138.36919)
CCC Help Russian (x32 Version: 2012.0704.2138.36919)
CCC Help Spanish (x32 Version: 2012.0704.2138.36919)
CCC Help Swedish (x32 Version: 2012.0704.2138.36919)
CCC Help Thai (x32 Version: 2012.0704.2138.36919)
CCC Help Turkish (x32 Version: 2012.0704.2138.36919)
ccc-utility64 (Version: 2012.0704.2139.36919)
Command & Conquer 3 Tiberium Wars™ (x32 Version: 1.0.0.0)
Copy (x32 Version: 140.0.212.000)
Crysis (x32)
Crysis 2 Maximum Edition (x32)
Crysis Warhead (x32)
Darth Vader Theme Win7 (x32)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000)
Don't Starve (x32)
Dota 2 (x32)
Dragon's Prophet (x32 Version: 1.0.1087.10)
EA Shared Game Component: Activation (x32 Version: 2.2.0)
EA Shared Game Component: Activation (x32 Version: 2.2.0.62)
Empire: Total War (x32)
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
Euro Truck Simulator 2 (x32 Version: 1.1.1)
F4500 (x32 Version: 140.0.690.000)
Far Cry 3 (x32 Version: 1.05)
FormatFactory 2.90 (x32 Version: 2.90)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
Galactic Civilizations II: Ultimate Edition (x32)
Gameforge Live 1.0 "Legend" (x32 Version: 1.1.1724)
GameSpy Comrade (x32 Version: 1.5.0.156)
Geeks3D.com FurMark 1.9.0 (x32)
GIMP 2.6.8
Google Talk Plugin (x32 Version: 3.19.1.13088)
GPBaseService2 (x32 Version: 140.0.211.000)
GPL Ghostscript (x32 Version: 9.05)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
Guild Wars 2 (x32)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Product Detection (x32 Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.003.001.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
HPSSupply (x32 Version: 140.0.211.000)
Imaging Device Functions 14.0 (Version: 14.0)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (x32 Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.0)
JDownloader 0.9 (x32 Version: 0.9)
Kalydo Player 5.00.01 (HKCU Version: 5.00.01)
League of Legends (x32 Version: 1.3)
Live Update 5 (x32 Version: 5.0.099)
Logitech Gaming Software (Version: 8.35.18)
Logitech Gaming Software 8.35 (Version: 8.35.18)
Logitech SetPoint 6.32 (Version: 6.32.20)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mango Skin Pack 2.0-X86 (x32 Version: 2.0-X86)
March of War (x32)
MarketResearch (x32 Version: 140.0.212.000)
Mass Effect (x32 Version: 1.00)
Mass Effect 2 (x32 Version: 1.2.1604.0)
Mass Effect™ 3 (x32 Version: 1.05.0.0)
Metro 2033 (x32)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Minecraft Texturepack Editor (x32)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Napoleon: Total War (x32)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Norton Internet Security (x32 Version: 20.4.0.40)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
Opera 12.16 (x32 Version: 12.16.1860)
Origin (x32 Version: 8.5.0.4518)
Pando Media Booster (x32 Version: 2.6.0.6)
PlanetSide 2 (x32)
PSPad editor (x32)
PunkBuster Services (x32 Version: 0.993)
PxMergeModule (x32 Version: 1.00.0000)
RCRN v3.6 - Steam Workshop Optimized (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.53.216.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
RealWorld Change Cursor (Version: 2.0.0)
Republic at War 1.1.5 (x32 Version: 1.1.5)
Republic at War 1.1.5 Deutsch (x32 Version: 1.1.5)
Runes of Magic (x32 Version: 5.0.5.2592)
RunesOfMagic (HKCU Version: 5.00.10.2634)
Scan (x32 Version: 140.0.80.000)
Shop for HP Supplies (Version: 14.0)
Sid Meier's Civilization V (x32)
SimCity™ (x32 Version: 1.0.0.0)
SimCity™ Closed Beta (x32 Version: 1.0.0.0)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.107)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.213.000)
Sonic Adventure™ 2  (x32)
Star Trek Online (x32)
Star Wars - Battlefront II (x32)
Star Wars Empire at War (x32 Version: 1.0)
Star Wars Empire at War Forces of Corruption (x32 Version: 1.0)
Star Wars: Knights of the Old Republic (x32)
Star Wars: Knights of the Old Republic II (x32)
Star Wars: The Force Unleashed 2 (x32 Version: 1.0)
Star Wars: The Old Republic (x32 Version: 1.00)
Status (x32 Version: 140.0.212.000)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
Team Fortress 2 (x32)
TeamSpeak 3 Client (HKCU Version: 3.0.9.2)
The Binding of Isaac (x32)
The Elder Scrolls V: Skyrim (x32)
The Lord of the Rings: War in the North (x32)
The Walking Dead (x32)
Toolbox (x32 Version: 140.0.428.000)
Total War: SHOGUN 2 (x32)
TrayApp (x32 Version: 140.0.212.000)
TSLRCM 1.8.1 (x32)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
War Thunder Launcher 1.0.1.246 (x32)
Warframe (x32)
WebReg (x32 Version: 140.0.212.017)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.11 (64-Bit) (Version: 4.11.0)
XCOM: Enemy Unknown (x32)
Zip Motion Block Video codec (Remove Only) (x32)

==================== Restore Points  =========================

08-07-2013 21:21:12 Geplanter Prüfpunkt
09-07-2013 10:59:06 Windows Modules Installer

==================== Hosts content: ==========================

2012-05-23 17:45 - 2013-04-21 23:08 - 00002799 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/rus/index.html
127.0.0.1 www.nero.com/rus/support.html
127.0.0.1 www.nero.com/rus/store-upgrade-center.html
127.0.0.1 www.nero.com/rus/store-volume-licensing.html
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html
127.0.0.1 support.nero.com
127.0.0.1 nero.net
127.0.0.1 nero.com
127.0.0.1 activate.nero.com
127.0.0.1 www.activate.nero.com
127.0.0.1 nero.de
127.0.0.1 activate.nero.de
127.0.0.1 www.activate.nero.de
127.0.0.1 zero.nero.net
127.0.0.1 cell.nero.net
127.0.0.1 heffiji.nero.net
127.0.0.1 limbo.nero.net
127.0.0.1 nero.net
127.0.0.1 netfoo.nero.net
127.0.0.1 ns2.nero.net
127.0.0.1 oemba.org

There are 13 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {063585B2-0D45-4C14-82E9-2A2B071F1090} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {52046DEE-717D-437B-A135-1BA97FFCB3E9} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {6932DC68-B7E6-45A7-8C76-F128CF6E4832} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.)
Task: {71C9F9D5-C5F0-4B1F-B06A-65B6E2991BD9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.)
Task: {909616F2-CC53-4F07-B6CD-8826CF207253} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {9A14A314-08A5-4885-8CF1-0C417CABC143} - System32\Tasks\Game_Booster_AutoUpdate => C:\***\Programme\Game Booster 3\AutoUpdate.exe No File
Task: {9B84B640-00D9-45EF-901B-57E439D29006} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {A395046B-8B68-4A6F-9FD7-AB244A41F35F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {B1A31320-69F6-44D0-81CA-0105BAB7A72B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {B3D6C90C-76E2-496F-84C5-1AF4C4509494} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\***\Programme\TuneUpUtilities\OneClick.exe No File
Task: {BB104867-A9E6-43A3-ADB2-1422B3F1AD72} - System32\Tasks\RealCreateProcessScheduledTask206794S-1-5-21-3461110047-3363698456-2598581639-1002 => C:\program files (x86)\real\realplayer\realplay.exe No File
Task: {D0D8D25B-D2A7-4F92-A0D9-610CF2168572} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3461110047-3363698456-2598581639-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {F6315600-8E80-43EF-B437-A0B2433FC0C2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F6A56299-0D0B-4207-A918-6E048D25B8E6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FEB38777-53A4-4ADC-9C40-84B5A5B42536} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2013 02:27:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 01:49:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 01:38:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 01:30:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 00:55:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 00:29:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2013 00:11:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2013 10:56:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2013 10:45:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2013 10:34:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/09/2013 02:29:14 PM) (Source: NetBT) (User: )
Description: Der Name "***-PC       :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.100
registriert werden. Der Computer mit IP-Adresse 192.168.2.103 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (07/09/2013 02:29:11 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/09/2013 02:29:11 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/09/2013 02:25:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 02:25:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:47:51 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/09/2013 01:47:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:47:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:37:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/09/2013 01:37:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8162.15 MB
Available physical RAM: 5769.74 MB
Total Pagefile: 8560.34 MB
Available Pagefile: 6143.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.8 GB) (Free:13.71 GB) NTFS (Disk=0 Partition=2)
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:267.98 GB) NTFS (Disk=1 Partition=1)
Drive e: (Volume) (Fixed) (Total:1763.01 GB) (Free:1752.97 GB) NTFS (Disk=2 Partition=1)
Drive f: (Systemabbild) (Fixed) (Total:100 GB) (Free:99.91 GB) NTFS (Disk=2 Partition=2)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 56 GB) (Disk ID: 5EDE2BD1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=56 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 8471AA3F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E514680D)
Partition 1: (Not Active) - (Size=-306000691200) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Hier die Fixlog.txt:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-07-2013
Ran by Felix at 2013-07-09 18:23:43 Run:2
Running from C:\Users\Felix\Desktop
Boot Mode: Normal
==============================================

HKCU\Software\Microsoft\Command Processor\\AutoRun => Value not found.
"C:\Users\Felix\AppData\Local\Temp\kyvhgctkakiuavpeb.exe" => File/Directory not found.

==== End of Fixlog ====
         
Oh halt. Sollte ich den Scan davor oder danach machen? ^^

Geändert von iTelix (09.07.2013 um 17:30 Uhr)

Alt 09.07.2013, 17:32   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



danach
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 17:33   #9
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Aber jetzt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2013
Ran by Felix (administrator) on 09-07-2013 18:32:54
Running from C:\Users\Felix\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TuneUp Software) D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesApp64.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: []  [x]
IMEO\AcroRd32.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\adobe air application installer.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\extendscript toolkit.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hamachi-2-ui.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hpwucli.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\overwolflauncher.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\pdapp.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\switchboard.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\teamviewer.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
SearchScopes: HKCU - {0BF262BC-E618-400C-B64B-1FD001F586DF} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {CAB8EA08-FEE6-49AA-8351-1ED690DCBB63} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=ebb6b3e5-3d0b-4bfc-aba5-9c5981911b24&apn_sauid=B63E8B57-CC20-4FC5-82AF-E729171E3613
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
S4 Hamachi2Svc; D:\Felix\Programme\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-03] ()
R2 TuneUp.UtilitiesSvc; D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-05-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
S3 NTIOLib_1_0_4; D:\Felix\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_4; D:\Felix\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 MSI_MSIBIOS_010507; \??\D:\Felix\Programme\MSI\Live Update 5\msibios64_100507.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-09 18:17 - 2013-07-09 18:17 - 00025129 ____A C:\Users\Felix\Desktop\Addition.txt
2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\Felix\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\Felix\Desktop\logfiles.zip
2013-07-09 14:56 - 2013-07-09 14:23 - 00063559 ____A C:\Users\Felix\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\Felix\Desktop\gmer.log
2013-07-09 13:49 - 2013-07-09 13:33 - 00377856 ____A C:\Users\Felix\Desktop\gmer_2.1.19163.exe
2013-07-09 13:46 - 2013-07-09 13:45 - 00108704 ____A C:\Users\Felix\Desktop\OTL.Txt
2013-07-09 13:46 - 2013-07-09 13:44 - 00147554 ____A C:\Users\Felix\Desktop\Extras.Txt
2013-07-09 13:46 - 2013-07-09 13:35 - 00000472 ____A C:\Users\Felix\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\Felix\defogger_reenable
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\Felix\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 07:12 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-07 21:37 - 2013-07-07 21:38 - 00000000 ____D C:\Users\Felix\AppData\Local\NPE
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\Felix\AppData\Local\Mozilla
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\Felix\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\Felix\.recently-used.xbel
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\Felix\Desktop\Audacity.lnk
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:08 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-03 18:08 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-02 00:03 - 2013-07-02 00:13 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:03 - 2013-07-02 00:13 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Local\UWebKit
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\Felix\Documents\Klei
2013-06-26 19:00 - 2013-06-26 19:02 - 00000000 ____D C:\Users\Felix\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\Felix\AppData\Local\Arma 3
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\Felix\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:14 - 2013-06-24 19:34 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-21 20:23 - 1998-06-18 00:00 - 00089360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 21:00 - 2013-06-17 00:27 - 00000000 ____D C:\Users\Felix\Documents\dragoon
2013-06-16 20:59 - 2013-06-30 18:25 - 00101440 ____A C:\Windows\DirectX.log
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 19:52 - 2013-06-26 19:00 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-15 19:42 - 2013-07-08 20:54 - 00019310 ____A C:\Windows\PFRO.log
2013-06-12 14:30 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 14:30 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 14:30 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 14:30 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 14:30 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 14:30 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 14:30 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 14:30 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 14:30 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 14:30 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 14:30 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 14:30 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 14:30 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:28 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:28 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:28 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:28 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:28 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 14:28 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 14:28 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:24 - 2013-07-09 14:25 - 00004043 ____A C:\Windows\setupact.log
2013-06-09 11:24 - 2013-07-03 13:37 - 00075080 ____A C:\Users\Felix\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-09 11:24 - 2013-07-03 13:36 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-06-09 01:16 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-06-09 01:16 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-06-09 01:16 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

==================== One Month Modified Files and Folders =======

2013-07-09 18:28 - 2012-04-02 14:48 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 18:27 - 2012-02-10 20:50 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Skype
2013-07-09 18:17 - 2013-07-09 18:17 - 00025129 ____A C:\Users\Felix\Desktop\Addition.txt
2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 15:23 - 2012-01-30 11:31 - 01067544 ____A C:\Windows\WindowsUpdate.log
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\Felix\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\Felix\Desktop\logfiles.zip
2013-07-09 14:33 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:33 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:30 - 2011-04-12 09:43 - 00707462 ____A C:\Windows\System32\perfh007.dat
2013-07-09 14:30 - 2011-04-12 09:43 - 00153054 ____A C:\Windows\System32\perfc007.dat
2013-07-09 14:30 - 2009-07-14 07:13 - 01642812 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-09 14:25 - 2013-06-09 11:24 - 00004043 ____A C:\Windows\setupact.log
2013-07-09 14:25 - 2012-05-28 16:43 - 00000374 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-09 14:25 - 2012-01-31 04:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-09 14:25 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-09 14:23 - 2013-07-09 14:56 - 00063559 ____A C:\Users\Felix\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\Felix\Desktop\gmer.log
2013-07-09 13:45 - 2013-07-09 13:46 - 00108704 ____A C:\Users\Felix\Desktop\OTL.Txt
2013-07-09 13:44 - 2013-07-09 13:46 - 00147554 ____A C:\Users\Felix\Desktop\Extras.Txt
2013-07-09 13:35 - 2013-07-09 13:46 - 00000472 ____A C:\Users\Felix\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\Felix\defogger_reenable
2013-07-09 13:35 - 2012-02-10 20:12 - 00000000 ____D C:\users\Felix
2013-07-09 13:33 - 2013-07-09 13:49 - 00377856 ____A C:\Users\Felix\Desktop\gmer_2.1.19163.exe
2013-07-09 12:59 - 2012-01-30 11:23 - 00000000 ____D C:\Windows\Panther
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\Felix\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 00:39 - 2009-07-14 04:34 - 00524288 ____A C:\Windows\System32\config\DEFAULT.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SAM.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 68943872 ____A C:\Windows\System32\config\SOFTWARE.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 23330816 ____A C:\Windows\System32\config\SYSTEM.bak
2013-07-08 22:08 - 2013-03-01 17:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.minecraft
2013-07-08 20:54 - 2013-06-15 19:42 - 00019310 ____A C:\Windows\PFRO.log
2013-07-08 19:49 - 2012-05-26 15:56 - 00007649 ____A C:\Users\Felix\AppData\Local\Resmon.ResmonCfg
2013-07-08 16:02 - 2013-05-12 20:48 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Mozilla
2013-07-07 21:38 - 2013-07-07 21:37 - 00000000 ____D C:\Users\Felix\AppData\Local\NPE
2013-07-07 21:38 - 2012-09-09 16:24 - 00000000 ____D C:\ProgramData\Norton
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\Felix\AppData\Local\Mozilla
2013-07-07 18:06 - 2012-02-10 23:59 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-07 00:25 - 2012-02-11 01:25 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-07 00:25 - 2012-02-11 01:12 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-07 00:25 - 2012-02-11 01:12 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-06 14:54 - 2012-02-12 00:29 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\Felix\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\Felix\.recently-used.xbel
2013-07-04 00:31 - 2012-03-10 18:07 - 00000000 ____D C:\Users\Felix\AppData\Roaming\gtk-2.0
2013-07-04 00:31 - 2012-03-10 18:03 - 00000000 ____D C:\Users\Felix\.gimp-2.6
2013-07-03 20:59 - 2012-08-31 23:01 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Audacity
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\Felix\Desktop\Audacity.lnk
2013-07-03 18:15 - 2013-03-19 20:56 - 00000000 ____D C:\Users\Felix\AppData\Local\LogMeIn Hamachi
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:09 - 2012-01-31 04:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-03 13:37 - 2013-06-09 11:24 - 00075080 ____A C:\Users\Felix\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 13:36 - 2013-06-09 11:24 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-02 00:13 - 2013-07-02 00:03 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:13 - 2013-07-02 00:03 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-01 14:59 - 2012-11-23 18:41 - 00000000 ____D C:\Users\Felix\AppData\Local\CrashDumps
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Local\UWebKit
2013-07-01 13:07 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\Felix\Documents\Klei
2013-06-30 18:25 - 2013-06-16 20:59 - 00101440 ____A C:\Windows\DirectX.log
2013-06-26 19:02 - 2013-06-26 19:00 - 00000000 ____D C:\Users\Felix\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\Felix\AppData\Local\Arma 3
2013-06-26 19:00 - 2013-06-15 19:52 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\Felix\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:34 - 2013-06-24 19:14 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-22 02:24 - 2012-02-10 22:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\HpUpdate
2013-06-21 20:26 - 2012-01-30 11:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-21 14:06 - 2013-07-03 18:08 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-03 18:08 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-06 20:05 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2012-08-21 21:16 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2012-02-24 20:53 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2012-01-31 04:02 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2012-01-31 04:02 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 12:23 - 2013-02-08 14:22 - 00002501 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-06-20 12:23 - 2012-09-09 16:24 - 00000000 ____D C:\Windows\System32\Drivers\NISx64
2013-06-20 06:17 - 2012-02-24 20:55 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-19 13:02 - 2012-09-09 16:24 - 00177312 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2013-06-19 13:02 - 2012-09-09 16:24 - 00007631 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2013-06-17 00:27 - 2013-06-16 21:00 - 00000000 ____D C:\Users\Felix\Documents\dragoon
2013-06-16 21:13 - 2012-02-11 01:25 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-16 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-16 00:18 - 2013-02-09 15:51 - 00000000 ____D C:\ProgramData\WarThunder
2013-06-16 00:17 - 2012-08-22 18:07 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-15 22:06 - 2012-02-11 23:22 - 00000000 ____D C:\ProgramData\Adobe
2013-06-15 22:05 - 2012-02-12 00:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-06-15 22:05 - 2012-02-11 23:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-15 22:03 - 2012-02-10 20:30 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Adobe
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 21:55 - 2012-02-11 03:33 - 00000000 ____D C:\Users\Felix\Documents\My Games
2013-06-15 19:52 - 2013-03-28 00:08 - 00000000 ____D C:\Users\Felix\AppData\Local\Arma 3 Alpha
2013-06-15 19:40 - 2012-06-23 22:20 - 00000000 ____D C:\Users\Felix\AppData\Local\ArmA 2 OA
2013-06-15 09:19 - 2012-02-11 23:22 - 00000000 ____D C:\Users\Felix\AppData\Local\Adobe
2013-06-13 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 18:28 - 2012-04-02 14:48 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:28 - 2012-02-10 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 16:23 - 2012-12-16 23:22 - 01619770 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-12 14:29 - 2012-02-11 11:39 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 23:40 - 2012-03-10 18:05 - 00000000 ____D C:\Users\Felix\.thumbnails
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 11:24 - 2013-02-23 20:37 - 00001120 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA.job
2013-06-09 11:24 - 2013-02-23 20:37 - 00001068 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core.job
2013-06-09 01:20 - 2013-05-25 00:08 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-08 23:14

==================== End Of Log ============================
         
--- --- ---

Alt 09.07.2013, 17:37   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 17:43   #11
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Also, ich soll die Programme in dieser Reihenfolge ausführen? Und gilt das mit der Schutzsoftware für JunkRemoval oder adwcleaner?
Danke für die Antwort

Alt 09.07.2013, 17:43   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Bei jedem Tool. Und ja, der Reihe nach und Logs zusammen posten wenn Du komplett durch bist
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 19:46   #13
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Sooo....
AdwCleaner:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 09/07/2013 um 18:52:29 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Felix - FELIX-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Felix\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\user.js
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Users\Felix\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Felix\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Felix\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Felix\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Felix\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848 --> hxxp://www.google.com

-\\ Opera v12.16.1860.0

Datei : C:\Users\Felix\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [5843 octets] - [09/07/2013 18:52:29]

########## EOF - C:\AdwCleaner[S1].txt - [5903 octets] ##########
         
Junkware:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.2 (07.09.2013:1)
OS: Windows 7 Professional x64
Ran by Felix on 09.07.2013 at 18:57:28,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0BF262BC-E618-400C-B64B-1FD001F586DF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CAB8EA08-FEE6-49AA-8351-1ED690DCBB63}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.07.2013 at 19:02:06,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d2dd50b9ed2c2b48888f0136ca3feef4
# engine=14331
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-09 06:35:13
# local_time=2013-07-09 08:35:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 543510 135991498 0 0
# compatibility_mode=5893 16776574 100 94 26333957 125024763 0 0
# scanned=426583
# found=0
# cleaned=0
# scan_time=5399
         
Security Check:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.68  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 7  
 Java version out of Date! 
 Adobe Flash Player 11.7.700.224  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Und erneut FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2013
Ran by Felix (administrator) on 09-07-2013 20:42:18
Running from C:\Users\Felix\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TuneUp Software) D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesApp64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: []  [x]
IMEO\AcroRd32.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\adobe air application installer.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\extendscript toolkit.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hamachi-2-ui.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\hpwucli.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\overwolflauncher.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\pdapp.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\switchboard.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
IMEO\teamviewer.exe: [Debugger] "D:\Felix\Programme\TuneUpUtilities\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
S4 Hamachi2Svc; D:\Felix\Programme\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-03] ()
R2 TuneUp.UtilitiesSvc; D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-05-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130706.002\IDSvia64.sys [513184 2013-04-30] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130709.002\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
S3 NTIOLib_1_0_4; D:\Felix\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_4; D:\Felix\Programme\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7693v180\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; D:\Felix\Programme\TuneUpUtilities\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 MSI_MSIBIOS_010507; \??\D:\Felix\Programme\MSI\Live Update 5\msibios64_100507.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-09 20:42 - 2013-07-09 20:42 - 00001211 ____A C:\Users\Felix\Desktop\checkup.txt
2013-07-09 19:04 - 2013-07-09 20:35 - 00000720 ____A C:\Users\Felix\Desktop\eset.txt
2013-07-09 19:02 - 2013-07-09 19:02 - 00001047 ____A C:\Users\Felix\Desktop\JRT.txt
2013-07-09 18:57 - 2013-07-09 18:57 - 00000000 ____D C:\Windows\ERUNT
2013-07-09 18:55 - 2013-07-09 18:55 - 02347384 ____A (ESET) C:\Users\Felix\Desktop\esetsmartinstaller_enu.exe
2013-07-09 18:55 - 2013-07-09 18:55 - 00890988 ____A C:\Users\Felix\Desktop\SecurityCheck.exe
2013-07-09 18:55 - 2013-07-09 18:55 - 00552389 ____A (Oleg N. Scherbakov) C:\Users\Felix\Desktop\JRT.exe
2013-07-09 18:52 - 2013-07-09 18:52 - 00005960 ____A C:\Users\Felix\Desktop\AdwCleaner[S1].txt
2013-07-09 18:39 - 2013-07-09 18:39 - 00650027 ____A C:\Users\Felix\Desktop\adwcleaner.exe
2013-07-09 18:17 - 2013-07-09 18:17 - 00025129 ____A C:\Users\Felix\Desktop\Addition.txt
2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\Felix\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\Felix\Desktop\logfiles.zip
2013-07-09 14:56 - 2013-07-09 14:23 - 00063559 ____A C:\Users\Felix\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\Felix\Desktop\gmer.log
2013-07-09 13:49 - 2013-07-09 13:33 - 00377856 ____A C:\Users\Felix\Desktop\gmer_2.1.19163.exe
2013-07-09 13:46 - 2013-07-09 13:45 - 00108704 ____A C:\Users\Felix\Desktop\OTL.Txt
2013-07-09 13:46 - 2013-07-09 13:44 - 00147554 ____A C:\Users\Felix\Desktop\Extras.Txt
2013-07-09 13:46 - 2013-07-09 13:35 - 00000472 ____A C:\Users\Felix\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\Felix\defogger_reenable
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\Felix\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 07:12 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-07 21:37 - 2013-07-07 21:38 - 00000000 ____D C:\Users\Felix\AppData\Local\NPE
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\Felix\AppData\Local\Mozilla
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\Felix\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\Felix\.recently-used.xbel
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\Felix\Desktop\Audacity.lnk
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:08 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-03 18:08 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-03 18:08 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-02 00:03 - 2013-07-02 00:13 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:03 - 2013-07-02 00:13 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Local\UWebKit
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\Felix\Documents\Klei
2013-06-26 19:00 - 2013-06-26 19:02 - 00000000 ____D C:\Users\Felix\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\Felix\AppData\Local\Arma 3
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\Felix\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:14 - 2013-06-24 19:34 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-21 20:23 - 1998-06-18 00:00 - 00089360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 21:00 - 2013-06-17 00:27 - 00000000 ____D C:\Users\Felix\Documents\dragoon
2013-06-16 20:59 - 2013-06-30 18:25 - 00101440 ____A C:\Windows\DirectX.log
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 19:52 - 2013-06-26 19:00 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-15 19:42 - 2013-07-09 20:39 - 00020136 ____A C:\Windows\PFRO.log
2013-06-12 14:30 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 14:30 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 14:30 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 14:30 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 14:30 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 14:30 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 14:30 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 14:30 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 14:30 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 14:30 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 14:30 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 14:30 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 14:30 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 14:30 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 14:30 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 14:30 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 14:30 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 14:30 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 14:30 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 14:30 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 14:30 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 14:30 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:28 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:28 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:28 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:28 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:28 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:28 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:28 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:28 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 14:28 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 14:28 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 14:28 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:24 - 2013-07-09 20:39 - 00004155 ____A C:\Windows\setupact.log
2013-06-09 11:24 - 2013-07-03 13:37 - 00075080 ____A C:\Users\Felix\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-09 11:24 - 2013-07-03 13:36 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-06-09 01:16 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-06-09 01:16 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-06-09 01:16 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

==================== One Month Modified Files and Folders =======

2013-07-09 20:42 - 2013-07-09 20:42 - 00001211 ____A C:\Users\Felix\Desktop\checkup.txt
2013-07-09 20:39 - 2013-06-15 19:42 - 00020136 ____A C:\Windows\PFRO.log
2013-07-09 20:39 - 2013-06-09 11:24 - 00004155 ____A C:\Windows\setupact.log
2013-07-09 20:39 - 2012-05-28 16:43 - 00000374 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-09 20:39 - 2012-01-31 04:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-09 20:39 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-09 20:38 - 2012-01-30 11:31 - 01078699 ____A C:\Windows\WindowsUpdate.log
2013-07-09 20:35 - 2013-07-09 19:04 - 00000720 ____A C:\Users\Felix\Desktop\eset.txt
2013-07-09 20:28 - 2012-04-02 14:48 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 19:02 - 2013-07-09 19:02 - 00001047 ____A C:\Users\Felix\Desktop\JRT.txt
2013-07-09 19:00 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-09 19:00 - 2009-07-14 06:45 - 00022352 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-09 18:58 - 2011-04-12 09:43 - 00707462 ____A C:\Windows\System32\perfh007.dat
2013-07-09 18:58 - 2011-04-12 09:43 - 00153054 ____A C:\Windows\System32\perfc007.dat
2013-07-09 18:58 - 2009-07-14 07:13 - 01642812 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-09 18:57 - 2013-07-09 18:57 - 00000000 ____D C:\Windows\ERUNT
2013-07-09 18:55 - 2013-07-09 18:55 - 02347384 ____A (ESET) C:\Users\Felix\Desktop\esetsmartinstaller_enu.exe
2013-07-09 18:55 - 2013-07-09 18:55 - 00890988 ____A C:\Users\Felix\Desktop\SecurityCheck.exe
2013-07-09 18:55 - 2013-07-09 18:55 - 00552389 ____A (Oleg N. Scherbakov) C:\Users\Felix\Desktop\JRT.exe
2013-07-09 18:52 - 2013-07-09 18:52 - 00005960 ____A C:\Users\Felix\Desktop\AdwCleaner[S1].txt
2013-07-09 18:49 - 2012-02-10 20:50 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Skype
2013-07-09 18:39 - 2013-07-09 18:39 - 00650027 ____A C:\Users\Felix\Desktop\adwcleaner.exe
2013-07-09 18:17 - 2013-07-09 18:17 - 00025129 ____A C:\Users\Felix\Desktop\Addition.txt
2013-07-09 16:16 - 2013-07-09 16:16 - 00000000 ____D C:\FRST
2013-07-09 15:16 - 2013-07-09 15:16 - 01776219 ____A (Farbar) C:\Users\Felix\Desktop\FRST64.exe
2013-07-09 14:57 - 2013-07-09 14:57 - 00044811 ____A C:\Users\Felix\Desktop\logfiles.zip
2013-07-09 14:23 - 2013-07-09 14:56 - 00063559 ____A C:\Users\Felix\Desktop\gmer.txt
2013-07-09 14:23 - 2013-07-09 14:23 - 00063559 ____A C:\Users\Felix\Desktop\gmer.log
2013-07-09 13:45 - 2013-07-09 13:46 - 00108704 ____A C:\Users\Felix\Desktop\OTL.Txt
2013-07-09 13:44 - 2013-07-09 13:46 - 00147554 ____A C:\Users\Felix\Desktop\Extras.Txt
2013-07-09 13:35 - 2013-07-09 13:46 - 00000472 ____A C:\Users\Felix\Desktop\defogger_disable.log
2013-07-09 13:35 - 2013-07-09 13:35 - 00000000 ____A C:\Users\Felix\defogger_reenable
2013-07-09 13:35 - 2012-02-10 20:12 - 00000000 ____D C:\users\Felix
2013-07-09 13:33 - 2013-07-09 13:49 - 00377856 ____A C:\Users\Felix\Desktop\gmer_2.1.19163.exe
2013-07-09 12:59 - 2012-01-30 11:23 - 00000000 ____D C:\Windows\Panther
2013-07-09 12:22 - 2013-07-09 12:22 - 00000000 ____A C:\Users\Felix\dir
2013-07-09 07:13 - 2013-07-09 07:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 07:12 - 2013-07-09 07:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 00:39 - 2009-07-14 04:34 - 00524288 ____A C:\Windows\System32\config\DEFAULT.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-09 00:39 - 2009-07-14 04:34 - 00262144 ____A C:\Windows\System32\config\SAM.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 68943872 ____A C:\Windows\System32\config\SOFTWARE.bak
2013-07-09 00:14 - 2009-07-14 04:34 - 23330816 ____A C:\Windows\System32\config\SYSTEM.bak
2013-07-08 22:08 - 2013-03-01 17:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.minecraft
2013-07-08 19:49 - 2012-05-26 15:56 - 00007649 ____A C:\Users\Felix\AppData\Local\Resmon.ResmonCfg
2013-07-08 16:02 - 2013-05-12 20:48 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Mozilla
2013-07-07 21:38 - 2013-07-07 21:37 - 00000000 ____D C:\Users\Felix\AppData\Local\NPE
2013-07-07 21:38 - 2012-09-09 16:24 - 00000000 ____D C:\ProgramData\Norton
2013-07-07 19:12 - 2013-07-07 19:12 - 00000000 ____D C:\Users\Felix\AppData\Local\Mozilla
2013-07-07 18:06 - 2012-02-10 23:59 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-07 00:25 - 2012-02-11 01:25 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-07 00:25 - 2012-02-11 01:12 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-07 00:25 - 2012-02-11 01:12 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-06 14:54 - 2012-02-12 00:29 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\UpdatusUser\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 13:53 - 2013-07-04 13:53 - 00001162 ____A C:\Users\Felix\Desktop\Minecraft Texturepack Editor.lnk
2013-07-04 00:31 - 2013-07-04 00:31 - 00008263 ____A C:\Users\Felix\.recently-used.xbel
2013-07-04 00:31 - 2012-03-10 18:07 - 00000000 ____D C:\Users\Felix\AppData\Roaming\gtk-2.0
2013-07-04 00:31 - 2012-03-10 18:03 - 00000000 ____D C:\Users\Felix\.gimp-2.6
2013-07-03 20:59 - 2012-08-31 23:01 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Audacity
2013-07-03 19:53 - 2013-07-03 19:53 - 00000762 ____A C:\Users\Felix\Desktop\Audacity.lnk
2013-07-03 18:15 - 2013-03-19 20:56 - 00000000 ____D C:\Users\Felix\AppData\Local\LogMeIn Hamachi
2013-07-03 18:09 - 2013-07-03 18:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 18:09 - 2012-01-31 04:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-03 13:37 - 2013-06-09 11:24 - 00075080 ____A C:\Users\Felix\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 13:36 - 2013-06-09 11:24 - 04939632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-02 00:13 - 2013-07-02 00:03 - 00001609 ____A C:\Users\Public\Desktop\Republic at War.lnk
2013-07-02 00:13 - 2013-07-02 00:03 - 00000634 ____A C:\Users\Public\Desktop\RaW Launcher.lnk
2013-07-02 00:05 - 2013-07-02 00:05 - 00000000 ____D C:\ProgramData\Caphyon
2013-07-01 14:59 - 2012-11-23 18:41 - 00000000 ____D C:\Users\Felix\AppData\Local\CrashDumps
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.mono
2013-07-01 13:54 - 2013-07-01 13:54 - 00000000 ____D C:\Users\Felix\AppData\Local\UWebKit
2013-07-01 13:07 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-30 18:26 - 2013-06-30 18:26 - 00000000 ____D C:\Users\Felix\Documents\Klei
2013-06-30 18:25 - 2013-06-16 20:59 - 00101440 ____A C:\Windows\DirectX.log
2013-06-26 19:02 - 2013-06-26 19:00 - 00000000 ____D C:\Users\Felix\Documents\Arma 3
2013-06-26 19:00 - 2013-06-26 19:00 - 00000000 ____D C:\Users\Felix\AppData\Local\Arma 3
2013-06-26 19:00 - 2013-06-15 19:52 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-24 19:45 - 2013-06-24 19:45 - 00000000 ____D C:\Users\Felix\Documents\Command & Conquer 3 Tiberium Wars
2013-06-24 19:34 - 2013-06-24 19:14 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2013-06-24 19:13 - 2013-06-24 19:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-22 15:22 - 2013-06-22 15:22 - 00000083 ____A C:\CardRecoveryPro.log
2013-06-22 02:24 - 2012-02-10 22:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\HpUpdate
2013-06-21 20:26 - 2012-01-30 11:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-21 14:06 - 2013-07-03 18:08 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-03 18:08 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-03 18:08 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-06 20:05 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2012-08-21 21:16 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2012-02-24 20:53 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2012-01-31 04:01 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2012-01-31 04:02 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2012-01-31 04:02 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2012-01-31 04:02 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 12:23 - 2013-02-08 14:22 - 00002501 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-06-20 12:23 - 2012-09-09 16:24 - 00000000 ____D C:\Windows\System32\Drivers\NISx64
2013-06-20 06:17 - 2012-02-24 20:55 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-19 13:02 - 2012-09-09 16:24 - 00177312 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2013-06-19 13:02 - 2012-09-09 16:24 - 00007631 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2013-06-17 00:27 - 2013-06-16 21:00 - 00000000 ____D C:\Users\Felix\Documents\dragoon
2013-06-16 21:13 - 2012-02-11 01:25 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-16 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-16 00:18 - 2013-02-09 15:51 - 00000000 ____D C:\ProgramData\WarThunder
2013-06-16 00:17 - 2012-08-22 18:07 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-15 22:06 - 2012-02-11 23:22 - 00000000 ____D C:\ProgramData\Adobe
2013-06-15 22:05 - 2012-02-12 00:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-06-15 22:05 - 2012-02-11 23:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-15 22:03 - 2012-02-10 20:30 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Adobe
2013-06-15 21:55 - 2013-06-15 21:55 - 00000728 ____A C:\Users\Public\Desktop\War Thunder.lnk
2013-06-15 21:55 - 2012-02-11 03:33 - 00000000 ____D C:\Users\Felix\Documents\My Games
2013-06-15 19:52 - 2013-03-28 00:08 - 00000000 ____D C:\Users\Felix\AppData\Local\Arma 3 Alpha
2013-06-15 19:40 - 2012-06-23 22:20 - 00000000 ____D C:\Users\Felix\AppData\Local\ArmA 2 OA
2013-06-15 09:19 - 2012-02-11 23:22 - 00000000 ____D C:\Users\Felix\AppData\Local\Adobe
2013-06-13 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 18:28 - 2012-04-02 14:48 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:28 - 2012-02-10 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 16:23 - 2012-12-16 23:22 - 01619770 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-12 14:29 - 2012-02-11 11:39 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 23:40 - 2012-03-10 18:05 - 00000000 ____D C:\Users\Felix\.thumbnails
2013-06-09 11:24 - 2013-06-09 11:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-09 11:24 - 2013-02-23 20:37 - 00001120 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002UA.job
2013-06-09 11:24 - 2013-02-23 20:37 - 00001068 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3461110047-3363698456-2598581639-1002Core.job
2013-06-09 01:20 - 2013-05-25 00:08 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-09 01:16 - 2013-06-09 01:16 - 00001100 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-06-09 01:16 - 2013-06-09 01:16 - 00001076 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-08 23:14

==================== End Of Log ============================
         
--- --- ---


Ich hoffe das Beste

Alt 09.07.2013, 19:55   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Java und Adobe bitte updaten.


Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 20:14   #15
iTelix
 
Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Standard

Ist der GVU Trojaner vollständig entfernt worden? (Windows7)



Das ist mir jetzt peinlich, aber wie aktualisiere ich die Adobe Produkte?

Ich müsste jetzt beide Programme aktuell haben. Hier die FSS.txt:

Code:
ATTFilter
Farbar Service Scanner Version: 08-07-2013
Ran by Felix (administrator) on 09-07-2013 at 22:13:59
Running from "C:\Users\Felix\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

Antwort

Themen zu Ist der GVU Trojaner vollständig entfernt worden? (Windows7)
administrator, anleitung, anti-malware, appdata, autostart, code, dateien, entfernen, explorer, fehler, gelöscht, gen, log, logfiles, malwarebytes, microsoft, problem, pum.shell.cmd, roaming, scan, software, speicher, system, trojaner, verschwunden, windows




Ähnliche Themen: Ist der GVU Trojaner vollständig entfernt worden? (Windows7)


  1. Wiederkehrender Tr/rogue schaden erkennen/tatsächlich entfernt worden?
    Plagegeister aller Art und deren Bekämpfung - 27.07.2014 (10)
  2. Reveton Trojaner nicht vollständig entfernt
    Plagegeister aller Art und deren Bekämpfung - 17.12.2013 (63)
  3. Windows7 Notebook: System Care Antivirus vollständig entfernen
    Plagegeister aller Art und deren Bekämpfung - 19.08.2013 (13)
  4. Win8 64Bit GVU-Trojaner nicht vollständig entfernt
    Plagegeister aller Art und deren Bekämpfung - 06.06.2013 (11)
  5. Müssen isolierte Trojaner vollständig entfernt werden ?
    Plagegeister aller Art und deren Bekämpfung - 30.03.2013 (4)
  6. GVU-Trojaner wahrscheinlich nicht vollständig entfernt
    Plagegeister aller Art und deren Bekämpfung - 18.01.2013 (9)
  7. GVU Trojaner - vollständig entfernt?
    Log-Analyse und Auswertung - 01.11.2012 (6)
  8. GVU-Trojaner - vollständig entfernt?
    Log-Analyse und Auswertung - 18.09.2012 (17)
  9. GVU Trojaner mit Malwarebyte entfernt, aber vollständig?
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (13)
  10. ist live security platinum erfolgreich entfernt worden?
    Log-Analyse und Auswertung - 28.06.2012 (1)
  11. Gema BKA-Trojaner vollständig entfernt?
    Log-Analyse und Auswertung - 07.06.2012 (1)
  12. Trojaner vollständig entfernt von Festplatte?
    Plagegeister aller Art und deren Bekämpfung - 01.06.2012 (3)
  13. Ukash BKA Trojaner vollständig entfernt?
    Log-Analyse und Auswertung - 19.01.2012 (21)
  14. GEMA Trojaner vollständig entfernt?
    Log-Analyse und Auswertung - 18.12.2011 (1)
  15. Gefakte Data Restore Warnung eineholt /Trojaner nicht vollständig entfernt
    Plagegeister aller Art und deren Bekämpfung - 18.10.2011 (3)
  16. Antimalware Doctor Trojaner vollständig entfernt?
    Log-Analyse und Auswertung - 03.05.2010 (8)
  17. Spyware vollständig entfernt???
    Log-Analyse und Auswertung - 01.03.2006 (12)

Zum Thema Ist der GVU Trojaner vollständig entfernt worden? (Windows7) - Guten Tag liebes Trojaner-Board Team, ich möchte mich vorab für Ihre Unterstützung herzlich bedanken. Ich habe mir am 08.07.2013 einen GVU-Trojaner eingefangen (gegen 22:14). Diesen habe ich mit Hilfe einer - Ist der GVU Trojaner vollständig entfernt worden? (Windows7)...
Archiv
Du betrachtest: Ist der GVU Trojaner vollständig entfernt worden? (Windows7) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.