Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Doppelklick !!

Doppelklick !!


Plagegeister aller Art und deren Bekämpfung: Doppelklick !!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.07.2013, 18:05   #1
sandennis
 
Doppelklick !! - Standard

Doppelklick !!


hallo brauche hilfe weiß nichtmehr weiter habe anscheinend mir irgendwas eingefangen egal welches symbol ich anklicke oder im browser wo drauf klicke ist es wie wen ich nen doppelklick mache habe jetzt avira free antivirus drüberlaufen lassen und hat nur eins gefunden "ADWARE/InstallCore.Gen" aber das problemm ist weiterhin da bitte um hilfe habe auch Malwarebytes drüberlaufen lassen und AdwCleaner ohne erfolg bisher !

danke im voraus mal Dennis.

Alt 17.07.2013, 18:07   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Doppelklick !! - Standard

Doppelklick !!


hi,

aber Satzzeichen und Co funktionieren?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 17.07.2013, 18:31   #3
sandennis
 
Doppelklick !! - Standard

Doppelklick !!


Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [VIAxHCUtl] - C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3456080 2013-06-04] (Electronic Arts)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [1558480 2013-07-03] (APN)
Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKCU - {55D7BC98-2989-4393-84E2-A26AB679F4D2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=d5257167-90e6-4b4d-a303-224869787538&apn_sauid=D9DEEAD4-1818-421C-A2F0-CA9F22C774DF
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default
FF SelectedSearchEngine: SecureSearch
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: toolbar_AVIRA-V7 - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: youtubeunblocker - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{35379F86-8CCB-4724-AE33-4278DE266C70}
FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD"
CHR DefaultSearchURL: (SecureSearch) - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_1&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: (SecureSearch) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\19.52819_0
CHR Extension: (AdBlock) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-03] (APN LLC.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-14] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-07-05] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-05] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-21] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-07-05] (GFI Software)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-17 19:20 - 2013-07-17 19:20 - 00014765 _____ C:\Users\sandennis\Downloads\Addition.txt
2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST
2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Downloads\FRST64.exe
2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000056 _____ C:\Windows\setupact.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\APN
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 18:34 - 2013-06-20 14:48 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-17 18:34 - 2013-06-20 14:48 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-17 18:34 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-17 18:31 - 2013-07-17 18:33 - 104943936 _____ C:\Users\sandennis\Downloads\avira3737_free_antivirus_de.exe
2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 18:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-17 18:01 - 2013-07-17 18:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sandennis\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-17 18:00 - 2013-07-17 19:18 - 00527340 _____ C:\Windows\WindowsUpdate.log
2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt
2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt
2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Downloads\adwcleaner.exe
2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-07-17 00:38 - 2013-07-17 13:10 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt
2013-07-17 00:38 - 2013-07-17 13:10 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt
2013-07-17 00:33 - 2013-07-17 00:33 - 25926183 _____ C:\Users\sandennis\Downloads\mt-x_setup.rar
2013-07-17 00:24 - 2013-07-17 01:49 - 00000000 ____D C:\Users\sandennis\Downloads\CIVI 5 trainer
2013-07-17 00:23 - 2013-07-17 00:23 - 00352855 _____ C:\Users\sandennis\Downloads\d2a536_4e9f4246e5ce6.zip
2013-07-16 22:10 - 2013-07-16 22:10 - 00016589 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationV@www.torrent.to.torrent
2013-07-16 21:55 - 2013-07-16 21:55 - 01658935 _____ (System SoftLab ) C:\Users\sandennis\Downloads\artmoney741eng.exe
2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games
2013-07-16 21:28 - 2013-07-16 21:28 - 00096835 _____ C:\Users\sandennis\Downloads\CivV_and_CivV_GaK_and_NW_v1-0-3-18_Steam_S2-1.CT
2013-07-15 14:02 - 2013-07-15 14:02 - 00019971 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationVBraveNewWorldGERMAN-0x0007@www.torrent.to.torrent
2013-07-15 13:00 - 2013-07-15 13:00 - 00040081 _____ C:\Users\sandennis\Downloads\[kickass.to]die.gilde.1.german.deutsch.torrent
2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-15 12:19 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-15 12:19 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games
2013-07-14 21:04 - 2013-07-14 21:10 - 229594432 _____ (NVIDIA Corporation) C:\Users\sandennis\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam
2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job
2013-07-10 20:06 - 2013-07-10 20:14 - 00000000 ____D C:\Users\sandennis\Downloads\AVG Internet Security 2013 (64bit) + Serials Germa
2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games
2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt
2013-07-05 12:41 - 2013-07-05 14:13 - 00000000 ____D C:\Qoobox
2013-07-05 12:41 - 2013-07-05 14:12 - 00000000 ____D C:\Windows\erdnt
2013-07-05 12:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-05 12:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-05 12:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-05 12:36 - 2013-07-05 14:13 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus
2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ___HD C:\$AVG
2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013
2013-07-05 12:32 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\MFAData
2013-07-05 12:32 - 2013-07-15 11:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013
2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData
2013-06-29 02:06 - 2013-06-29 02:07 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games
2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-19 16:38 - 2008-09-12 19:24 - 03722809 _____ C:\Users\sandennis\Downloads\Vampire.3gp

==================== One Month Modified Files and Folders =======

2013-07-17 19:21 - 2009-07-14 12:49 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-07-17 19:21 - 2009-07-14 12:49 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-07-17 19:21 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 19:20 - 2013-07-17 19:20 - 00014765 _____ C:\Users\sandennis\Downloads\Addition.txt
2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST
2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Downloads\FRST64.exe
2013-07-17 19:18 - 2013-07-17 18:00 - 00527340 _____ C:\Windows\WindowsUpdate.log
2013-07-17 19:16 - 2013-03-23 14:47 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DVDVideoSoft
2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000056 _____ C:\Windows\setupact.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-17 19:15 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-17 19:15 - 2013-03-21 02:28 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-17 19:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-17 19:14 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-17 19:14 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-17 18:56 - 2013-03-21 01:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\APN
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 18:34 - 2013-03-22 14:27 - 00000000 ____D C:\ProgramData\Avira
2013-07-17 18:33 - 2013-07-17 18:31 - 104943936 _____ C:\Users\sandennis\Downloads\avira3737_free_antivirus_de.exe
2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ___HD C:\$AVG
2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-17 18:31 - 2013-07-05 12:32 - 00000000 ____D C:\ProgramData\MFAData
2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 18:01 - 2013-07-17 18:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sandennis\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-17 17:58 - 2013-03-21 01:47 - 00064416 _____ C:\Users\SANDEN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-17 17:58 - 2009-07-14 06:45 - 00294880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt
2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt
2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Downloads\adwcleaner.exe
2013-07-17 17:49 - 2013-05-27 17:48 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Garmin
2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Garmin
2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\ProgramData\Garmin
2013-07-17 17:49 - 2013-04-14 01:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-17 17:49 - 2013-04-13 23:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Deployment
2013-07-17 17:49 - 2013-03-29 18:59 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-17 17:48 - 2013-03-21 01:21 - 00000000 ___RD C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-17 17:36 - 2013-03-21 17:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DAEMON Tools Lite
2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-07-17 13:10 - 2013-07-17 00:38 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt
2013-07-17 13:10 - 2013-07-17 00:38 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt
2013-07-17 01:49 - 2013-07-17 00:24 - 00000000 ____D C:\Users\sandennis\Downloads\CIVI 5 trainer
2013-07-17 01:44 - 2013-03-29 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\uTorrent
2013-07-17 00:33 - 2013-07-17 00:33 - 25926183 _____ C:\Users\sandennis\Downloads\mt-x_setup.rar
2013-07-17 00:29 - 2013-03-21 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\SKIDROW
2013-07-17 00:23 - 2013-07-17 00:23 - 00352855 _____ C:\Users\sandennis\Downloads\d2a536_4e9f4246e5ce6.zip
2013-07-16 22:28 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Programme
2013-07-16 22:10 - 2013-07-16 22:10 - 00016589 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationV@www.torrent.to.torrent
2013-07-16 21:55 - 2013-07-16 21:55 - 01658935 _____ (System SoftLab ) C:\Users\sandennis\Downloads\artmoney741eng.exe
2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games
2013-07-16 21:28 - 2013-07-16 21:28 - 00096835 _____ C:\Users\sandennis\Downloads\CivV_and_CivV_GaK_and_NW_v1-0-3-18_Steam_S2-1.CT
2013-07-16 14:04 - 2013-03-21 17:45 - 00000000 ____D C:\Users\sandennis\Documents\My Games
2013-07-16 14:03 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Spiele
2013-07-15 14:02 - 2013-07-15 14:02 - 00019971 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationVBraveNewWorldGERMAN-0x0007@www.torrent.to.torrent
2013-07-15 13:00 - 2013-07-15 13:00 - 00040081 _____ C:\Users\sandennis\Downloads\[kickass.to]die.gilde.1.german.deutsch.torrent
2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-15 12:20 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-15 12:19 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 12:19 - 2013-03-21 16:01 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\NVIDIA
2013-07-15 12:19 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-15 11:59 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013
2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games
2013-07-14 21:10 - 2013-07-14 21:04 - 229594432 _____ (NVIDIA Corporation) C:\Users\sandennis\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-14 19:55 - 2013-03-29 18:40 - 00000000 ____D C:\Users\sandennis\Downloads\BioShock_Infinite-FLT
2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam
2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job
2013-07-10 20:14 - 2013-07-10 20:06 - 00000000 ____D C:\Users\sandennis\Downloads\AVG Internet Security 2013 (64bit) + Serials Germa
2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-07-09 22:47 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-07-07 17:40 - 2013-03-21 02:40 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TS3Client
2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games
2013-07-05 21:49 - 2013-03-21 16:03 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-05 21:49 - 2013-03-21 07:23 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-05 21:49 - 2013-03-21 07:23 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-05 14:14 - 2013-04-13 23:59 - 00000000 ____D C:\Users\sandennis\AppData\Local\Apps\2.0
2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt
2013-07-05 14:13 - 2013-07-05 12:41 - 00000000 ____D C:\Qoobox
2013-07-05 14:13 - 2013-07-05 12:36 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus
2013-07-05 14:12 - 2013-07-05 12:41 - 00000000 ____D C:\Windows\erdnt
2013-07-05 14:12 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013
2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData
2013-07-05 12:24 - 2013-03-21 15:19 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-05 01:38 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-29 02:07 - 2013-06-29 02:06 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games
2013-06-29 02:07 - 2013-04-02 22:47 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone
2013-06-24 10:51 - 2013-03-21 01:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-06-21 14:06 - 2013-07-15 12:19 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-15 12:19 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-03-21 01:33 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-03-21 01:33 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2013-06-14 21:58 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 14:48 - 2013-07-17 18:34 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-06-20 14:48 - 2013-07-17 18:34 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-06-20 06:17 - 2013-06-14 21:58 - 03253909 _____ C:\Windows\system32\nvcoproc.bin
2013-06-19 16:37 - 2013-03-31 20:55 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\vlc

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 20:42

==================== End Of Log ============================

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02
Ran by sandennis at 2013-07-17 19:20:45
Running from C:\Users\sandennis\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
@BIOS (x32 Version: 2.25)
µTorrent (x32 Version: 3.3.0.29625)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
APB Reloaded (x32)
Arma 2 (x32)
Arma 2: Operation Arrowhead (x32)
Arma 2: Operation Arrowhead Beta (x32)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.0.15.16)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 13.0.0.3737)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.1.477)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BattlEye for OA Uninstall (x32)
ckerdeinstallation für EPSON SX210 Series
Command & Conquer Generals (x32 Version: 0.50.0000)
Command and Conquer(TM) Generäle Die Stunde Null  (x32 Version: 1.00.0000)
Company of Heroes 2 (x32 Version: 1)
Counter-Strike: Source (x32)
Creative Audio-Systemsteuerung (x32 Version: 2.00)
Creative Sound Blaster Properties x64 Edition (x32)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Day of Defeat: Source (x32)
DayZ Commander (x32 Version: 0.92.79)
Diablo III (x32 Version: 1.0.8.16603)
Die Gilde Gold-Edition (x32 Version: 2.06)
EPSON Scan (x32)
ESN Sonar (x32 Version: 0.70.4)
F1 2012 (x32)
Far Cry 3 (x32 Version: 1.04)
FIFA 13 (x32 Version: 1.1.0.0)
FUSSBALL MANAGER 13 (x32 Version: 1.0.3.0)
Google Chrome (x32 Version: 28.0.1500.72)
Google Update Helper (x32 Version: 1.3.21.153)
Guild Wars 2 (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 8.0.12.1498)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
League of Legends (x32 Version: 1.3)
Logitech Gaming Software (Version: 8.40.83)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 91xx driver (x32 Version: 1.2.0.1010)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
MotoGP(TM)13 (x32 Version: 1.00.0000)
Mozilla Firefox 20.0.1 (x86 de) (x32 Version: 20.0.1)
Mozilla Maintenance Service (x32 Version: 17.0.6)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6)
MSI Afterburner 2.3.1 (x32 Version: 2.3.1)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
ObjectDock Free (x32 Version: 2.0)
ON_OFF Charge B11.1102.1 (x32 Version: 1.00.0001)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Orbit Downloader (x32)
Origin (x32 Version: 9.1.13.85)
Platform (x32 Version: 1.39)
PunkBuster Services (x32 Version: 0.993)
SSD Fresh (x32 Version: 2013)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.10.1)
Thrustmaster Force Feedback Driver (x32 Version: 2.FFD.2009)
Update for FLV Player (HKCU)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Uplay (x32 Version: 2.0)
VIA Plattform-Geräte-Manager (x32 Version: 1.39)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (x32 Version: 2.0.5)
Warhammer 40,000 Space Marine (x32)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

16-07-2013 21:39:12 DirectX wurde installiert
17-07-2013 15:48:11 Entfernt Creative Software AutoUpdate
17-07-2013 15:48:36 Configured Easy Tune 6 B12.0626.1
17-07-2013 15:48:53 Removed Facebook Messenger 2.1.4814.0
17-07-2013 15:49:16 Garmin Express
17-07-2013 16:30:49 Removed AVG 2013
17-07-2013 16:31:31 Removed AVG 2013

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-05 14:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {4157CBB0-0935-45CA-ABD2-C7BCEEDD4993} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)
Task: {901D4260-E1AB-4508-BE1F-D79817B57389} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {A3D3BB28-47C5-44E5-B28C-EF500B83D933} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe No File
Task: {ACBA5C30-735D-4A22-B4E0-874BF30CFC90} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.

Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.


System errors:
=============
Error: (07/17/2013 07:20:17 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 22 Mal passiert.

Error: (07/17/2013 07:20:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
%%6801

Error: (07/17/2013 07:20:13 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 21 Mal passiert.

Error: (07/17/2013 07:20:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
%%6801

Error: (07/17/2013 07:20:07 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 20 Mal passiert.

Error: (07/17/2013 07:20:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
%%6801

Error: (07/17/2013 07:19:38 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 19 Mal passiert.

Error: (07/17/2013 07:19:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
%%6801

Error: (07/17/2013 07:19:32 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 18 Mal passiert.

Error: (07/17/2013 07:19:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
%%6801


Microsoft Office Sessions:
=========================
Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:

Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service)(User: )
Description: 200x80071a91


==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 8152.04 MB
Available physical RAM: 6288.13 MB
Total Pagefile: 16150.18 MB
Available Pagefile: 14146.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.64 GB) (Free:27.93 GB) NTFS (Disk=2 Partition=1)
Drive d: (DOWNLOAD ) (Fixed) (Total:298.09 GB) (Free:181.03 GB) NTFS (Disk=1 Partition=1)
Drive e: (SPIELE) (Fixed) (Total:111.69 GB) (Free:27 GB) NTFS (Disk=0 Partition=2)
Drive f: (D3C1.0.0) (CDROM) (Total:7.66 GB) (Free:0 GB) UDF
Drive h: (GILDEGOLD) (CDROM) (Total:0.96 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 4964FC60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 9BB89BB8)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 6EBB33A1)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

weiß jetzt nicht ob das so richtig war habe beide zusammen reingestellt !
__________________
Alt 18.07.2013, 07:33   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Doppelklick !! - Standard

Doppelklick !!


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.07.2013, 08:28   #5
sandennis
 
Doppelklick !! - Standard

Doppelklick !!


AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.305 - Datei am 18/07/2013 um 09:19:04 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Enterprise  (64 bits)
# Benutzer : sandennis - SANDENNIS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\sandennis\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : APNMCP

***** [Dateien / Ordner] *****

Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\Users\SANDEN~1\AppData\Local\Temp\APN

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\sandennis\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [14291 octets] - [17/07/2013 17:57:06]
AdwCleaner[S1].txt - [14013 octets] - [17/07/2013 17:57:22]
AdwCleaner[S2].txt - [1506 octets] - [18/07/2013 09:19:04]

########## EOF - C:\AdwCleaner[S2].txt - [1566 octets] ##########
--- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows 7 Enterprise x64
Ran by sandennis on 18.07.2013 at 9:21:56,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{55D7BC98-2989-4393-84E2-A26AB679F4D2}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\sandennis\AppData\Roaming\systweak"



~~~ FireFox

Successfully deleted: [File] C:\Users\sandennis\AppData\Roaming\mozilla\firefox\profiles\dh3lsrk4.default\invalidprefs.js
Successfully deleted the following from C:\Users\sandennis\AppData\Roaming\mozilla\firefox\profiles\dh3lsrk4.default\prefs.js

user_pref("browser.search.selectedEngine", "SecureSearch");
Emptied folder: C:\Users\sandennis\AppData\Roaming\mozilla\firefox\profiles\dh3lsrk4.default\minidumps [18 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.07.2013 at 9:24:27,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Alt 18.07.2013, 08:28   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Doppelklick !! - Standard

Doppelklick !!


Frisches FRST log bitte.
__________________
--> Doppelklick !!

Alt 18.07.2013, 08:28   #7
sandennis
 
Doppelklick !! - Standard

Doppelklick !!



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by sandennis (administrator) on 18-07-2013 09:24:55
Running from C:\Users\sandennis\Desktop
Windows 7 Enterprise (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [VIAxHCUtl] - C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3456080 2013-06-04] (Electronic Arts)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: toolbar_AVIRA-V7 - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: youtubeunblocker - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{35379F86-8CCB-4724-AE33-4278DE266C70}
FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD"
CHR DefaultSearchURL: (SecureSearch) - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_1&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: (SecureSearch) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\19.52819_0
CHR Extension: (AdBlock) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-20] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-14] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-07-05] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-05] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-21] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-07-05] (GFI Software)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 09:24 - 2013-07-18 09:24 - 00001842 _____ C:\Users\sandennis\Desktop\JRT.txt
2013-07-18 09:21 - 2013-07-18 09:21 - 00000000 ____D C:\Windows\ERUNT
2013-07-18 09:19 - 2013-07-18 09:19 - 00001635 _____ C:\AdwCleaner[S2].txt
2013-07-18 09:04 - 2013-07-18 09:04 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\sandennis\Desktop\JRT.exe
2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST
2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Desktop\FRST64.exe
2013-07-17 19:15 - 2013-07-18 09:20 - 00000560 _____ C:\Windows\setupact.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-17 18:34 - 2013-06-20 14:48 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-17 18:34 - 2013-06-20 14:48 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-17 18:34 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 18:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-17 18:00 - 2013-07-18 09:19 - 00897035 _____ C:\Windows\WindowsUpdate.log
2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt
2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt
2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Desktop\adwcleaner.exe
2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-07-17 00:38 - 2013-07-17 13:10 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt
2013-07-17 00:38 - 2013-07-17 13:10 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt
2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games
2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-15 12:19 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-15 12:19 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games
2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam
2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job
2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games
2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt
2013-07-05 12:41 - 2013-07-05 14:13 - 00000000 ____D C:\Qoobox
2013-07-05 12:41 - 2013-07-05 14:12 - 00000000 ____D C:\Windows\erdnt
2013-07-05 12:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-05 12:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-05 12:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-05 12:36 - 2013-07-05 14:13 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus
2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ___HD C:\$AVG
2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013
2013-07-05 12:32 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\MFAData
2013-07-05 12:32 - 2013-07-15 11:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013
2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData
2013-06-29 02:06 - 2013-06-29 02:07 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games
2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

==================== One Month Modified Files and Folders =======

2013-07-18 09:24 - 2013-07-18 09:24 - 00001842 _____ C:\Users\sandennis\Desktop\JRT.txt
2013-07-18 09:23 - 2013-07-17 18:00 - 00897035 _____ C:\Windows\WindowsUpdate.log
2013-07-18 09:21 - 2013-07-18 09:21 - 00000000 ____D C:\Windows\ERUNT
2013-07-18 09:20 - 2013-07-17 19:15 - 00000560 _____ C:\Windows\setupact.log
2013-07-18 09:20 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-18 09:20 - 2013-03-21 02:28 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-18 09:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 09:19 - 2013-07-18 09:19 - 00001635 _____ C:\AdwCleaner[S2].txt
2013-07-18 09:19 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 09:19 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 09:04 - 2013-07-18 09:04 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\sandennis\Desktop\JRT.exe
2013-07-18 08:56 - 2013-03-21 01:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 08:51 - 2009-07-14 12:49 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-07-18 08:51 - 2009-07-14 12:49 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-07-18 08:51 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST
2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Desktop\FRST64.exe
2013-07-17 19:16 - 2013-03-23 14:47 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DVDVideoSoft
2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-17 18:34 - 2013-03-22 14:27 - 00000000 ____D C:\ProgramData\Avira
2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ___HD C:\$AVG
2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-17 18:31 - 2013-07-05 12:32 - 00000000 ____D C:\ProgramData\MFAData
2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 17:58 - 2013-03-21 01:47 - 00064416 _____ C:\Users\SANDEN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-17 17:58 - 2009-07-14 06:45 - 00294880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt
2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt
2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Desktop\adwcleaner.exe
2013-07-17 17:49 - 2013-05-27 17:48 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Garmin
2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Garmin
2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\ProgramData\Garmin
2013-07-17 17:49 - 2013-04-14 01:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-17 17:49 - 2013-04-13 23:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Deployment
2013-07-17 17:49 - 2013-03-29 18:59 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-17 17:48 - 2013-03-21 01:21 - 00000000 ___RD C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-17 17:36 - 2013-03-21 17:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DAEMON Tools Lite
2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-07-17 13:10 - 2013-07-17 00:38 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt
2013-07-17 13:10 - 2013-07-17 00:38 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt
2013-07-17 01:44 - 2013-03-29 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\uTorrent
2013-07-17 00:29 - 2013-03-21 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\SKIDROW
2013-07-16 22:28 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Programme
2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games
2013-07-16 14:04 - 2013-03-21 17:45 - 00000000 ____D C:\Users\sandennis\Documents\My Games
2013-07-16 14:03 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Spiele
2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-15 12:20 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-15 12:19 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 12:19 - 2013-03-21 16:01 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\NVIDIA
2013-07-15 12:19 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-15 11:59 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013
2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games
2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam
2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job
2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-07-09 22:47 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-07-07 17:40 - 2013-03-21 02:40 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TS3Client
2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games
2013-07-05 21:49 - 2013-03-21 16:03 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-05 21:49 - 2013-03-21 07:23 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-05 21:49 - 2013-03-21 07:23 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-05 14:14 - 2013-04-13 23:59 - 00000000 ____D C:\Users\sandennis\AppData\Local\Apps\2.0
2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt
2013-07-05 14:13 - 2013-07-05 12:41 - 00000000 ____D C:\Qoobox
2013-07-05 14:13 - 2013-07-05 12:36 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus
2013-07-05 14:12 - 2013-07-05 12:41 - 00000000 ____D C:\Windows\erdnt
2013-07-05 14:12 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013
2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData
2013-07-05 12:24 - 2013-03-21 15:19 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-05 01:38 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-29 02:07 - 2013-06-29 02:06 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games
2013-06-29 02:07 - 2013-04-02 22:47 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone
2013-06-24 10:51 - 2013-03-21 01:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-06-21 14:06 - 2013-07-15 12:19 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-15 12:19 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-03-21 01:33 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-03-21 01:33 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2013-06-14 21:58 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 14:48 - 2013-07-17 18:34 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-06-20 14:48 - 2013-07-17 18:34 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-06-20 06:17 - 2013-06-14 21:58 - 03253909 _____ C:\Windows\system32\nvcoproc.bin
2013-06-19 16:37 - 2013-03-31 20:55 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\vlc

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 20:42

==================== End Of Log ============================
--- --- ---
Alt 18.07.2013, 08:33   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Doppelklick !! - Standard

Doppelklick !!


Systemsteuerung > Maus > Einstellungen überprüfen.

Dort kann man auch irgendwo einstellen dass gleich en Dopelklick gemacht wird.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.07.2013, 08:48   #9
sandennis
 
Doppelklick !! - Standard

Doppelklick !!


habe ich nachgeschaut ist nichts aktiviert .

Alt 18.07.2013, 09:45   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Doppelklick !! - Standard

Doppelklick !!


Immer noch so Probleme? Was für ne Maus?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.07.2013, 10:19   #11
sandennis
 
Doppelklick !! - Standard

Doppelklick !!


Logitech G500

Alt 18.07.2013, 10:53   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Doppelklick !! - Standard

Doppelklick !!


Gibts da extra Treiber und Software? Wenn ja neuinstallieren. Andre Maus testen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.07.2013, 11:04   #13
sandennis
 
Doppelklick !! - Standard

Doppelklick !!


erledigt lag an der maus hätte ich auch früher darauf kommen können !

aber danke dir !

Alt 18.07.2013, 11:43   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Doppelklick !! - Standard

Doppelklick !!


Null problemo

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Doppelklick !!
adware/installcore.gen, adwcleaner, antivirus, avira, bitte um hilfe, brauche, brauche hilfe, browser, doppelklick, eingefangen, erfolg, free, gefangen, gefunde, hilfe, klicke, malwarebytes, nichtmehr, schei, symbol


« System Care Antivirus eingefangen | Weißer Bildschirm win7 Frst. log gemacht bitte um Auswertung »


Ähnliche Themen: Doppelklick !!


  1. Ungewollter Doppelklick bei Windows 7,
    Alles rund um Windows - 13.11.2015 (10)
  2. Windows 7 [x64] Radom Doppelklick Virus/Trojaner [?]
    Log-Analyse und Auswertung - 09.10.2014 (17)
  3. Nach Virus löschen Doppelklick funktioniert nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 27.07.2014 (9)
  4. Einfachklick wird ungewollt zum Doppelklick
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (3)
  5. Internet stürzt ab, Maus macht doppelklick
    Netzwerk und Hardware - 05.04.2012 (1)
  6. .EXE dateien funktionieren nicht mehr mit doppelklick
    Plagegeister aller Art und deren Bekämpfung - 26.04.2010 (0)
  7. Notebook hängt sich beim Doppelklick machmal auf
    Plagegeister aller Art und deren Bekämpfung - 04.04.2010 (17)
  8. Bei Doppelklick auf Arbeitsplatz keine Reaktion
    Log-Analyse und Auswertung - 26.08.2009 (10)
  9. Doppelklick im Arbeitplatz funktioniert nicht!!!! Bitte um Hilfe
    Log-Analyse und Auswertung - 17.08.2009 (3)
  10. kein Zugriff auf Festplatten mit Doppelklick
    Plagegeister aller Art und deren Bekämpfung - 29.12.2008 (1)
  11. AW: Doppelklick auf Partition --> Zugriff verweigert
    Mülltonne - 19.11.2008 (0)
  12. Doppelklick funktioniert nicht im Arbeitsplatz
    Log-Analyse und Auswertung - 19.06.2008 (0)
  13. Doppelklick geht nicht mehr
    Alles rund um Windows - 03.01.2008 (1)
  14. hilfe - ie7 startet automatisch bei doppelklick auf desktopsymbol
    Plagegeister aller Art und deren Bekämpfung - 20.11.2007 (0)
  15. Doppelklick auf Partition --> Zugriff verweigert
    Netzwerk und Hardware - 10.10.2007 (1)
  16. Bei Doppelklick Bearbeiten statt Öffnen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2005 (1)
  17. Doppelklick öffnet Verzeichnis nicht
    Alles rund um Windows - 04.10.2003 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Doppelklick !! - hallo brauche hilfe weiß nichtmehr weiter habe anscheinend mir irgendwas eingefangen egal welches symbol ich anklicke oder im browser wo drauf klicke ist es wie wen ich nen doppelklick mache - Doppelklick !!...
Archiv
Du betrachtest: Doppelklick !! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55