| |
| |||||||
Log-Analyse und Auswertung: Unerkannte Malware & CHKDSK Main.dbd fehlerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
01.08.2013, 18:08
| #1 |
 |  Unerkannte Malware & CHKDSK Main.dbd fehler Nabend, Undzwar hatte ich seit längerer Zeit den Verdacht gehabt mir nen Virus oder ne Malware eingefangen zu haben und der Verdacht bestätigte sich auch vor ein paar Tagen als Malwarebytes 4 Funde lieferte und Avira Alarm schlieg. Hatte kurz darauf den ADWcleaner Mbar und ESET drüber laufen lassen, die Programme,die hier immer vorgeschlagen werden und es wurde glücklicherweise nichts mehr gefunden. Heute bekam ich beim starten des PCs dann die Fehlermeldung CHKDSK wäre fehlerhaft, weswegen Skype sich plötzlich schließ und Avira und ADW Cleaner aufgrund eines CHKDSK Fehlers nicht mehr funktionierten. Internetstecker gezogen, da ich nun ernsthaft Angst um meine Daten hatte. Erstaunlicherweise funktionierte der Scan nach dem ziehen des Steckers und es wurden wieder keine Funde angeizeigt.. MBAR ANTIROOTKIT Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org
Database version: v2013.08.01.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Koro :: KORO-PC [administrator]
01.08.2013 18:31:33
mbar-log-2013-08-01 (18-31-33).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 229004
Time elapsed: 5 minute(s), 26 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter # AdwCleaner v2.306 - Datei am 01/08/2013 um 18:39:51 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Koro - KORO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Koro\Desktop\AdwCleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.72
Datei : C:\Users\Koro\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R12].txt - [991 octets] - [01/08/2013 18:30:27]
AdwCleaner[R13].txt - [922 octets] - [01/08/2013 18:39:51]
########## EOF - C:\AdwCleaner[R13].txt - [982 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.01.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Koro :: KORO-PC [Administrator] Schutz: Aktiviert 01.08.2013 18:37:10 mbam-log-2013-08-01 (18-37-10).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P Deaktivierte Suchlaufeinstellungen: Durchsuchte Objekte: 212732 Laufzeit: 1 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Beim ausführen von CHKDSK unter CMD erscheint allerding der Fehler MAIN 1.db ist falsch,weswegen der Scan nicht weiter als 49% ging. Die Malware die vor ein paar Tagen gefunden wurden und in der Quarantäne stecken heißen: Code:
ATTFilter ADWARE/INSTALLREX.GEN
ADWARE/WEBCAKE.A
EXP/CVE-2013-1493.DC
TR/Neop.A.228
Ich hoffe auf die gleiche freundliche Hilfe wie sonst immer  |
|
01.08.2013, 18:55
| #2 |
| /// the machine /// TB-Ausbilder    | Unerkannte Malware & CHKDSK Main.dbd fehler Hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
01.08.2013, 19:23
| #3 |
| | Unerkannte Malware & CHKDSK Main.dbd fehlerCode:
ATTFilter (AMD) C:\Windows\system32\atieclxx.exe
(CANON INC.) C:\Windows\system32\CNAB4RPD.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [7406392 2012-11-29] (Logitech Inc.)
HKLM-x32\...\Runonce: [Del8675870] cmd.exe /Q /D /c del "C:\Users\Koro\AppData\Local\Temp\0.del" [x]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" [495616 2007-09-02] ()
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Runonce: [Del8675870] cmd.exe /Q /D /c del "C:\Users\Koro\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\Runonce: [Del8675870] cmd.exe /Q /D /c del "C:\Users\Koro\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\foxmarks@kei.com
FF Extension: DownloadHelper - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: youtubeunblocker - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR DefaultSearchURL: (Delta Search) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Skype Click to Call) - C:\Users\Koro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-22] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [43832 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 ALSysIO; \??\C:\Users\Koro\AppData\Local\Temp\ALSysIO64.sys [x]
R2 avgntflt; system32\DRIVERS\avgntflt.sys [x]
R1 avipbb; system32\DRIVERS\avipbb.sys [x]
R1 avkmgr; system32\DRIVERS\avkmgr.sys [x]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\Users\Koro\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-01 20:16 - 2013-08-01 20:16 - 00000000 ____D C:\FRST
2013-08-01 20:15 - 2013-08-01 20:10 - 01916712 ____A (Farbar) C:\Users\Koro\Desktop\FRST64.exe
2013-08-01 20:06 - 2013-08-01 20:06 - 00000288 ____A C:\Windows\Tasks\DigitalSite.job
2013-08-01 20:06 - 2013-08-01 20:06 - 00000000 ____D C:\Users\Koro\AppData\Roaming\DigitalSite
2013-08-01 20:04 - 2013-08-01 20:03 - 00717160 ____A C:\Users\Koro\Desktop\ZipOpenerSetup.exe
2013-08-01 18:39 - 2013-08-01 18:39 - 00001051 ____A C:\AdwCleaner[R13].txt
2013-08-01 18:30 - 2013-08-01 18:30 - 00000991 ____A C:\AdwCleaner[R12].txt
2013-08-01 02:48 - 2013-08-01 02:48 - 00000340 ____A C:\Windows\LkmdfCoInst.log
2013-07-31 18:56 - 2013-07-31 18:56 - 03820480 ____A C:\Users\Koro\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-31 01:13 - 2013-07-31 01:13 - 02347384 ____A (ESET) C:\Users\Koro\Downloads\esetsmartinstaller_deu.exe
2013-07-31 01:13 - 2013-07-31 01:13 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-31 01:05 - 2013-07-31 01:05 - 00666633 ____A C:\Users\Koro\Downloads\adwcleaner06.exe
2013-07-30 00:07 - 2013-07-30 00:07 - 00000000 ____D C:\Users\Koro\Desktop\Taylor-Davis-Lara-de-Wit-Game-On-2-Player-Mode-Album
2013-07-28 23:37 - 2013-07-28 23:37 - 576525920 ____A C:\Windows\MEMORY.DMP
2013-07-28 01:41 - 2013-07-28 01:41 - 00000827 ____A C:\Users\Koro\Desktop\sai - Verknüpfung.lnk
2013-07-28 01:38 - 2013-08-01 03:31 - 00000000 ____D C:\Users\Koro\Downloads\PaintToolSAI
2013-07-27 20:02 - 2013-07-27 20:02 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher
2013-07-27 19:11 - 2013-07-27 19:11 - 02339714 ____A C:\Users\Koro\Downloads\sai-1.1.0-ful-en.exe
2013-07-27 14:52 - 2013-07-27 21:54 - 00000000 ____D C:\Users\Koro\Desktop\ZEICHNUNGEN SAI
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2013-07-27 14:18 - 2013-07-27 14:20 - 00000000 ____D C:\ProgramData\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00001107 ____A C:\Users\Public\Desktop\Bamboo Dock.lnk
2013-07-27 14:18 - 2013-07-27 14:18 - 00000002 ____A C:\Users\Koro\.bdockinstall.log
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Users\Koro\AppData\Roaming\WTablet
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files\Tablet
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2013-07-27 14:18 - 2012-11-14 14:45 - 01981824 ____A (Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.dll
2013-07-27 14:18 - 2012-11-14 14:45 - 01974656 ____A (Wacom Technology, Corp.) C:\Windows\System32\Pen_Touch_Tablet.dll
2013-07-27 14:18 - 2012-11-14 14:45 - 01844096 ____A (Wacom Technology, Corp.) C:\Windows\System32\Wintab32.dll
2013-07-27 14:18 - 2012-11-14 14:45 - 01841024 ____A (Wacom Technology, Corp.) C:\Windows\System32\WacomMT.dll
2013-07-27 14:18 - 2012-11-14 14:45 - 01629056 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dll
2013-07-27 14:18 - 2012-11-14 14:45 - 01621888 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll
2013-07-27 14:18 - 2012-11-14 14:45 - 01510272 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-07-27 14:18 - 2012-11-14 14:45 - 01506176 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2013-07-27 14:18 - 2012-10-12 09:54 - 00015776 ____A (Wacom Technology) C:\Windows\System32\Drivers\wacomrouterfilter.sys
2013-07-27 14:18 - 2012-10-12 09:20 - 00081312 ____A (Wacom Technology) C:\Windows\System32\Drivers\wachidrouter.sys
2013-07-27 14:18 - 2012-10-12 09:20 - 00013728 ____A (Windows (R) Win 7 DDK provider) C:\Windows\System32\Drivers\hidkmdf.sys
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\Users\Koro\AppData\Roaming\SYSTEMAX Software Development
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2013-07-27 14:14 - 2013-07-27 14:14 - 02633921 ____A C:\Users\Koro\Downloads\PaintToolSAI.zip
2013-07-25 14:43 - 2013-07-25 14:43 - 00666633 ____A C:\Users\Koro\Desktop\AdwCleaner.exe
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\Documents\Arktos
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\CrashRpt
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\Arktos
2013-07-19 15:46 - 2013-07-19 15:46 - 00000000 ____D C:\Users\Koro\Desktop\OOR-KnjEffct
2013-07-19 00:24 - 2013-07-19 00:24 - 00000000 ____D C:\Users\Koro\Desktop\[2010.06.09] ONE OK ROCK - Niche Syndrome
2013-07-19 00:21 - 2013-07-19 00:21 - 00000000 ____D C:\Users\Koro\Desktop\ONE OK ROCK - JINSEI X BOKU =
2013-07-18 22:21 - 2013-07-18 22:21 - 00000220 ____A C:\Users\Koro\Desktop\Garry's Mod.url
2013-07-18 19:32 - 2013-07-18 19:32 - 00000222 ____A C:\Users\Koro\Desktop\Infestation Survivor Stories.url
2013-07-15 20:22 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Natural Selection 2
2013-07-13 15:02 - 2013-07-13 15:02 - 00000221 ____A C:\Users\Koro\Desktop\Super Meat Boy.url
2013-07-12 16:02 - 2013-07-15 20:21 - 00037252 ____A C:\Windows\DirectX.log
2013-07-12 02:10 - 2013-07-12 02:10 - 00000219 ____A C:\Users\Koro\Desktop\Counter-Strike Global Offensive.url
2013-07-11 16:37 - 2013-08-01 18:37 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-11 16:36 - 2013-08-01 18:37 - 00000000 ____D C:\Users\Koro\Desktop\mbar
2013-07-11 16:33 - 2013-07-11 16:33 - 13399154 ____A C:\Users\Koro\Downloads\mbar-1.06.0.1004.zip
2013-07-11 03:04 - 2013-06-12 01:43 - 14329856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 03:04 - 2013-06-12 01:26 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-11 03:04 - 2013-06-12 01:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-11 03:04 - 2013-06-12 01:26 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-11 03:04 - 2013-06-12 01:25 - 19238912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 02648576 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-11 03:04 - 2013-06-12 00:51 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 03:04 - 2013-06-12 00:50 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-11 03:04 - 2013-06-07 05:22 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-11 03:04 - 2013-06-07 04:37 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 15:36 - 2013-07-10 15:36 - 00000000 ____D C:\f7cfa77fce8d07497a5b946d169af797
2013-07-10 13:04 - 2013-06-05 05:34 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-10 13:04 - 2013-06-04 08:00 - 00624128 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-10 13:04 - 2013-06-04 06:53 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 13:04 - 2013-05-06 08:03 - 01887744 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-10 13:04 - 2013-05-06 06:56 - 01620480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 13:04 - 2013-04-10 01:34 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 13:04 - 2013-04-03 00:51 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-10 00:10 - 2013-08-01 03:03 - 00004096 ____A C:\Windows\PFRO.log
2013-07-09 16:33 - 2013-07-09 16:33 - 00161184 ____A C:\Users\Koro\Downloads\PFPortChecker.exe
2013-07-09 02:04 - 2013-07-09 02:04 - 00000220 ____A C:\Users\Koro\Desktop\Killing Floor.url
2013-07-05 15:31 - 2013-07-05 15:31 - 00000219 ____A C:\Users\Koro\Desktop\Left 4 Dead 2.url
2013-07-05 15:06 - 2013-07-05 15:06 - 00000000 ____D C:\Users\Koro\.idlerc
2013-07-05 13:56 - 2013-07-05 13:56 - 00000000 ____D C:\Python33
2013-07-05 13:55 - 2013-07-05 13:55 - 20774912 ____A C:\Users\Koro\Downloads\python-3.3.2.amd64.msi
2013-07-04 14:50 - 2013-07-10 22:39 - 00295424 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-03 23:20 - 2013-08-01 17:41 - 00008691 ____A C:\Windows\setupact.log
2013-07-03 23:20 - 2013-07-03 23:20 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 22:53 - 2013-07-03 22:53 - 00064024 ____A C:\Users\Koro\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 15:07 - 2013-07-09 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-08-01 20:16 - 2013-08-01 20:16 - 00000000 ____D C:\FRST
2013-08-01 20:10 - 2013-08-01 20:15 - 01916712 ____A (Farbar) C:\Users\Koro\Desktop\FRST64.exe
2013-08-01 20:09 - 2009-07-14 19:58 - 00656044 ____A C:\Windows\System32\perfh007.dat
2013-08-01 20:09 - 2009-07-14 19:58 - 00130676 ____A C:\Windows\System32\perfc007.dat
2013-08-01 20:09 - 2009-07-14 07:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-08-01 20:06 - 2013-08-01 20:06 - 00000288 ____A C:\Windows\Tasks\DigitalSite.job
2013-08-01 20:06 - 2013-08-01 20:06 - 00000000 ____D C:\Users\Koro\AppData\Roaming\DigitalSite
2013-08-01 20:03 - 2013-08-01 20:04 - 00717160 ____A C:\Users\Koro\Desktop\ZipOpenerSetup.exe
2013-08-01 19:48 - 2012-08-04 14:03 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-01 19:42 - 2012-08-04 13:17 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Skype
2013-08-01 19:41 - 2012-08-04 02:34 - 01351058 ____A C:\Windows\WindowsUpdate.log
2013-08-01 19:34 - 2012-08-04 02:54 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-01 18:39 - 2013-08-01 18:39 - 00001051 ____A C:\AdwCleaner[R13].txt
2013-08-01 18:37 - 2013-07-11 16:37 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-01 18:37 - 2013-07-11 16:36 - 00000000 ____D C:\Users\Koro\Desktop\mbar
2013-08-01 18:30 - 2013-08-01 18:30 - 00000991 ____A C:\AdwCleaner[R12].txt
2013-08-01 18:17 - 2012-08-04 13:18 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-01 17:49 - 2009-07-14 06:45 - 00013536 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 17:49 - 2009-07-14 06:45 - 00013536 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-01 17:42 - 2012-08-04 02:54 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 17:41 - 2013-07-03 23:20 - 00008691 ____A C:\Windows\setupact.log
2013-08-01 17:41 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-08-01 03:31 - 2013-07-28 01:38 - 00000000 ____D C:\Users\Koro\Downloads\PaintToolSAI
2013-08-01 03:03 - 2013-07-10 00:10 - 00004096 ____A C:\Windows\PFRO.log
2013-08-01 02:48 - 2013-08-01 02:48 - 00000340 ____A C:\Windows\LkmdfCoInst.log
2013-08-01 02:48 - 2012-08-04 23:00 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-08-01 02:11 - 2012-08-05 15:16 - 00000000 ____D C:\Users\Koro\AppData\Roaming\vlc
2013-08-01 02:03 - 2012-08-04 14:40 - 00000000 ____D C:\Users\Koro\AppData\Local\PMB Files
2013-08-01 01:04 - 2012-08-04 14:40 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-31 19:02 - 2012-08-26 01:53 - 00290184 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-31 19:02 - 2012-08-25 17:08 - 00290184 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-31 18:57 - 2012-08-25 17:08 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-31 18:56 - 2013-07-31 18:56 - 03820480 ____A C:\Users\Koro\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-31 18:56 - 2012-11-28 20:24 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-07-31 18:55 - 2012-11-28 15:37 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Origin
2013-07-31 18:55 - 2012-11-28 15:37 - 00000000 ____D C:\Users\Koro\AppData\Local\Origin
2013-07-31 18:54 - 2012-11-28 15:36 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-31 16:54 - 2012-08-07 18:24 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-07-31 01:13 - 2013-07-31 01:13 - 02347384 ____A (ESET) C:\Users\Koro\Downloads\esetsmartinstaller_deu.exe
2013-07-31 01:13 - 2013-07-31 01:13 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-31 01:05 - 2013-07-31 01:05 - 00666633 ____A C:\Users\Koro\Downloads\adwcleaner06.exe
2013-07-30 02:17 - 2013-02-04 02:38 - 00000000 ____D C:\Users\Koro\Desktop\All kinds of shitz
2013-07-30 00:07 - 2013-07-30 00:07 - 00000000 ____D C:\Users\Koro\Desktop\Taylor-Davis-Lara-de-Wit-Game-On-2-Player-Mode-Album
2013-07-28 23:37 - 2013-07-28 23:37 - 576525920 ____A C:\Windows\MEMORY.DMP
2013-07-28 23:37 - 2012-11-25 13:04 - 00000000 ____D C:\Windows\Minidump
2013-07-28 01:41 - 2013-07-28 01:41 - 00000827 ____A C:\Users\Koro\Desktop\sai - Verknüpfung.lnk
2013-07-27 21:54 - 2013-07-27 14:52 - 00000000 ____D C:\Users\Koro\Desktop\ZEICHNUNGEN SAI
2013-07-27 20:02 - 2013-07-27 20:02 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher
2013-07-27 19:11 - 2013-07-27 19:11 - 02339714 ____A C:\Users\Koro\Downloads\sai-1.1.0-ful-en.exe
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2013-07-27 14:20 - 2013-07-27 14:18 - 00000000 ____D C:\ProgramData\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00001107 ____A C:\Users\Public\Desktop\Bamboo Dock.lnk
2013-07-27 14:18 - 2013-07-27 14:18 - 00000002 ____A C:\Users\Koro\.bdockinstall.log
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Users\Koro\AppData\Roaming\WTablet
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files\Tablet
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2013-07-27 14:18 - 2012-08-04 02:40 - 00000000 ____D C:\users\Koro
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\Users\Koro\AppData\Roaming\SYSTEMAX Software Development
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2013-07-27 14:14 - 2013-07-27 14:14 - 02633921 ____A C:\Users\Koro\Downloads\PaintToolSAI.zip
2013-07-25 14:43 - 2013-07-25 14:43 - 00666633 ____A C:\Users\Koro\Desktop\AdwCleaner.exe
2013-07-22 00:53 - 2012-08-04 16:04 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\Documents\Arktos
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\CrashRpt
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\Arktos
2013-07-22 00:50 - 2012-08-26 01:52 - 00000000 ____D C:\Users\Koro\AppData\Local\PunkBuster
2013-07-22 00:49 - 2012-08-25 17:08 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-19 15:46 - 2013-07-19 15:46 - 00000000 ____D C:\Users\Koro\Desktop\OOR-KnjEffct
2013-07-19 00:24 - 2013-07-19 00:24 - 00000000 ____D C:\Users\Koro\Desktop\[2010.06.09] ONE OK ROCK - Niche Syndrome
2013-07-19 00:21 - 2013-07-19 00:21 - 00000000 ____D C:\Users\Koro\Desktop\ONE OK ROCK - JINSEI X BOKU =
2013-07-18 22:21 - 2013-07-18 22:21 - 00000220 ____A C:\Users\Koro\Desktop\Garry's Mod.url
2013-07-18 20:07 - 2012-08-04 16:04 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-18 19:32 - 2013-07-18 19:32 - 00000222 ____A C:\Users\Koro\Desktop\Infestation Survivor Stories.url
2013-07-17 18:49 - 2012-08-04 16:04 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-07-15 20:25 - 2013-07-15 20:22 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Natural Selection 2
2013-07-15 20:21 - 2013-07-12 16:02 - 00037252 ____A C:\Windows\DirectX.log
2013-07-15 19:48 - 2012-08-20 14:33 - 00000000 ____D C:\Users\Koro\AppData\Local\CrashDumps
2013-07-14 23:19 - 2012-08-04 15:05 - 00192000 __ASH C:\Users\Koro\Thumbs.db
2013-07-13 15:02 - 2013-07-13 15:02 - 00000221 ____A C:\Users\Koro\Desktop\Super Meat Boy.url
2013-07-12 15:14 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-12 02:10 - 2013-07-12 02:10 - 00000219 ____A C:\Users\Koro\Desktop\Counter-Strike Global Offensive.url
2013-07-12 01:35 - 2012-08-05 12:02 - 00000000 ____D C:\Users\Koro\Desktop\Wallpapers and animeshit
2013-07-11 16:33 - 2013-07-11 16:33 - 13399154 ____A C:\Users\Koro\Downloads\mbar-1.06.0.1004.zip
2013-07-11 14:24 - 2012-08-04 03:29 - 00000000 ____D C:\Windows\Panther
2013-07-11 04:51 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-11 04:51 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-11 03:05 - 2012-08-04 13:24 - 78185248 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-11 02:39 - 2013-05-18 15:12 - 00000000 ____D C:\Users\Koro\Desktop\Metro.Last.Light-RELOADED
2013-07-10 22:39 - 2013-07-04 14:50 - 00295424 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-10 22:38 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 15:36 - 2013-07-10 15:36 - 00000000 ____D C:\f7cfa77fce8d07497a5b946d169af797
2013-07-09 16:35 - 2013-07-03 15:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-09 16:33 - 2013-07-09 16:33 - 00161184 ____A C:\Users\Koro\Downloads\PFPortChecker.exe
2013-07-09 02:04 - 2013-07-09 02:04 - 00000220 ____A C:\Users\Koro\Desktop\Killing Floor.url
2013-07-05 15:31 - 2013-07-05 15:31 - 00000219 ____A C:\Users\Koro\Desktop\Left 4 Dead 2.url
2013-07-05 15:06 - 2013-07-05 15:06 - 00000000 ____D C:\Users\Koro\.idlerc
2013-07-05 13:56 - 2013-07-05 13:56 - 00000000 ____D C:\Python33
2013-07-05 13:55 - 2013-07-05 13:55 - 20774912 ____A C:\Users\Koro\Downloads\python-3.3.2.amd64.msi
2013-07-04 14:50 - 2012-08-04 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 23:20 - 2013-07-03 23:20 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 22:53 - 2013-07-03 22:53 - 00064024 ____A C:\Users\Koro\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-02 20:31 - 2012-11-28 15:36 - 00000000 ____D C:\ProgramData\Origin
==================== Bamital & volsnap Check =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Last Boot: 2013-07-23 01:18
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-06-2013 Ran by Koro at 2013-08-01 20:16:29 Run: Running from C:\Users\Koro\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= abgx360 v1.0.6 Adobe AIR (Version: 3.8.0.870) Adobe Flash Player 11 ActiveX (Version: 11.7.700.224) Adobe Flash Player 11 Plugin (Version: 11.7.700.224) Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03) AMD Accelerated Video Transcoding (Version: 12.5.100.21219) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Install Manager (Version: 8.0.903.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.71219.1540) Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.0.0) Assassin's Creed Revelations Assassin's Creed(R) III v1.03 (Version: 1.03) Avira Free Antivirus (Version: 12.1.9.2400) Awesomenauts Bamboo (Version: 5.3.0-3) Bamboo Dock (Version: 4.1) Bamboo Dock (Version: 4.1.0) Battlefield 3™ (Version: 1.4.0.0) Battlelog Web Plugins (Version: 2.1.7) BioShock Infinite Bluetooth Win7 Suite (64) (Version: 7.2.0.40) Borderlands 2 Call of Duty: Modern Warfare 3 - Multiplayer Canon LBP2900 Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center (Version: 2012.1219.1521.27485) Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485) Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485) Catalyst Control Center Localization All (Version: 2012.1219.1521.27485) CCC Help Chinese Standard (Version: 2012.1219.1520.27485) CCC Help Chinese Traditional (Version: 2012.1219.1520.27485) CCC Help Czech (Version: 2012.1219.1520.27485) CCC Help Danish (Version: 2012.1219.1520.27485) CCC Help Dutch (Version: 2012.1219.1520.27485) CCC Help English (Version: 2012.1219.1520.27485) CCC Help Finnish (Version: 2012.1219.1520.27485) CCC Help French (Version: 2012.1219.1520.27485) CCC Help German (Version: 2012.1219.1520.27485) CCC Help Greek (Version: 2012.1219.1520.27485) CCC Help Hungarian (Version: 2012.1219.1520.27485) CCC Help Italian (Version: 2012.1219.1520.27485) CCC Help Japanese (Version: 2012.1219.1520.27485) CCC Help Korean (Version: 2012.1219.1520.27485) CCC Help Norwegian (Version: 2012.1219.1520.27485) CCC Help Polish (Version: 2012.1219.1520.27485) CCC Help Portuguese (Version: 2012.1219.1520.27485) CCC Help Russian (Version: 2012.1219.1520.27485) CCC Help Spanish (Version: 2012.1219.1520.27485) CCC Help Swedish (Version: 2012.1219.1520.27485) CCC Help Thai (Version: 2012.1219.1520.27485) CCC Help Turkish (Version: 2012.1219.1520.27485) ccc-utility64 (Version: 2012.1219.1521.27485) CCleaner (Version: 3.25) Core Temp 1.0 RC4 (Version: 1.0) Counter-Strike: Global Offensive CPU-Control CPUID CPU-Z 1.62 Diablo III (Version: 1.0.6.13644) Eraser 6.0.10.2620 (Version: 6.0.2620) eReg (Version: 1.20.138.34) ESET Online Scanner v3 ESN Sonar (Version: 0.70.4) Fraps Futuremark SystemInfo (Version: 4.12.0) Garry's Mod Google Chrome (Version: 28.0.1500.72) Google Update Helper (Version: 1.3.21.153) Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0) Infestation: Survivor Stories Intel(R) Management Engine Components (Version: 7.0.0.1144) JDownloader 0.9 (Version: 0.9) Killing Floor League of Legends (Version: 1.3) Left 4 Dead 2 Little Fighter 2 version 2.0a (Version: version 2.0a) Logitech Gaming Software (Version: 8.40.83) Logitech Gaming Software 8.40 (Version: 8.40.83) Logitech SetPoint 6.32 (Version: 6.32.20) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) marvell 91xx driver (Version: 1.0.0.1051) Metro Last Light Update 1.0.0.2 Metro: Last Light (c) Deep Silver version 1 (Version: 1) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Mozilla Firefox 22.0 (x86 de) (Version: 22.0) Mozilla Maintenance Service (Version: 22.0) MSI Afterburner 2.3.1 (Version: 2.3.1) Natural Selection 2 NVIDIA PhysX (Version: 9.12.1031) OpenOffice.org 3.4 (Version: 3.4.9590) Origin (Version: 9.0.15.65) osu! (Version: 0.0.0.0) Pando Media Booster (Version: 2.6.0.8) PAYDAY: The Heist Portal 2 PS3 Media Server (Version: 1.82.0) PunkBuster Services (Version: 0.993) Python 3.3.2 (64-bit) (Version: 3.3.2150) Realtek Ethernet Controller Driver (Version: 7.37.1229.2010) Realtek High Definition Audio Driver (Version: 6.0.1.6235) RocketDock 1.3.5 S4 League_EU (Version: 1.00.0000) Saints Row: The Third Skype Click to Call (Version: 6.3.11079) Skype™ 6.5 (Version: 6.5.158) Smite (Version: 0.1.1069.0) StarCraft II (Version: 2.0.10.26585) Steam (Version: 1.0.0.0) Super Meat Boy Synthesia (remove only) TeamSpeak 3 Client (Version: 3.0.6) TeamViewer 8 (Version: 8.0.17396) The Binding of Isaac The Elder Scrolls V: Skyrim Tombraider Ubisoft Game Launcher (Version: 1.0.0.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Zip Opener Uplay (Version: 2.0) VLC media player 2.0.3 (Version: 2.0.3) WebTablet FB Plugin 32 bit (Version: 2.1.0.2) WebTablet FB Plugin 64 bit (Version: 2.1.0.2) WinRAR 4.20 (64-Bit) (Version: 4.20.0) XSplit (Version: 1.2.1303.0101) ==================== Restore Points ========================= 30-07-2013 11:56:48 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/01/2013 06:40:37 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/01/2013 06:40:36 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/01/2013 06:40:35 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/01/2013 06:24:08 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/01/2013 02:34:43 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/01/2013 02:32:50 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/31/2013 07:59:16 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/31/2013 02:57:25 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (07/31/2013 01:13:57 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/31/2013 01:13:57 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (08/01/2013 08:04:34 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error: (08/01/2013 08:04:33 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error: (08/01/2013 08:04:33 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error: (08/01/2013 08:04:32 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error: (08/01/2013 07:59:54 PM) (Source: Ntfs) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus. Error: (08/01/2013 07:54:32 PM) (Source: Ntfs) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus. Error: (08/01/2013 07:53:22 PM) (Source: Ntfs) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus. Error: (08/01/2013 07:53:22 PM) (Source: Ntfs) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus. Error: (08/01/2013 07:09:33 PM) (Source: Ntfs) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus. Error: (08/01/2013 07:05:06 PM) (Source: Ntfs) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus. Microsoft Office Sessions: ========================= Error: (08/01/2013 06:40:37 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Koro\Downloads\esetsmartinstaller_deu.exe Error: (08/01/2013 06:40:36 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Koro\Downloads\esetsmartinstaller_deu.exe Error: (08/01/2013 06:40:35 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Koro\Downloads\esetsmartinstaller_deu.exe Error: (08/01/2013 06:24:08 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Koro\Downloads\esetsmartinstaller_deu.exe Error: (08/01/2013 02:34:43 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (08/01/2013 02:32:50 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/31/2013 07:59:16 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/31/2013 02:57:25 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80004005 Error: (07/31/2013 01:13:57 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Koro\Downloads\esetsmartinstaller_deu.exe Error: (07/31/2013 01:13:57 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Koro\Downloads\esetsmartinstaller_deu.exe ==================== Memory info =========================== Percentage of memory in use: 38% Total physical RAM: 8168.76 MB Available physical RAM: 5002.98 MB Total Pagefile: 16335.71 MB Available Pagefile: 12653.96 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:120.15 GB) NTFS (Disk=0 Partition=2) Drive e: (FLASHPEN) (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT32 (Disk=1 Partition=1) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 689E7791) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 962 MB) (Disk ID: 01532A99) Partition 1: (Active) - (Size=962 MB) - (Type=0B) ==================== End Of Log ============================ |
|
02.08.2013, 10:53
| #4 |
| /// the machine /// TB-Ausbilder | Unerkannte Malware & CHKDSK Main.dbd fehler hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.08.2013, 13:53
| #5 |
| | Unerkannte Malware & CHKDSK Main.dbd fehler Hallo! Ich hab mich wieder an meinen Pc getraut,weil mir eingefallen ist,dass ich gestern meinen Pc manuell durchs drücken des Powerknopses runtergefahren habe und das, während ein Avirascan am laufen war. Das würde den CHKDSK fehler erklären,welcher mitterweile durch den Befehl CHDSK /F behoben wurde. Hatte daraufhin ESET noch mal laufen lassen, aber vergessen "delete founds" wegzuhacken. ESET LOG Code:
ATTFilter # cleaned=0
# scan_time=3537
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=733cb7944ba6ba45b27ef8f09135cc1d
# engine=14620
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-08-02 12:43:01
# local_time=2013-08-02 02:43:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 97 8404 240870671 1190 0
# compatibility_mode=5893 16776573 100 94 8376 127077231 0 0
# scanned=319686
# found=6
# cleaned=6
# scan_time=6704
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=261145D1AE47EE86F60E2A4B65A5FB3A56CD4057 ft=1 fh=ccde4a0ecc812467 vn="Variante von Win32/Bundled.Toolbar.Ask Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=5F5E0C72C9E734DA165D1E601AFDAEB5159DD8A2 ft=1 fh=aa41f5e031a1410e vn="Win32/DownWare.G Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Koro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LX4WZTUF\PFPortChecker3Offers_8007[1].exe"
sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Koro\AppData\Local\Temp\6EA73FF5-BAB0-7891-896C-165DBC7051CA\IEHelper.dll"
sh=D33706249F5A0FEB13159783AF387EC31618CAC0 ft=1 fh=f3f5a3825d793f44 vn="Win32/OpenCandy Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Koro\Downloads\FreemakeVideo22ConverterSetup.exe"
sh=B043FD92FC4B98389B29BAD46F09F98542BCE7F8 ft=1 fh=ef063d8661b1b3a3 vn="Win32/InstallMonetizer.AL Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Koro\Downloads\PFPortChecker.exe"
Code:
ATTFilter WIN32/InstallMonetizer.AL
Win32/Opencandy
Win32/Toolbar.Babylon
Win32/Downware.G
Variante von Win32/Bundled.Toolbar.Ask
Variante von Win32/Bundled.Toolbar.Ask
|
|
02.08.2013, 23:09
| #6 |
| /// the machine /// TB-Ausbilder | Unerkannte Malware & CHKDSK Main.dbd fehler Ja kannste löschen
__________________ --> Unerkannte Malware & CHKDSK Main.dbd fehler |
|
03.08.2013, 13:04
| #7 |
| | Unerkannte Malware & CHKDSK Main.dbd fehler Alles klar Combofix log Code:
ATTFilter ComboFix 13-08-01.01 - Koro 03.08.2013 13:54:12.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8169.6137 [GMT 2:00]
ausgeführt von:: c:\users\Koro\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\logs
c:\windows\SysWow64\logs\Game - R3d Logs\2013-02-02_19-43-33_r3dlog.txt
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-03 bis 2013-08-03 ))))))))))))))))))))))))))))))
.
.
2013-08-03 11:59 . 2013-08-03 11:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-03 11:58 . 2013-08-03 11:58 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F45D3272-8458-4B2D-AFEC-49865D94FA36}\offreg.dll
2013-08-02 10:23 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F45D3272-8458-4B2D-AFEC-49865D94FA36}\mpengine.dll
2013-08-01 18:16 . 2013-08-01 18:16 -------- d-----w- C:\FRST
2013-08-01 18:06 . 2013-08-01 18:06 -------- d-----w- c:\users\Koro\AppData\Roaming\DigitalSite
2013-07-30 23:13 . 2013-07-30 23:13 -------- d-----w- c:\program files (x86)\ESET
2013-07-27 18:02 . 2013-07-27 18:02 -------- d-----w- c:\users\Koro\AppData\Roaming\wacomid-desktop-launcher
2013-07-27 12:17 . 2013-07-27 12:17 -------- d-----w- c:\users\Koro\AppData\Roaming\SYSTEMAX Software Development
2013-07-27 12:17 . 2013-07-27 12:17 -------- d-----w- c:\programdata\SYSTEMAX Software Development
2013-07-21 22:50 . 2013-07-21 22:50 -------- d-----w- c:\users\Koro\AppData\Local\CrashRpt
2013-07-21 22:50 . 2013-07-21 22:50 -------- d-----w- c:\users\Koro\AppData\Local\Arktos
2013-07-15 18:22 . 2013-07-15 18:25 -------- d-----w- c:\users\Koro\AppData\Roaming\Natural Selection 2
2013-07-11 14:37 . 2013-08-01 16:37 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-10 13:36 . 2013-07-10 13:36 -------- d-----w- C:\f7cfa77fce8d07497a5b946d169af797
2013-07-05 13:06 . 2013-07-05 13:06 -------- d-----w- c:\users\Koro\.idlerc
2013-07-05 11:56 . 2013-07-05 11:56 -------- d-----w- C:\Python33
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-02 14:21 . 2012-08-04 21:00 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-07-31 17:02 . 2012-08-25 23:53 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-31 17:02 . 2012-08-25 15:08 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-31 16:57 . 2012-08-25 15:08 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-21 22:49 . 2012-08-25 15:08 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-07-11 01:05 . 2012-08-04 11:24 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-24 12:25 . 2013-06-24 12:25 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-24 12:25 . 2013-06-24 12:25 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-12 12:48 . 2012-08-04 12:03 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 12:48 . 2012-08-04 12:03 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 22:07 . 2013-05-15 22:07 3920384 ----a-w- c:\windows\system32\python33.dll
2013-05-15 22:06 . 2013-05-15 22:06 93696 ----a-w- c:\windows\py.exe
2013-05-15 22:06 . 2013-05-15 22:06 94208 ----a-w- c:\windows\pyw.exe
2013-05-13 05:51 . 2013-06-12 10:59 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 10:59 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 10:59 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 10:59 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 10:59 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 10:59 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 10:59 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 10:59 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 10:59 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 10:59 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 10:59 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 10:59 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 10:59 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Koro\AppData\Local\Temp\ALSysIO64.sys;c:\users\Koro\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 cpuz136;cpuz136;c:\users\Koro\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\Koro\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-02 10:33 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-04 12:48]
.
2013-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:54]
.
2013-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\
FF - prefs.js: browser.search.selectedEngine - LEO Eng-Deu
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-03 14:00:48
ComboFix-quarantined-files.txt 2013-08-03 12:00
.
Vor Suchlauf: 15 Verzeichnis(se), 128.063.287.296 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 128.259.334.144 Bytes frei
.
- - End Of File - - 843BBD9DD02BC83AF42F62F53629DD88
A36C5E4F47E84449FF07ED3517B43A31
|
|
04.08.2013, 09:29
| #8 |
| /// the machine /// TB-Ausbilder | Unerkannte Malware & CHKDSK Main.dbd fehler Supi, poste bitte ein frisches FRST log. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.08.2013, 13:27
| #9 |
| | Unerkannte Malware & CHKDSK Main.dbd fehler FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-08-2013
Ran by Koro (administrator) on 04-08-2013 14:23:12
Running from C:\Users\Koro\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CANON INC.) C:\Windows\system32\CNAB4RPD.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: No Name - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\foxmarks@kei.com
FF Extension: DownloadHelper - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: youtubeunblocker - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Koro\AppData\Roaming\Mozilla\Firefox\Profiles\gb4h1cbk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
Chrome:
=======
CHR DefaultSearchURL: (Delta Search) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Skype Click to Call) - C:\Users\Koro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-22] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-07-18] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-07-18] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-07-18] (Avira GmbH)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [43832 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 ALSysIO; \??\C:\Users\Koro\AppData\Local\Temp\ALSysIO64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\Users\Koro\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-03 20:59 - 2013-08-03 20:59 - 00000000 ____D C:\Users\Koro\AppData\Roaming\WTablet
2013-08-03 20:49 - 2013-08-03 20:49 - 38455200 _____ C:\Users\Koro\Downloads\cons532-1_int.exe
2013-08-03 20:49 - 2013-08-03 20:49 - 07434944 _____ C:\Users\Koro\Downloads\bamboo_setup_web0407final.exe
2013-08-03 14:00 - 2013-08-03 14:00 - 00020579 _____ C:\ComboFix.txt
2013-08-03 13:52 - 2013-08-03 14:00 - 00000000 ____D C:\Windows\erdnt
2013-08-03 13:52 - 2013-08-03 14:00 - 00000000 ____D C:\Qoobox
2013-08-03 13:52 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-03 13:52 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-03 13:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-03 13:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-03 13:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-03 13:52 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-03 13:52 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-03 13:52 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-02 16:13 - 2013-08-02 16:13 - 00001223 _____ C:\AdwCleaner[R15].txt
2013-08-02 15:49 - 2013-08-02 15:49 - 00001162 _____ C:\AdwCleaner[R14].txt
2013-08-02 13:59 - 2013-08-02 13:59 - 00560799 _____ (Oleg N. Scherbakov) C:\Users\Koro\Downloads\JRT.exe
2013-08-02 13:06 - 2013-08-02 13:06 - 00000054 _____ C:\Users\Koro\AppData\Roaming\WB.CFG
2013-08-02 13:06 - 2013-08-02 13:06 - 00000005 _____ C:\Users\Koro\AppData\Roaming\WBPU-TTL.DAT
2013-08-01 20:16 - 2013-08-01 20:16 - 00000000 ____D C:\FRST
2013-08-01 20:06 - 2013-08-01 20:06 - 00000000 ____D C:\Users\Koro\AppData\Roaming\DigitalSite
2013-08-01 18:39 - 2013-08-01 18:39 - 00001051 _____ C:\AdwCleaner[R13].txt
2013-08-01 18:30 - 2013-08-01 18:30 - 00000991 _____ C:\AdwCleaner[R12].txt
2013-08-01 02:48 - 2013-08-02 16:21 - 00000680 _____ C:\Windows\LkmdfCoInst.log
2013-07-31 18:56 - 2013-07-31 18:56 - 03820480 _____ C:\Users\Koro\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-31 01:13 - 2013-07-31 01:13 - 02347384 _____ (ESET) C:\Users\Koro\Downloads\esetsmartinstaller_deu.exe
2013-07-31 01:13 - 2013-07-31 01:13 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-31 01:05 - 2013-07-31 01:05 - 00666633 _____ C:\Users\Koro\Downloads\adwcleaner06.exe
2013-07-28 23:37 - 2013-07-28 23:37 - 576525920 _____ C:\Windows\MEMORY.DMP
2013-07-28 20:16 - 2013-08-04 13:28 - 00003018 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-07-28 01:41 - 2013-07-28 01:41 - 00000827 _____ C:\Users\Koro\Desktop\sai - Verknüpfung.lnk
2013-07-28 01:38 - 2013-08-04 04:30 - 00000000 ____D C:\Users\Koro\Downloads\PaintToolSAI
2013-07-27 20:02 - 2013-07-27 20:02 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher
2013-07-27 19:11 - 2013-07-27 19:11 - 02339714 _____ C:\Users\Koro\Downloads\sai-1.1.0-ful-en.exe
2013-07-27 14:52 - 2013-08-02 15:03 - 00000000 ____D C:\Users\Koro\Desktop\ZEICHNUNGEN SAI
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2013-07-27 14:18 - 2013-08-03 20:51 - 00000000 ____D C:\Program Files\Tablet
2013-07-27 14:18 - 2013-07-27 14:20 - 00000000 ____D C:\ProgramData\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00001107 _____ C:\Users\Public\Desktop\Bamboo Dock.lnk
2013-07-27 14:18 - 2013-07-27 14:18 - 00000002 _____ C:\Users\Koro\.bdockinstall.log
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2013-07-27 14:18 - 2012-12-11 13:07 - 01981312 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll
2013-07-27 14:18 - 2012-12-11 13:07 - 01974144 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Touch_Tablet.dll
2013-07-27 14:18 - 2012-12-11 13:07 - 01843584 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2013-07-27 14:18 - 2012-12-11 13:07 - 01840000 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2013-07-27 14:18 - 2012-12-11 13:07 - 01628544 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dll
2013-07-27 14:18 - 2012-12-11 13:07 - 01621888 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll
2013-07-27 14:18 - 2012-12-11 13:07 - 01509760 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-07-27 14:18 - 2012-12-11 13:07 - 01505664 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2013-07-27 14:18 - 2012-12-03 16:36 - 00081824 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2013-07-27 14:18 - 2012-12-03 16:36 - 00013728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2013-07-27 14:18 - 2012-11-15 09:41 - 00015776 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\Users\Koro\AppData\Roaming\SYSTEMAX Software Development
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2013-07-27 14:14 - 2013-07-27 14:14 - 02633921 _____ C:\Users\Koro\Downloads\PaintToolSAI.zip
2013-07-25 14:43 - 2013-07-25 14:43 - 00666633 _____ C:\Users\Koro\Desktop\AdwCleaner.exe
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\Documents\Arktos
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\CrashRpt
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\Arktos
2013-07-18 22:21 - 2013-07-18 22:21 - 00000220 _____ C:\Users\Koro\Desktop\Garry's Mod.url
2013-07-18 19:32 - 2013-07-18 19:32 - 00000222 _____ C:\Users\Koro\Desktop\Infestation Survivor Stories.url
2013-07-15 20:22 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Natural Selection 2
2013-07-13 15:02 - 2013-07-13 15:02 - 00000221 _____ C:\Users\Koro\Desktop\Super Meat Boy.url
2013-07-12 16:02 - 2013-07-15 20:21 - 00037252 _____ C:\Windows\DirectX.log
2013-07-12 02:10 - 2013-07-12 02:10 - 00000219 _____ C:\Users\Koro\Desktop\Counter-Strike Global Offensive.url
2013-07-11 16:37 - 2013-08-01 18:37 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-11 16:36 - 2013-08-01 18:37 - 00000000 ____D C:\Users\Koro\Desktop\mbar
2013-07-11 16:33 - 2013-07-11 16:33 - 13399154 _____ C:\Users\Koro\Downloads\mbar-1.06.0.1004.zip
2013-07-11 03:04 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 03:04 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 03:04 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 03:04 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 03:04 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 03:04 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 03:04 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 03:04 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 03:04 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 03:04 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 03:04 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 03:04 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 15:36 - 2013-07-10 15:36 - 00000000 ____D C:\f7cfa77fce8d07497a5b946d169af797
2013-07-10 13:04 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 13:04 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 13:04 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 13:04 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 13:04 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 13:04 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 13:04 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 00:10 - 2013-08-03 20:58 - 00004642 _____ C:\Windows\PFRO.log
2013-07-05 15:31 - 2013-08-02 15:03 - 00000219 _____ C:\Users\Koro\Desktop\Left 4 Dead 2.url
2013-07-05 15:06 - 2013-07-05 15:06 - 00000000 ____D C:\Users\Koro\.idlerc
2013-07-05 13:56 - 2013-07-05 13:56 - 00000000 ____D C:\Python33
2013-07-05 13:55 - 2013-07-05 13:55 - 20774912 _____ C:\Users\Koro\Downloads\python-3.3.2.amd64.msi
135
==================== One Month Modified Files and Folders =======
2013-08-04 14:22 - 2013-08-04 14:22 - 01781485 _____ (Farbar) C:\Users\Koro\Desktop\FRST64.exe
2013-08-04 14:18 - 2012-08-04 13:17 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Skype
2013-08-04 13:48 - 2012-08-04 14:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-04 13:33 - 2012-08-04 02:54 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-04 13:31 - 2009-07-14 06:45 - 00013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-04 13:31 - 2009-07-14 06:45 - 00013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-04 13:28 - 2013-07-28 20:16 - 00003018 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-08-04 13:28 - 2012-08-04 13:18 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-04 13:28 - 2012-08-04 02:54 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-04 13:23 - 2013-07-03 23:20 - 00010533 _____ C:\Windows\setupact.log
2013-08-04 13:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-04 12:54 - 2012-08-04 02:34 - 01614429 _____ C:\Windows\WindowsUpdate.log
2013-08-04 06:26 - 2012-08-04 14:40 - 00000000 ____D C:\Users\Koro\AppData\Local\PMB Files
2013-08-04 05:31 - 2012-08-04 14:40 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-04 04:59 - 2012-08-05 15:16 - 00000000 ____D C:\Users\Koro\AppData\Roaming\vlc
2013-08-04 04:30 - 2013-07-28 01:38 - 00000000 ____D C:\Users\Koro\Downloads\PaintToolSAI
2013-08-03 20:59 - 2013-08-03 20:59 - 00000000 ____D C:\Users\Koro\AppData\Roaming\WTablet
2013-08-03 20:58 - 2013-07-10 00:10 - 00004642 _____ C:\Windows\PFRO.log
2013-08-03 20:51 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files\Tablet
2013-08-03 20:49 - 2013-08-03 20:49 - 38455200 _____ C:\Users\Koro\Downloads\cons532-1_int.exe
2013-08-03 20:49 - 2013-08-03 20:49 - 07434944 _____ C:\Users\Koro\Downloads\bamboo_setup_web0407final.exe
2013-08-03 14:00 - 2013-08-03 14:00 - 00020579 _____ C:\ComboFix.txt
2013-08-03 14:00 - 2013-08-03 13:52 - 00000000 ____D C:\Windows\erdnt
2013-08-03 14:00 - 2013-08-03 13:52 - 00000000 ____D C:\Qoobox
2013-08-03 14:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-03 13:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-02 20:44 - 2009-07-14 19:58 - 00656044 _____ C:\Windows\system32\perfh007.dat
2013-08-02 20:44 - 2009-07-14 19:58 - 00130676 _____ C:\Windows\system32\perfc007.dat
2013-08-02 20:44 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-02 16:21 - 2013-08-01 02:48 - 00000680 _____ C:\Windows\LkmdfCoInst.log
2013-08-02 16:21 - 2012-08-04 23:00 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-02 16:13 - 2013-08-02 16:13 - 00001223 _____ C:\AdwCleaner[R15].txt
2013-08-02 15:49 - 2013-08-02 15:49 - 00001162 _____ C:\AdwCleaner[R14].txt
2013-08-02 15:05 - 2013-02-04 02:38 - 00000000 ____D C:\Users\Koro\Desktop\All kinds of shitz
2013-08-02 15:03 - 2013-07-27 14:52 - 00000000 ____D C:\Users\Koro\Desktop\ZEICHNUNGEN SAI
2013-08-02 15:03 - 2013-07-05 15:31 - 00000219 _____ C:\Users\Koro\Desktop\Left 4 Dead 2.url
2013-08-02 13:59 - 2013-08-02 13:59 - 00560799 _____ (Oleg N. Scherbakov) C:\Users\Koro\Downloads\JRT.exe
2013-08-02 13:06 - 2013-08-02 13:06 - 00000054 _____ C:\Users\Koro\AppData\Roaming\WB.CFG
2013-08-02 13:06 - 2013-08-02 13:06 - 00000005 _____ C:\Users\Koro\AppData\Roaming\WBPU-TTL.DAT
2013-08-01 20:16 - 2013-08-01 20:16 - 00000000 ____D C:\FRST
2013-08-01 20:06 - 2013-08-01 20:06 - 00000000 ____D C:\Users\Koro\AppData\Roaming\DigitalSite
2013-08-01 18:39 - 2013-08-01 18:39 - 00001051 _____ C:\AdwCleaner[R13].txt
2013-08-01 18:37 - 2013-07-11 16:37 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-01 18:37 - 2013-07-11 16:36 - 00000000 ____D C:\Users\Koro\Desktop\mbar
2013-08-01 18:30 - 2013-08-01 18:30 - 00000991 _____ C:\AdwCleaner[R12].txt
2013-07-31 19:02 - 2012-08-26 01:53 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-31 19:02 - 2012-08-25 17:08 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-31 18:57 - 2012-08-25 17:08 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-31 18:56 - 2013-07-31 18:56 - 03820480 _____ C:\Users\Koro\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-31 18:56 - 2012-11-28 20:24 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-07-31 18:55 - 2012-11-28 15:37 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Origin
2013-07-31 18:55 - 2012-11-28 15:37 - 00000000 ____D C:\Users\Koro\AppData\Local\Origin
2013-07-31 18:54 - 2012-11-28 15:36 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-31 16:54 - 2012-08-07 18:24 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-07-31 01:13 - 2013-07-31 01:13 - 02347384 _____ (ESET) C:\Users\Koro\Downloads\esetsmartinstaller_deu.exe
2013-07-31 01:13 - 2013-07-31 01:13 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-31 01:05 - 2013-07-31 01:05 - 00666633 _____ C:\Users\Koro\Downloads\adwcleaner06.exe
2013-07-28 23:37 - 2013-07-28 23:37 - 576525920 _____ C:\Windows\MEMORY.DMP
2013-07-28 23:37 - 2012-11-25 13:04 - 00000000 ____D C:\Windows\Minidump
2013-07-28 01:41 - 2013-07-28 01:41 - 00000827 _____ C:\Users\Koro\Desktop\sai - Verknüpfung.lnk
2013-07-27 20:02 - 2013-07-27 20:02 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher
2013-07-27 19:11 - 2013-07-27 19:11 - 02339714 _____ C:\Users\Koro\Downloads\sai-1.1.0-ful-en.exe
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-07-27 14:20 - 2013-07-27 14:20 - 00000000 ____D C:\Users\Koro\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2013-07-27 14:20 - 2013-07-27 14:18 - 00000000 ____D C:\ProgramData\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00001107 _____ C:\Users\Public\Desktop\Bamboo Dock.lnk
2013-07-27 14:18 - 2013-07-27 14:18 - 00000002 _____ C:\Users\Koro\.bdockinstall.log
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Wacom
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-27 14:18 - 2013-07-27 14:18 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2013-07-27 14:18 - 2012-08-04 02:40 - 00000000 ____D C:\Users\Koro
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\Users\Koro\AppData\Roaming\SYSTEMAX Software Development
2013-07-27 14:17 - 2013-07-27 14:17 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2013-07-27 14:14 - 2013-07-27 14:14 - 02633921 _____ C:\Users\Koro\Downloads\PaintToolSAI.zip
2013-07-25 14:43 - 2013-07-25 14:43 - 00666633 _____ C:\Users\Koro\Desktop\AdwCleaner.exe
2013-07-22 00:53 - 2012-08-04 16:04 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\Documents\Arktos
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\CrashRpt
2013-07-22 00:50 - 2013-07-22 00:50 - 00000000 ____D C:\Users\Koro\AppData\Local\Arktos
2013-07-22 00:50 - 2012-08-26 01:52 - 00000000 ____D C:\Users\Koro\AppData\Local\PunkBuster
2013-07-22 00:49 - 2012-08-25 17:08 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-18 22:21 - 2013-07-18 22:21 - 00000220 _____ C:\Users\Koro\Desktop\Garry's Mod.url
2013-07-18 22:21 - 2012-09-29 11:54 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-18 20:07 - 2012-08-04 16:04 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-18 19:32 - 2013-07-18 19:32 - 00000222 _____ C:\Users\Koro\Desktop\Infestation Survivor Stories.url
2013-07-17 18:49 - 2012-08-04 16:04 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-07-15 20:25 - 2013-07-15 20:22 - 00000000 ____D C:\Users\Koro\AppData\Roaming\Natural Selection 2
2013-07-15 20:21 - 2013-07-12 16:02 - 00037252 _____ C:\Windows\DirectX.log
2013-07-15 19:48 - 2012-08-20 14:33 - 00000000 ____D C:\Users\Koro\AppData\Local\CrashDumps
2013-07-14 23:19 - 2012-08-04 15:05 - 00192000 ___SH C:\Users\Koro\Thumbs.db
2013-07-13 15:02 - 2013-07-13 15:02 - 00000221 _____ C:\Users\Koro\Desktop\Super Meat Boy.url
2013-07-13 01:28 - 2012-08-04 02:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 01:28 - 2012-08-04 02:54 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 15:14 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-12 02:10 - 2013-07-12 02:10 - 00000219 _____ C:\Users\Koro\Desktop\Counter-Strike Global Offensive.url
2013-07-11 16:33 - 2013-07-11 16:33 - 13399154 _____ C:\Users\Koro\Downloads\mbar-1.06.0.1004.zip
2013-07-11 14:24 - 2012-08-04 03:29 - 00000000 ____D C:\Windows\Panther
2013-07-11 04:51 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-11 04:51 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-11 03:05 - 2012-08-04 13:24 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-10 22:39 - 2013-07-04 14:50 - 00295424 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-10 22:38 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 15:36 - 2013-07-10 15:36 - 00000000 ____D C:\f7cfa77fce8d07497a5b946d169af797
2013-07-09 16:35 - 2013-07-03 15:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-05 15:06 - 2013-07-05 15:06 - 00000000 ____D C:\Users\Koro\.idlerc
2013-07-05 13:56 - 2013-07-05 13:56 - 00000000 ____D C:\Python33
2013-07-05 13:55 - 2013-07-05 13:55 - 20774912 _____ C:\Users\Koro\Downloads\python-3.3.2.amd64.msi
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-02 21:21
==================== End Of Log ============================
--- --- --- Ja, Ich hab ehrlich gesagt noch das Problem das meine Maus sich ständing von alleine bewegt.. Selbst, wenn ich Tastatur und Maus vom Pc trenne bewegt sie sich wirr auf dem Bildschirm herum. Ansonsten, ist alles normal. Bedanke mich natürlich schon mal an dem Punkt Geändert von korox (04.08.2013 um 13:35 Uhr) |
|
05.08.2013, 07:24
| #10 |
| /// the machine /// TB-Ausbilder | Unerkannte Malware & CHKDSK Main.dbd fehler Downloade dir bitte Windows Repair (All In One) von hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Unerkannte Malware & CHKDSK Main.dbd fehler |
| adw cleaner, adware/installrex.gen, beim starten, chkdsk, combofix, detected, exp/cve-2013-1493.dc, fehlermeldung, internet browser, malwarebytes, mozilla, programme, registrierungsdatenbank, registry, suche, win32/bundled.toolbar.ask, win32/downware.g, win32/installmonetizer.al, win32/toolbar.babylon, win32/toolbar.babylon.e |
WARNUNG an die MITLESER: 
Hybrid-Darstellung
