| |
| |||||||
Log-Analyse und Auswertung: E-Mail Account versendet Spam-MailsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.08.2013, 18:47
| #1 |
| |  E-Mail Account versendet Spam-Mails Hallo liebes Forum, heute bekam ich die E-Mail von meinem Vater, das ich ihm Spam verschickt hätte und das schon das 2. Mal. Ich konnte in meinem Gesendet Postfach leider nichts davon vorfinden und bin auch absoluter Anfänger in Sache Viren, Rootkits etc. Was mir ebenfalls aufgefallen ist, ist das mein Google Chrome Browser seltsamerweise des öfteren ein leeres Graues Fenster öffnet das in der Mitte der Seite erscheint. Mit einem Adblocker kann ich diese Löschen aber ein verhindern ist nicht möglich. Ich habe nun einige Programm laufen lassen und poste euch nun die Logfiles. Hoffe mir kann jemand helfen! PS: Da ich Anfänger bin, bitte melden falls etwas fehlt! Danke Mfg Kai Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version 08-08-2013 02 Ran by Kai at 2013-08-09 143155 Running from CUsersKaiDownloads Boot Mode Normal ========================================================== ==================== Installed Programs ======================= Acrobat.com (x32 Version 0.0.0) Acrobat.com (x32 Version 1.1.377) Adblock IE 2.3 (Version 2.3.1756) Adobe AIR (x32 Version 1.0.4990) Adobe AIR (x32 Version 1.0.8.4990) Adobe Creative Cloud (x32 Version 2.0.2.189) Adobe Flash Player 11 ActiveX (x32 Version 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version 11.7.700.224) Adobe Photoshop CC (x32 Version 14.0) Adobe Reader XI (11.0.03) - Deutsch (x32 Version 11.0.03) Alien Swarm (x32) AMD OverDrive (x32 Version 4.2.6.0638) AMD USB Filter Driver (x32 Version 1.0.14.91) Apple Application Support (x32 Version 2.3.4) Apple Mobile Device Support (Version 6.1.0.13) Apple Software Update (x32 Version 2.1.3.127) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version 1.10.1.0) ASRock eXtreme Tuner v0.1.91 (x32) ASRock InstantBoot v1.28 (x32) ATI Catalyst Install Manager (Version 3.0.762.0) Avira Free Antivirus (x32 Version 13.0.0.3885) Bonjour (Version 3.0.0.10) Call of Duty Black Ops II - Multiplayer (x32) Call of Duty Black Ops II - Zombies (x32) Call of Duty Modern Warfare 3 - Multiplayer (x32) Call of Duty Modern Warfare 3 (x32) CameraHelperMsi (x32 Version 13.51.815.0) Counter-Strike Global Offensive (x32) Counter-Strike Source (x32) DAEMON Tools Lite (x32 Version 4.47.1.0333) Diablo III (x32 Version 1.0.8.16603) erLT (x32 Version 1.20.138.34) EVEREST Ultimate Edition v5.50 (x32 Version 5.50) Free YouTube Download version 3.2.5.628 (x32 Version 3.2.5.628) GameTracker Lite (x32) Google Chrome (x32 Version 28.0.1500.95) Google Chrome Frame (x32 Version 65.107.16500) Google Update Helper (x32 Version 1.3.21.153) Grand Theft Auto IV (x32) HTC Driver Installer (x32 Version 4.2.0.001) HTC Sync Manager (x32 Version 2.0.61.0) IPTInstaller (x32 Version 4.0.8) iTunes (Version 11.0.4.4) Java 7 Update 21 (64-bit) (Version 7.0.210) Java 7 Update 25 (x32 Version 7.0.250) Java Auto Updater (x32 Version 2.1.9.5) JDownloader 0.9 (x32 Version 0.9) League of Legends (x32 Version 1.3) LogicCircuit (x32 Version 1.9.0915) Logitech Gaming Software (Version 8.45.88) Logitech Gaming Software 8.46 (Version 8.46.27) Logitech Webcam-Software (x32 Version 2.51) LWS Facebook (x32 Version 13.50.854.0) LWS Gallery (x32 Version 13.51.827.0) LWS Help_main (x32 Version 13.51.828.0) LWS Launcher (x32 Version 13.51.828.0) LWS Motion Detection (x32 Version 13.51.815.0) LWS Pictures And Video (x32 Version 13.51.815.0) LWS Twitter (x32 Version 13.30.1346.0) LWS Webcam Software (x32 Version 13.51.815.0) LWS WLM Plugin (x32 Version 1.30.1201.0) LWS YouTube Plugin (x32 Version 13.31.1038.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version 4.0.30319) Microsoft .NET Framework 4 Extended (Version 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version 4.0.30319) Microsoft Application Error Reporting (Version 12.0.6015.5000) Microsoft Games for Windows - LIVE Redistributable (x32 Version 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version 3.5.50.0) Microsoft Silverlight (Version 5.1.20513.0) Microsoft Visual C++ 2005 Redistributable (x32 Version 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version 10.0.40219) Microsoft_VC80_CRT_x86 (x32 Version 8.0.50727.4053) Microsoft_VC90_CRT_x86 (x32 Version 1.00.0000) MSXML 4.0 SP2 (KB954430) (x32 Version 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version 4.20.9876.0) Nero 12 (x32 Version 12.5.01900) Nero Audio Pack 1 (x32 Version 11.0.11500.110.0) Nero BackItUp (x32 Version 12.5.1000) Nero BackItUp Help (CHM) (x32 Version 12.0.13000) Nero Blu-ray Player (x32 Version 12.0.20014) Nero Blu-ray Player Help (CHM) (x32 Version 12.0.9000) Nero Burning ROM (x32 Version 12.5.5001) Nero Burning ROM Help (CHM) (x32 Version 12.0.3000) Nero ControlCenter (x32 Version 11.0.15600) Nero ControlCenter Help (CHM) (x32 Version 12.0.12000) Nero Core Components (x32 Version 11.0.20200) Nero Disc Menus Basic (x32 Version 12.0.11500) Nero Effects Basic (x32 Version 12.0.11500) Nero Express (x32 Version 12.5.5002) Nero Express Help (CHM) (x32 Version 12.0.13000) Nero Kwik Media (x32 Version 1.18.20100) Nero Kwik Media Help (CHM) (x32 Version 12.0.12000) Nero Kwik Themes Basic (x32 Version 12.0.11500) Nero PiP Effects Basic (x32 Version 12.0.11500) Nero Recode (x32 Version 12.5.6000) Nero Recode Help (CHM) (x32 Version 12.0.12000) Nero RescueAgent (x32 Version 12.0.10002) Nero RescueAgent Help (CHM) (x32 Version 12.0.7000) Nero SharedVideoCodecs (x32 Version 1.0.12100.2.0) Nero Update (x32 Version 11.0.11800.31.0) Nero Video (x32 Version 12.5.2001) Nero Video Help (CHM) (x32 Version 12.0.12000) neroxml (x32 Version 1.0.0) NVIDIA 3D Vision Controller-Treiber 320.49 (Version 320.49) NVIDIA 3D Vision Treiber 320.49 (Version 320.49) NVIDIA GeForce Experience 1.6 (Version 1.6) NVIDIA Grafiktreiber 320.49 (Version 320.49) NVIDIA HD-Audiotreiber 1.3.24.2 (Version 1.3.24.2) NVIDIA Install Application (Version 2.1002.131.854) NVIDIA PhysX (x32 Version 9.13.0604) NVIDIA PhysX-Systemsoftware 9.13.0604 (Version 9.13.0604) NVIDIA Stereoscopic 3D Driver (x32 Version 7.17.13.2049) NVIDIA Systemsteuerung 320.49 (Version 320.49) NVIDIA Update 7.2.17 (Version 7.2.17) NVIDIA Update Components (Version 7.2.17) NVIDIA Virtual Audio 1.2.1 (Version 1.2.1) ock App Charger v1.0.5 OpenOffice.org 3.4.1 (x32 Version 3.41.9593) Origin (x32 Version 9.1.15.109) Pando Media Booster (x32 Version 2.6.0.9) PDF Settings CC (x32 Version 12.0) PiccShare (HKCU Version 2.0) Prerequisite installer (x32 Version 12.0.0003) Rage (x32) Realtek Ethernet Controller Driver (x32 Version 7.44.421.2011) Realtek High Definition Audio Driver (x32 Version 6.0.1.6378) SHIELD Streaming (Version 1.05.19) Skype™ 6.6 (x32 Version 6.6.106) Spybot - Search & Destroy (x32 Version 2.1.21) StarCraft II (x32 Version 2.0.8.25604) Steam (x32 Version 1.0.0.0) Team Fortress 2 (x32) TeamSpeak 3 Client (Version 3.0.10) THX TruStudio (x32 Version 1.00.01) TrueCrypt (x32 Version 7.1a) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version 1) VLC media player 2.0.7 (Version 2.0.7) Welcome App (Start-up experience) (x32 Version 12.0.15000) Winamp (x32 Version 5.7 Beta) Winamp Erkennungs-Plug-in (HKCU Version 1.0.0.1) Windows Live ID Sign-in Assistant (Version 6.500.3165.0) Windows Mobile Device Updater Component (Version 04.08.2345.00) WinRAR 4.20 (64-Bit) (Version 4.20.0) XFastUsb (x32) Zune (Version 04.08.2345.00) Zune Language Pack (CHS) (Version 04.08.2345.00) Zune Language Pack (CHT) (Version 04.08.2345.00) Zune Language Pack (CSY) (Version 04.08.2345.00) Zune Language Pack (DAN) (Version 04.08.2345.00) Zune Language Pack (DEU) (Version 04.08.2345.00) Zune Language Pack (ELL) (Version 04.08.2345.00) Zune Language Pack (ESP) (Version 04.08.2345.00) Zune Language Pack (FIN) (Version 04.08.2345.00) Zune Language Pack (FRA) (Version 04.08.2345.00) Zune Language Pack (HUN) (Version 04.08.2345.00) Zune Language Pack (IND) (Version 04.08.2345.00) Zune Language Pack (ITA) (Version 04.08.2345.00) Zune Language Pack (JPN) (Version 04.08.2345.00) Zune Language Pack (KOR) (Version 04.08.2345.00) Zune Language Pack (MSL) (Version 04.08.2345.00) Zune Language Pack (NLD) (Version 04.08.2345.00) Zune Language Pack (NOR) (Version 04.08.2345.00) Zune Language Pack (PLK) (Version 04.08.2345.00) Zune Language Pack (PTB) (Version 04.08.2345.00) Zune Language Pack (PTG) (Version 04.08.2345.00) Zune Language Pack (RUS) (Version 04.08.2345.00) Zune Language Pack (SVE) (Version 04.08.2345.00) ==================== Restore Points ========================= 26-07-2013 094453 Installed Nero 12. 27-07-2013 181254 Windows Update 08-08-2013 152603 Geplanter Prüfpunkt ==================== Hosts content ========================== 2009-07-14 0434 - 2009-06-10 2300 - 00000824 ____A CWindowssystem32Driversetchosts ==================== Scheduled Tasks (whitelisted) ============= Task {200F5894-D473-4BDC-856A-2C5C2624E4A9} - System32TasksMicrosoftWindowsMUILpksetup = CWindowsSystem32lpksetup.exe [2010-11-21] (Microsoft Corporation) Task {7100F970-2B8B-420E-A8E9-CC51E0F1CC72} - System32TasksSafer-NetworkingSpybot - Search and DestroyScan the system = CProgram Files (x86)Spybot - Search & Destroy 2SDScan.exe No File Task {97B0F082-8488-4A72-BE78-29976E302B55} - System32TasksGoogleUpdateTaskMachineCore = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2013-05-22] (Google Inc.) Task {BDA58606-C7E3-435C-BB58-5C839D96A28B} - System32TasksAdobeAAMUpdater-1.0-Kai-PC-Kai = CProgram Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated) Task {CCA2B57E-C49C-43D4-9F2F-FCD59FC1E610} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2013-05-22] (Google Inc.) Task {CDC6AC0C-F17F-44BD-B5E7-7997B1164873} - System32TasksSafer-NetworkingSpybot - Search and DestroyRefresh immunization = CProgram Files (x86)Spybot - Search & Destroy 2SDImmunize.exe No File Task {D005F59E-BE0F-4695-A732-2137537FD408} - System32TasksAdobe Flash Player Updater = CWindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated) Task {D5B0A1A7-529E-4460-9133-5DE821ECBAD1} - System32TasksSafer-NetworkingSpybot - Search and DestroyCheck for updates = CProgram Files (x86)Spybot - Search & Destroy 2SDUpdate.exe No File Task {EE7F45A1-12EC-47FA-ACD9-9C87A6A3FAD7} - System32TasksAppleAppleSoftwareUpdate = CProgram Files (x86)Apple Software UpdateSoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task CWindowsTasksAdobe Flash Player Updater.job = CWindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe Task CWindowsTasksGoogleUpdateTaskMachineCore.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe Task CWindowsTasksGoogleUpdateTaskMachineUA.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors ========================= Application errors ================== Error (08092013 014056 PM) (Source WinMgmt) (User ) Description .rootCIMV2SELECT FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage 990x80041003 Error (08092013 014022 PM) (Source NvStreamSvc) (User ) Description NvStreamSvcUnregistering VAD endpoint [0] Error (08092013 014020 PM) (Source NvStreamSvc) (User ) Description NvStreamSvcNvVAD endpoint registered successfully [0] Error (08082013 021633 PM) (Source SideBySide) (User ) Description Fehler beim Generieren des Aktivierungskontextes für assemblyIdentity1. Fehler in Manifest- oder Richtliniendatei assemblyIdentity2 in Zeile assemblyIdentity3. Der Wert MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR des version-Attributs im assemblyIdentity-Element ist ungültig. Error (08082013 113158 AM) (Source WinMgmt) (User ) Description .rootCIMV2SELECT FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage 990x80041003 Error (08082013 113133 AM) (Source NvStreamSvc) (User ) Description NvStreamSvcUnregistering VAD endpoint [0] Error (08082013 113129 AM) (Source NvStreamSvc) (User ) Description NvStreamSvcNvVAD endpoint registered successfully [0] Error (08072013 073620 PM) (Source Application Error) (User ) Description Name der fehlerhaften Anwendung daemonu.exe, Version 7.2.17.0, Zeitstempel 0x51f38419 Name des fehlerhaften Moduls ntdll.dll, Version 6.1.7601.17725, Zeitstempel 0x4ec49b8f Ausnahmecode 0xc0000374 Fehleroffset 0x000ce6c3 ID des fehlerhaften Prozesses 0x878 Startzeit der fehlerhaften Anwendung 0xdaemonu.exe0 Pfad der fehlerhaften Anwendung daemonu.exe1 Pfad des fehlerhaften Moduls daemonu.exe2 Berichtskennung daemonu.exe3 Error (08072013 010911 PM) (Source Bonjour Service) (User ) Description Task Scheduling Error m-NextScheduledSPRetry 5008 Error (08072013 010911 PM) (Source Bonjour Service) (User ) Description Task Scheduling Error m-NextScheduledEvent 5008 System errors ============= Error (08092013 014051 PM) (Source Service Control Manager) (User ) Description Der Dienst Spybot-S&D 2 Scanner Service wurde aufgrund folgenden Fehlers nicht gestartet %%1053 Error (08092013 014051 PM) (Source Service Control Manager) (User ) Description Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error (08072013 113715 PM) (Source DCOM) (User ) Description {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error (08072013 073621 PM) (Source Service Control Manager) (User ) Description Dienst NVIDIA Update Service Daemon wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error (08072013 103817 AM) (Source Service Control Manager) (User ) Description Der Dienst Spybot-S&D 2 Scanner Service wurde aufgrund folgenden Fehlers nicht gestartet %%1053 Error (08072013 103817 AM) (Source Service Control Manager) (User ) Description Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error (08062013 043153 PM) (Source DCOM) (User ) Description {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error (08042013 071936 PM) (Source Service Control Manager) (User ) Description Der Dienst Steam Client Service wurde aufgrund folgenden Fehlers nicht gestartet %%1053 Error (08042013 071936 PM) (Source Service Control Manager) (User ) Description Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error (07252013 090152 PM) (Source Disk) (User ) Description Der Treiber hat einen Controllerfehler auf DeviceHarddisk2DR4 gefunden. Microsoft Office Sessions ========================= Error (08092013 014056 PM) (Source WinMgmt)(User ) Description .rootCIMV2SELECT FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage 990x80041003 Error (08092013 014022 PM) (Source NvStreamSvc)(User ) Description NvStreamSvcUnregistering VAD endpoint [0] Error (08092013 014020 PM) (Source NvStreamSvc)(User ) Description NvStreamSvcNvVAD endpoint registered successfully [0] Error (08082013 021633 PM) (Source SideBySide)(User ) Description assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORCProgram Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR.dllCProgram Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR.dll3 Error (08082013 113158 AM) (Source WinMgmt)(User ) Description .rootCIMV2SELECT FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage 990x80041003 Error (08082013 113133 AM) (Source NvStreamSvc)(User ) Description NvStreamSvcUnregistering VAD endpoint [0] Error (08082013 113129 AM) (Source NvStreamSvc)(User ) Description NvStreamSvcNvVAD endpoint registered successfully [0] Error (08072013 073620 PM) (Source Application Error)(User ) Description daemonu.exe7.2.17.051f38419ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c387801ce934af664c95bCProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exeCWindowsSysWOW64ntdll.dllde68f364-ff87-11e2-a9ee-bc5ff477dfe1 Error (08072013 010911 PM) (Source Bonjour Service)(User ) Description Task Scheduling Error m-NextScheduledSPRetry 5008 Error (08072013 010911 PM) (Source Bonjour Service)(User ) Description Task Scheduling Error m-NextScheduledEvent 5008 CodeIntegrity Errors =================================== Date 2013-05-22 141057.571 Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2UsersKaiAppDataLocalTempEverestDriver.sys nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date 2013-05-22 141057.563 Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2UsersKaiAppDataLocalTempEverestDriver.sys nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date 2013-05-22 141057.162 Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2Program Files (x86)LavalysEVEREST Home Editionkerneld.amd64 nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date 2013-05-22 141057.157 Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2Program Files (x86)LavalysEVEREST Home Editionkerneld.amd64 nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use 36% Total physical RAM 8149.69 MB Available physical RAM 5163.69 MB Total Pagefile 16297.57 MB Available Pagefile 12509.56 MB Total Virtual 8192 MB Available Virtual 8191.82 MB ==================== Drives ================================ Drive c () (Fixed) (Total390.62 GB) (Free190.81 GB) NTFS (Disk=1 Partition=2) ==[Drive with boot components (obtained from BCD)] Drive d () (Fixed) (Total540.89 GB) (Free262.91 GB) NTFS (Disk=1 Partition=1) Drive f (Datenträger) (Fixed) (Total443.13 GB) (Free443 GB) NTFS (Disk=0 Partition=1) Drive h (Datenträger) (Fixed) (Total488.28 GB) (Free488.14 GB) NTFS (Disk=0 Partition=2) Drive j (Expansion Drive) (Fixed) (Total1863.01 GB) (Free1184.22 GB) NTFS (Disk=2 Partition=1) ==================== MBR & Partition Table ================== ======================================================== Disk 0 (MBR Code Windows 7 or 8) (Size 932 GB) (Disk ID 132CEDD9) Partition 1 (Active) - (Size=443 GB) - (Type=07 NTFS) Partition 2 (Not Active) - (Size=488 GB) - (Type=07 NTFS) ======================================================== Disk 1 (MBR Code Windows 7 or 8) (Size 932 GB) (Disk ID 7BAFA82D) Partition 1 (Not Active) - (Size=541 GB) - (Type=07 NTFS) Partition 2 (Active) - (Size=391 GB) - (Type=07 NTFS) ======================================================== Disk 2 (Size 1863 GB) (Disk ID 06215959) Partition 1 (Not Active) - (Size=-198626966528) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version 08-08-2013 02
Ran by Kai (administrator) on 09-08-2013 143011
Running from CUsersKaiDownloads
Windows 7 Professional Service Pack 1 (X64) OS Language German Standard
Internet Explorer Version 10
Boot Mode Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) CWindowssystem32nvvsvc.exe
(NVIDIA Corporation) CProgram Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopsched.exe
(NVIDIA Corporation) CProgram FilesNVIDIA CorporationDisplaynvxdsync.exe
(NVIDIA Corporation) CWindowssystem32nvvsvc.exe
(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopavguard.exe
(Apple Inc.) CProgram Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
(Apple Inc.) CProgram FilesBonjourmDNSResponder.exe
(ClanServers Hosting LLC) CProgram Files (x86)GameTrackerGSInGameService.exe
(Nero AG) CProgram Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe
(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe
(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembamservice.exe
(NVIDIA Corporation) CProgram FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
(NVIDIA Corporation) CProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
() CProgram Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe
(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembamgui.exe
(NVIDIA Corporation) CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreComUpdatus.exe
(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopavshadow.exe
(Realtek Semiconductor) CProgram FilesRealtekAudioHDARAVCpl64.exe
(NVIDIA Corporation) CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe
(NVIDIA Corporation) CProgram FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
(Google Inc.) CProgram Files (x86)GoogleUpdate1.3.21.153GoogleCrashHandler.exe
(Google Inc.) CProgram Files (x86)GoogleUpdate1.3.21.153GoogleCrashHandler64.exe
() CProgram Files (x86)HTCHTC Sync ManagerHTC Syncadb.exe
(NVIDIA Corporation) CProgram FilesNVIDIA CorporationDisplaynvtray.exe
(Microsoft Corporation) CProgram FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe
(Microsoft Corporation) CProgram FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe
(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe
(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareLCore.exe
(ClanServers Hosting LLC) CProgram Files (x86)GameTrackerGTLite.exe
(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopavgnt.exe
(Oracle Corporation) CProgram Files (x86)Common FilesJavaJava Updatejusched.exe
(Logitech Inc.) CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe
() CProgram Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe
(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe
(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDRSS.exe
(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDClock.exe
(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDPop3.exe
(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDCountdown.exe
(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDMedia.exe
(Nero AG) CProgram Files (x86)NeroUpdateNASvc.exe
(Adobe Systems Incorporated) CProgram Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe
(Valve Corporation) CProgram Files (x86)SteamSteam.exe
(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe
(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe
(Valve Corporation) CProgram Files (x86)Common FilesSteamSteamService.exe
(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe
(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe
(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe
(Avira Operations GmbH & Co. KG) Cprogram files (x86)aviraantivir desktopavscan.exe
(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembam.exe
() CUsersKaiDesktopDefogger.exe
==================== Registry (Whitelisted) ==================
HKLM...Run [RTHDVCPL] - CProgram FilesRealtekAudioHDARAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM...Run [Nvtmru] - CProgram Files (x86)NVIDIA CorporationNVIDIA Update Corenvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM...Run [Launch LCore] - CProgram FilesLogitech Gaming SoftwareLCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKCU...Run [ASRockXTU] - [x]
HKCU...Run [zASRockInstantBoot] - [x]
HKCU...Run [GameTracker] - CProgram Files (x86)GameTrackerGTLite.exe [4019992 2013-03-08] (ClanServers Hosting LLC)
MountPoints2 {48aa80dc-f786-11e2-ba6b-bc5ff477dfe1} - GHTC_Sync_Manager_PC.exe
MountPoints2 {5b535c8d-c2b3-11e2-8920-bc5ff477dfe1} - ILaunchU3.exe -a
MountPoints2 {9e576e33-f842-11e2-9f93-bc5ff477dfe1} - GHTC_Sync_Manager_PC.exe
HKLM-x32...Run [avgnt] - CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32...Run [SunJavaUpdateSched] - CProgram Files (x86)Common FilesJavaJava Updatejusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32...Run [APSDaemon] - CProgram Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32...Run [LWS] - CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32...Run [SDTray] - CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
AppInit_DLLs CPROGRA~1NVIDIA~1NVSTRE~1rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32 CPROGRA~2NVIDIA~1NVSTRE~1rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
BootExecute autocheck autochk sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = httpwww.dell.com
SearchScopes HKLM - DefaultScope value is missing.
SearchScopes HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = httpde.search.yahoo.comsearchp={searchTerms}&fr=chr-devicevm&type=ASRK
BHO Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - CProgram FilesMGTEKAdblock IEadblockie.dll (MGTEK)
BHO Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - CProgram FilesJavajre7binssv.dll (Oracle Corporation)
BHO Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - CProgram FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)
BHO Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - CProgram FilesJavajre7binjp2ssv.dll (Oracle Corporation)
BHO-x32 PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - CUsersKaiAppDataLocalext_piccshareext_piccshare.dll (HTTO Group, Ltd)
BHO-x32 Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - CProgram Files (x86)MGTEKAdblock IEadblockie.dll (MGTEK)
BHO-x32 Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - CProgram Files (x86)Javajre7binssv.dll (Oracle Corporation)
BHO-x32 Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - CProgram Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32 Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - CProgram Files (x86)Javajre7binjp2ssv.dll (Oracle Corporation)
BHO-x32 ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - CProgram Files (x86)GoogleChrome FrameApplication28.0.1500.95npchrome_frame.dll (Google Inc.)
Toolbar HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler-x32 gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - CProgram Files (x86)GoogleChrome FrameApplication28.0.1500.95npchrome_frame.dll (Google Inc.)
Handler-x32 skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CPROGRA~2COMMON~1SkypeSKYPE4~1.DLL (Skype Technologies)
TcpipParameters [DhcpNameServer] 192.168.2.1
Chrome
=======
CHR HomePage hxxpwww.google.com
CHR DefaultSearchURL (Google) - {googlebaseURL}searchq={searchTerms}&{googleRLZ}{googleoriginalQueryForSuggestion}{googleassistedQueryStats}{googlesearchFieldtrialParameter}{googlesearchClient}{googlesourceId}{googleinstantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL (Google) - {googlebaseSuggestURL}search{googlesearchFieldtrialParameter}client=chrome&q={searchTerms}&{googlecursorPosition}{googlezeroPrefixUrl}sugkey={googlesuggestAPIKeyParameter}
CHR Plugin (Shockwave Flash) - CProgram Files (x86)GoogleChromeApplication28.0.1500.95PepperFlashpepflashplayer.dll ()
CHR Plugin (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin (Native Client) - CProgram Files (x86)GoogleChromeApplication28.0.1500.95ppGoogleNaClPluginChrome.dll ()
CHR Plugin (Chrome PDF Viewer) - CProgram Files (x86)GoogleChromeApplication28.0.1500.95pdf.dll ()
CHR Plugin (Adobe Acrobat) - CProgram Files (x86)AdobeReader 11.0ReaderBrowsernppdf32.dll (Adobe Systems Inc.)
CHR Plugin (Nero Kwik Media Helper) - CPROGRA~2COMMON~1NeroBROWSE~1NPBROW~1.DLL (Nero AG)
CHR Plugin (AdobeAAMDetect) - CProgram Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin (Google Update) - CProgram Files (x86)GoogleUpdate1.3.21.153npGoogleUpdate3.dll (Google Inc.)
CHR Plugin (Java(TM) Platform SE 7 U25) - CProgram Files (x86)Javajre7binplugin2npjp2.dll (Oracle Corporation)
CHR Plugin (Silverlight Plug-In) - CProgram Files (x86)Microsoft Silverlight5.1.20513.0npctrl.dll ( Microsoft Corporation)
CHR Plugin (NVIDIA 3D Vision) - CProgram Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation)
CHR Plugin (NVIDIA 3D VISION) - CProgram Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin (Pando Web Plugin) - CProgram Files (x86)Pando NetworksMedia BoosternpPandoWebPlugin.dll (Pando Networks)
CHR Plugin (iTunes Application Detector) - CProgram Files (x86)iTunesMozilla Pluginsnpitunes.dll ()
CHR Plugin (Shockwave Flash) - CWindowsSysWOW64MacromedFlashNPSWF32_11_7_700_224.dll ()
CHR Plugin (Java Deployment Toolkit 7.0.250.16) - CWindowsSysWOW64npDeployJava1.dll (Oracle Corporation)
CHR Extension (Google Docs) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake0.5_0
CHR Extension (Google Drive) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0
CHR Extension (YouTube) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0
CHR Extension (Google Search) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf0.0.0.20_0
CHR Extension (PiccShare) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsdocfnddcclkgokdfpnmngpiliiachclb2.0_0
CHR Extension (OfferMosquito) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsgbmdkmlcnbapgegninelmjbfibaghdmk0.5_0
CHR Extension (Gmail) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_0
CHR StartMenuInternet Google Chrome - CProgram Files (x86)GoogleChromeApplicationchrome.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; CProgram Files (x86)AviraAntiVir Desktopsched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; CProgram Files (x86)AviraAntiVir Desktopavguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S4 AODService; CProgram Files (x86)AMDOverDriveAODAssist.exe [137096 2013-02-06] ()
R2 HTCMonitorService; CProgram Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 MBAMScheduler; CProgram Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; CProgram Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; CProgram FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PassThru Service; CProgram Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe [167424 2012-12-07] ()
R2 SDScannerService; CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; CProgram Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2.0; CProgram Files (x86)AMDOverDriveamd64AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)
R2 AODDriver4.2.0; CProgram Files (x86)AMDOverDriveamd64AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)
R2 avgntflt; CWindowsSystem32DRIVERSavgntflt.sys [100712 2013-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; CWindowsSystem32DRIVERSavipbb.sys [130016 2013-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; CWindowsSystem32DRIVERSavkmgr.sys [28600 2013-05-22] (Avira Operations GmbH & Co. KG)
S3 cleanhlp; CEEKRuncleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)
S3 cleanhlp; CEEKRuncleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)
R1 dtsoftbus01; CWindowsSystem32DRIVERSdtsoftbus01.sys [283200 2013-07-25] (DT Soft Ltd)
R3 FNETTBOH_305; CWindowsSystem32driversFNETTBOH_305.SYS [31808 2013-05-22] (FNet Co., Ltd.)
R1 FNETURPX; CWindowsSystem32driversFNETURPX.SYS [15936 2013-05-22] (FNet Co., Ltd.)
R3 MBAMProtector; CWindowssystem32driversmbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; CWindowssystem32driversmbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; CWindowsSystem32driversnvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-09 1429 - 2013-08-09 1429 - 00000468 _____ CUsersKaiDesktopdefogger_disable.log
2013-08-09 1428 - 2013-08-09 1428 - 00000000 _____ CUsersKaidefogger_reenable
2013-08-09 1427 - 2013-08-09 1427 - 00377856 _____ CUsersKaiDownloadsgmer_2.1.19163.exe
2013-08-09 1426 - 2013-08-09 1427 - 01790169 _____ (Farbar) CUsersKaiDownloadsFRST64.exe
2013-08-09 1426 - 2013-08-09 1425 - 00050477 _____ CUsersKaiDesktopDefogger.exe
2013-08-09 1425 - 2013-08-09 1425 - 00050477 _____ CUsersKaiDownloadsDefogger.exe
2013-08-07 2049 - 2013-08-07 2050 - 1138838405 _____ CUsersKaiDownloadsElysium2.rar
2013-08-07 1850 - 2013-08-07 1905 - 1425489052 _____ CUsersKaiDownloadsCryENGINE_PC_v3_4_5_6666_freesdk.zip
2013-08-07 1041 - 2013-08-07 1041 - 00002259 _____ CUsersPublicDesktopGoogle Chrome.lnk
2013-08-07 1038 - 2013-08-07 1046 - 00000000 ____D CProgramDataSpybot - Search & Destroy
2013-08-07 1038 - 2013-08-07 1038 - 00000000 ____D CWindowsSystem32TasksSafer-Networking
2013-08-07 1037 - 2013-08-07 1037 - 00001383 _____ CUsersPublicDesktopSpybot-S&D Start Center.lnk
2013-08-07 1037 - 2013-08-07 1037 - 00000000 ____D CProgram Files (x86)Spybot - Search & Destroy 2
2013-08-07 1037 - 2009-01-25 1314 - 00017272 _____ (Safer Networking Limited) CWindowssystem32sdnclean64.exe
2013-08-04 2008 - 2013-08-09 1341 - 00000000 ____D CUsersKaiAppDataRoamingGameTracker
2013-08-04 2008 - 2013-08-04 2008 - 00001020 _____ CUsersKaiDesktopGameTracker Lite.lnk
2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsGameTracker Lite
2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CProgram Files (x86)GameTracker
2013-08-04 1921 - 2013-08-04 1921 - 00000000 ____D CNvidiaLogging
2013-08-04 1919 - 2013-05-14 2128 - 00039712 _____ (NVIDIA Corporation) CWindowssystem32Driversnvvad64v.sys
2013-08-04 1919 - 2013-05-14 2127 - 00029984 _____ (NVIDIA Corporation) CWindowssystem32nvaudcap64v.dll
2013-08-04 1919 - 2013-05-14 2127 - 00028448 _____ (NVIDIA Corporation) CWindowsSysWOW64nvaudcap32v.dll
2013-07-29 1607 - 2013-08-09 1340 - 00000000 ____D CUsersKaiAppDataLocalHTC MediaHub
2013-07-29 1607 - 2013-07-29 1607 - 00002031 _____ CUsersPublicDesktopHTC Sync Manager.lnk
2013-07-29 1607 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataRoamingHTC Sync
2013-07-29 1603 - 2013-07-29 1603 - 00000005 _____ CWindowsSysWOW64lMMLDeleteUserData42107612FX.tmp
2013-07-29 1522 - 2013-07-29 1523 - 00000000 ____D CUsersKaiDesktopDavid Guetta - Nothing But The Beat
2013-07-28 2309 - 2013-07-28 2309 - 00003302 _____ CWindowsSystem32Tasks{E9E56819-4421-4B16-A380-71F0D5C648A5}
2013-07-28 2254 - 2013-07-28 2254 - 00000219 _____ CUsersKaiDesktopAlien Swarm.url
2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram FilesMicrosoft Silverlight
2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram Files (x86)Microsoft Silverlight
2013-07-28 2113 - 2013-07-28 2113 - 00000219 _____ CUsersKaiDesktopTeam Fortress 2.url
2013-07-28 1935 - 2013-07-28 1935 - 00000222 _____ CUsersKaiDesktopCall of Duty Black Ops II - Zombies.url
2013-07-28 1822 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataRoamingHTC
2013-07-28 1821 - 2013-07-28 1822 - 00000000 ____D CUsersKaiDocumentsHTC
2013-07-28 1821 - 2013-07-28 1821 - 00000000 ____D CProgramDataMotorola
2013-07-28 1820 - 2013-07-28 1820 - 00000000 ____D CProgram Files (x86)Spirent Communications
2013-07-28 1817 - 2013-07-29 1607 - 00000000 ____D CProgramDataHTC
2013-07-28 1817 - 2013-07-29 1607 - 00000000 ____D CProgram Files (x86)HTC
2013-07-28 1817 - 2009-11-02 1216 - 00033736 _____ (HTC, Corporation) CWindowssystem32DriversANDROIDUSB.sys
2013-07-28 1817 - 2009-06-09 1541 - 01122664 _____ (Microsoft Corporation) CWindowssystem32WdfCoInstaller01007.dll
2013-07-27 2013 - 2013-07-27 2013 - 00287600 _____ CWindowsmsxml4-KB954430-enu.LOG
2013-07-27 2013 - 2013-07-27 2013 - 00283814 _____ CWindowsmsxml4-KB973688-enu.LOG
2013-07-27 2013 - 2013-07-27 2013 - 00000000 ____D CProgram Files (x86)MSXML 4.0
2013-07-26 1922 - 2013-07-26 1922 - 00000000 ____D CUsersKaiAppDataLocalNero_AG
2013-07-26 1921 - 2013-07-26 1922 - 00000000 ____D CUsersKaiAppDataLocalNero
2013-07-26 1148 - 2013-07-26 1149 - 00000000 ____D CUsersKaiAppDataRoamingNero
2013-07-26 1147 - 2013-07-26 1147 - 00002797 _____ CUsersPublicDesktopNero Video 12.lnk
2013-07-26 1145 - 2013-07-26 1148 - 00000000 ____D CProgramDataNero
2013-07-26 1145 - 2013-07-26 1148 - 00000000 ____D CProgram Files (x86)Nero
2013-07-26 1127 - 2011-10-24 2126 - 00001524 _____ CUsersKaiDesktopBabyDevelop.lnk
2013-07-25 2129 - 2013-07-25 2130 - 00000000 ____D CProgram FilesTrueCrypt
2013-07-25 2129 - 2013-07-25 2129 - 00231376 _____ (TrueCrypt Foundation) CWindowssystem32Driverstruecrypt.sys
2013-07-25 2129 - 2013-07-25 2129 - 00000875 _____ CUsersPublicDesktopTrueCrypt.lnk
2013-07-25 2126 - 2013-07-25 2126 - 00000000 ____D CUsersKaiAppDataLocalLogicCircuit
2013-07-25 2125 - 2013-07-25 2125 - 00001506 _____ CUsersKaiDesktopLogicCircuit - Verknüpfung.lnk
2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsLogic Circuit
2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CProgram Files (x86)LogicCircuit
2013-07-25 2112 - 2013-07-25 2112 - 00000000 ____D Copt
2013-07-25 1449 - 2013-07-25 1449 - 00002056 _____ CUsersPublicDesktopRage.lnk
2013-07-25 1432 - 2013-07-25 1432 - 00000000 ____D CProgram Files (x86)Bethesda Softworks
2013-07-25 1431 - 2013-07-25 1431 - 00001954 _____ CUsersPublicDesktopDAEMON Tools Lite.lnk
2013-07-25 1430 - 2013-07-25 1432 - 00000000 ____D CUsersKaiAppDataRoamingDAEMON Tools Lite
2013-07-25 1430 - 2013-07-25 1432 - 00000000 ____D CProgramDataDAEMON Tools Lite
2013-07-25 1430 - 2013-07-25 1430 - 00283200 _____ (DT Soft Ltd) CWindowssystem32Driversdtsoftbus01.sys
2013-07-25 1430 - 2013-07-25 1430 - 00000000 ____D CProgram Files (x86)DAEMON Tools Lite
2013-07-25 1414 - 2013-07-25 1414 - 00000871 _____ CUsersPublicDesktopVLC media player.lnk
2013-07-25 1156 - 2013-08-09 1340 - 00012214 _____ CWindowssetupact.log
2013-07-25 1156 - 2013-07-25 1156 - 00000000 _____ CWindowssetuperr.log
2013-07-25 0954 - 2013-07-25 0954 - 00000000 ____D CWindowspss
2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CUsersKaiAppDataRoamingPDAppFlex
2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CProgramDataregid.1986-12.com.adobe
2013-07-24 1323 - 2013-07-24 1323 - 00000000 ____D CProgram FilesAdobe
2013-07-24 1316 - 2013-07-24 1323 - 00000000 ____D CProgram FilesCommon FilesAdobe
2013-07-24 1254 - 2013-07-24 1254 - 00003494 _____ CWindowsSystem32TasksAdobeAAMUpdater-1.0-Kai-PC-Kai
2013-07-24 1253 - 2013-07-24 1253 - 00001074 _____ CUsersPublicDesktopAdobe Creative Cloud.lnk
2013-07-24 1221 - 2013-07-24 1221 - 00000546 _____ CUsersKaiDesktopEmsisoft Emergency Kit.lnk
2013-07-24 1221 - 2013-07-24 1221 - 00000000 ____D CEEK
2013-07-23 1711 - 2013-07-23 1711 - 00000219 _____ CUsersKaiDesktopCounter-Strike Global Offensive.url
2013-07-22 1927 - 2013-07-22 1940 - 00000000 ____D CUsersKaiAppDataRoamingTrueCrypt
2013-07-22 1908 - 2013-07-22 1907 - 00666633 _____ CUsersKaiDesktopAdwCleaner.exe
2013-07-22 1537 - 2013-07-22 1537 - 00001113 _____ CUsersPublicDesktopMalwarebytes Anti-Malware.lnk
2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CUsersKaiAppDataRoamingMalwarebytes
2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgramDataMalwarebytes
2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgram Files (x86)Malwarebytes' Anti-Malware
2013-07-22 1537 - 2013-04-04 1450 - 00025928 _____ (Malwarebytes Corporation) CWindowssystem32Driversmbam.sys
2013-07-21 2030 - 2013-07-21 2030 - 00000000 ____D CUsersKaiAppDataRoamingSnz
2013-07-18 1915 - 2013-07-18 1915 - 00000000 ____D CUsersKaiDocumentsGames for Windows - LIVE Demos
2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CWindowsSysWOW64xlive
2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CProgram Files (x86)Microsoft Games for Windows - LIVE
2013-07-18 1907 - 2013-07-18 1907 - 00000000 ____D CUsersKaiDocumentsRockstar Games
2013-07-18 1848 - 2013-07-18 1848 - 00000000 __SHD CProgramDataSecuROM
2013-07-18 1845 - 2013-07-18 1845 - 00178800 _____ (Sony DADC Austria AG.) CWindowsSysWOW64CmdLineExt_x64.dll
2013-07-18 1845 - 2013-07-18 1845 - 00000000 __RHD CUsersKaiAppDataRoamingSecuROM
2013-07-18 1845 - 2013-07-18 1845 - 00000000 ____D CUsersKaiAppDataLocalRockstar Games
2013-07-12 1340 - 2013-07-12 1340 - 00000000 ____D CUsersKaiAppDataLocalDeutscheBahn
2013-07-11 2202 - 2013-06-12 0143 - 14329856 _____ (Microsoft Corporation) CWindowsSysWOW64mshtml.dll
2013-07-11 2202 - 2013-06-12 0143 - 02877440 _____ (Microsoft Corporation) CWindowsSysWOW64jscript9.dll
2013-07-11 2202 - 2013-06-12 0143 - 01767936 _____ (Microsoft Corporation) CWindowsSysWOW64wininet.dll
2013-07-11 2202 - 2013-06-12 0143 - 01141248 _____ (Microsoft Corporation) CWindowsSysWOW64urlmon.dll
2013-07-11 2202 - 2013-06-12 0143 - 00690688 _____ (Microsoft Corporation) CWindowsSysWOW64jscript.dll
2013-07-11 2202 - 2013-06-12 0143 - 00493056 _____ (Microsoft Corporation) CWindowsSysWOW64msfeeds.dll
2013-07-11 2202 - 2013-06-12 0143 - 00039424 _____ (Microsoft Corporation) CWindowsSysWOW64jsproxy.dll
2013-07-11 2202 - 2013-06-12 0142 - 13760512 _____ (Microsoft Corporation) CWindowsSysWOW64ieframe.dll
2013-07-11 2202 - 2013-06-12 0142 - 02046976 _____ (Microsoft Corporation) CWindowsSysWOW64iertutil.dll
2013-07-11 2202 - 2013-06-12 0142 - 00391168 _____ (Microsoft Corporation) CWindowsSysWOW64ieui.dll
2013-07-11 2202 - 2013-06-12 0142 - 00109056 _____ (Microsoft Corporation) CWindowsSysWOW64iesysprep.dll
2013-07-11 2202 - 2013-06-12 0142 - 00061440 _____ (Microsoft Corporation) CWindowsSysWOW64iesetup.dll
2013-07-11 2202 - 2013-06-12 0142 - 00033280 _____ (Microsoft Corporation) CWindowsSysWOW64iernonce.dll
2013-07-11 2202 - 2013-06-12 0126 - 02241024 _____ (Microsoft Corporation) CWindowssystem32wininet.dll
2013-07-11 2202 - 2013-06-12 0126 - 01365504 _____ (Microsoft Corporation) CWindowssystem32urlmon.dll
2013-07-11 2202 - 2013-06-12 0126 - 00051712 _____ (Microsoft Corporation) CWindowssystem32ie4uinit.exe
2013-07-11 2202 - 2013-06-12 0125 - 19238912 _____ (Microsoft Corporation) CWindowssystem32mshtml.dll
2013-07-11 2202 - 2013-06-12 0125 - 15404032 _____ (Microsoft Corporation) CWindowssystem32ieframe.dll
2013-07-11 2202 - 2013-06-12 0125 - 03958784 _____ (Microsoft Corporation) CWindowssystem32jscript9.dll
2013-07-11 2202 - 2013-06-12 0125 - 02648576 _____ (Microsoft Corporation) CWindowssystem32iertutil.dll
2013-07-11 2202 - 2013-06-12 0125 - 00855552 _____ (Microsoft Corporation) CWindowssystem32jscript.dll
2013-07-11 2202 - 2013-06-12 0125 - 00603136 _____ (Microsoft Corporation) CWindowssystem32msfeeds.dll
2013-07-11 2202 - 2013-06-12 0125 - 00526336 _____ (Microsoft Corporation) CWindowssystem32ieui.dll
2013-07-11 2202 - 2013-06-12 0125 - 00136704 _____ (Microsoft Corporation) CWindowssystem32iesysprep.dll
2013-07-11 2202 - 2013-06-12 0125 - 00067072 _____ (Microsoft Corporation) CWindowssystem32iesetup.dll
2013-07-11 2202 - 2013-06-12 0125 - 00053248 _____ (Microsoft Corporation) CWindowssystem32jsproxy.dll
2013-07-11 2202 - 2013-06-12 0125 - 00039936 _____ (Microsoft Corporation) CWindowssystem32iernonce.dll
2013-07-11 2202 - 2013-06-12 0051 - 00071680 _____ (Microsoft Corporation) CWindowsSysWOW64RegisterIEPKEYs.exe
2013-07-11 2202 - 2013-06-12 0050 - 00089600 _____ (Microsoft Corporation) CWindowssystem32RegisterIEPKEYs.exe
2013-07-11 2202 - 2013-06-07 0522 - 02706432 _____ (Microsoft Corporation) CWindowssystem32mshtml.tlb
2013-07-11 2202 - 2013-06-07 0437 - 02706432 _____ (Microsoft Corporation) CWindowsSysWOW64mshtml.tlb
2013-07-11 2139 - 2013-06-05 0534 - 03153920 _____ (Microsoft Corporation) CWindowssystem32win32k.sys
2013-07-11 2139 - 2013-06-04 0800 - 00624128 _____ (Microsoft Corporation) CWindowssystem32qedit.dll
2013-07-11 2139 - 2013-06-04 0653 - 00509440 _____ (Microsoft Corporation) CWindowsSysWOW64qedit.dll
2013-07-11 2139 - 2013-05-06 0803 - 01887744 _____ (Microsoft Corporation) CWindowssystem32WMVDECOD.DLL
2013-07-11 2139 - 2013-05-06 0656 - 01620480 _____ (Microsoft Corporation) CWindowsSysWOW64WMVDECOD.DLL
2013-07-11 2139 - 2013-04-10 0134 - 01247744 _____ (Microsoft Corporation) CWindowsSysWOW64DWrite.dll
2013-07-11 2139 - 2013-04-03 0051 - 01643520 _____ (Microsoft Corporation) CWindowssystem32DWrite.dll
2013-07-11 2102 - 2013-07-11 2102 - 00001306 _____ CUsersPublicDesktopFree YouTube Download.lnk
2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CUsersKaiAppDataRoamingDVDVideoSoft
2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CProgram Files (x86)DVDVideoSoft
==================== One Month Modified Files and Folders =======
2013-08-09 1430 - 2013-08-09 1430 - 00000000 ____D CFRST
2013-08-09 1429 - 2013-08-09 1429 - 00000468 _____ CUsersKaiDesktopdefogger_disable.log
2013-08-09 1428 - 2013-08-09 1428 - 00000000 _____ CUsersKaidefogger_reenable
2013-08-09 1428 - 2013-05-21 2355 - 00000000 ____D CUsersKai
2013-08-09 1427 - 2013-08-09 1427 - 00377856 _____ CUsersKaiDownloadsgmer_2.1.19163.exe
2013-08-09 1427 - 2013-08-09 1426 - 01790169 _____ (Farbar) CUsersKaiDownloadsFRST64.exe
2013-08-09 1425 - 2013-08-09 1426 - 00050477 _____ CUsersKaiDesktopDefogger.exe
2013-08-09 1425 - 2013-08-09 1425 - 00050477 _____ CUsersKaiDownloadsDefogger.exe
2013-08-09 1411 - 2013-05-22 0958 - 00000000 ____D CProgram Files (x86)Steam
2013-08-09 1408 - 2013-05-22 1552 - 00000884 _____ CWindowsTasksAdobe Flash Player Updater.job
2013-08-09 1350 - 2013-05-22 1831 - 00000000 ____D CUsersKaiAppDataLocalAdobe
2013-08-09 1348 - 2009-07-14 0645 - 00025680 ____H CWindowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-09 1348 - 2009-07-14 0645 - 00025680 ____H CWindowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-09 1346 - 2013-05-22 0947 - 00696620 _____ CWindowssystem32perfh007.dat
2013-08-09 1346 - 2013-05-22 0947 - 00147916 _____ CWindowssystem32perfc007.dat
2013-08-09 1346 - 2009-07-14 0713 - 01612484 _____ CWindowssystem32PerfStringBackup.INI
2013-08-09 1345 - 2013-05-22 0930 - 00001104 _____ CWindowsTasksGoogleUpdateTaskMachineUA.job
2013-08-09 1341 - 2013-08-04 2008 - 00000000 ____D CUsersKaiAppDataRoamingGameTracker
2013-08-09 1340 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataLocalHTC MediaHub
2013-08-09 1340 - 2013-07-25 1156 - 00012214 _____ CWindowssetupact.log
2013-08-09 1340 - 2013-05-22 0940 - 00000000 ____D CProgramDataNVIDIA
2013-08-09 1340 - 2013-05-22 0930 - 00001100 _____ CWindowsTasksGoogleUpdateTaskMachineCore.job
2013-08-09 1340 - 2009-07-14 0708 - 00000006 ____H CWindowsTasksSA.DAT
2013-08-08 1807 - 2013-05-21 2351 - 01158810 _____ CWindowsWindowsUpdate.log
2013-08-07 2337 - 2013-05-22 0937 - 00000000 ____D CUsersKaiAppDataRoamingSkype
2013-08-07 2323 - 2013-05-22 0947 - 00000000 ____D CUsersKaiAppDataLocalPMB Files
2013-08-07 2323 - 2013-05-22 0947 - 00000000 ____D CProgramDataPMB Files
2013-08-07 2050 - 2013-08-07 2049 - 1138838405 _____ CUsersKaiDownloadsElysium2.rar
2013-08-07 1936 - 2013-05-22 1945 - 00000000 ____D CUsersUpdatusUserAppDataLocalCrashDumps
2013-08-07 1905 - 2013-08-07 1850 - 1425489052 _____ CUsersKaiDownloadsCryENGINE_PC_v3_4_5_6666_freesdk.zip
2013-08-07 1048 - 2010-11-21 0547 - 00254788 _____ CWindowsPFRO.log
2013-08-07 1047 - 2013-07-08 2116 - 00000000 ____D CUsersKaiAppDataRoamingCommon
2013-08-07 1046 - 2013-08-07 1038 - 00000000 ____D CProgramDataSpybot - Search & Destroy
2013-08-07 1041 - 2013-08-07 1041 - 00002259 _____ CUsersPublicDesktopGoogle Chrome.lnk
2013-08-07 1041 - 2013-05-22 1110 - 00000000 ____D CProgram Files (x86)Mozilla Firefox
2013-08-07 1038 - 2013-08-07 1038 - 00000000 ____D CWindowsSystem32TasksSafer-Networking
2013-08-07 1037 - 2013-08-07 1037 - 00001383 _____ CUsersPublicDesktopSpybot-S&D Start Center.lnk
2013-08-07 1037 - 2013-08-07 1037 - 00000000 ____D CProgram Files (x86)Spybot - Search & Destroy 2
2013-08-04 2008 - 2013-08-04 2008 - 00001020 _____ CUsersKaiDesktopGameTracker Lite.lnk
2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsGameTracker Lite
2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CProgram Files (x86)GameTracker
2013-08-04 1921 - 2013-08-04 1921 - 00000000 ____D CNvidiaLogging
2013-08-04 1920 - 2013-05-22 0939 - 00000000 ____D CProgram FilesNVIDIA Corporation
2013-08-04 1920 - 2013-05-22 0939 - 00000000 ____D CProgram Files (x86)NVIDIA Corporation
2013-07-30 2333 - 2013-05-23 1501 - 00000000 ____D CUsersKaiAppDataRoamingvlc
2013-07-29 1844 - 2009-07-14 0645 - 04990416 _____ CWindowssystem32FNTCACHE.DAT
2013-07-29 1607 - 2013-07-29 1607 - 00002031 _____ CUsersPublicDesktopHTC Sync Manager.lnk
2013-07-29 1607 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataRoamingHTC Sync
2013-07-29 1607 - 2013-07-28 1822 - 00000000 ____D CUsersKaiAppDataRoamingHTC
2013-07-29 1607 - 2013-07-28 1817 - 00000000 ____D CProgramDataHTC
2013-07-29 1607 - 2013-07-28 1817 - 00000000 ____D CProgram Files (x86)HTC
2013-07-29 1607 - 2013-05-22 1321 - 00000000 ____D CUsersKaiAppDataLocalDownloaded Installations
2013-07-29 1607 - 2013-05-22 0930 - 00064792 _____ CUsersKaiAppDataLocalGDIPFONTCACHEV1.DAT
2013-07-29 1603 - 2013-07-29 1603 - 00000005 _____ CWindowsSysWOW64lMMLDeleteUserData42107612FX.tmp
2013-07-29 1523 - 2013-07-29 1522 - 00000000 ____D CUsersKaiDesktopDavid Guetta - Nothing But The Beat
2013-07-28 2309 - 2013-07-28 2309 - 00003302 _____ CWindowsSystem32Tasks{E9E56819-4421-4B16-A380-71F0D5C648A5}
2013-07-28 2254 - 2013-07-28 2254 - 00000219 _____ CUsersKaiDesktopAlien Swarm.url
2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram FilesMicrosoft Silverlight
2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram Files (x86)Microsoft Silverlight
2013-07-28 2113 - 2013-07-28 2113 - 00000219 _____ CUsersKaiDesktopTeam Fortress 2.url
2013-07-28 1935 - 2013-07-28 1935 - 00000222 _____ CUsersKaiDesktopCall of Duty Black Ops II - Zombies.url
2013-07-28 1822 - 2013-07-28 1821 - 00000000 ____D CUsersKaiDocumentsHTC
2013-07-28 1821 - 2013-07-28 1821 - 00000000 ____D CProgramDataMotorola
2013-07-28 1821 - 2013-05-23 1329 - 00000000 ____D CUsersKaiAppDataRoamingApple Computer
2013-07-28 1821 - 2013-05-23 1329 - 00000000 ____D CUsersKaiAppDataLocalApple Computer
2013-07-28 1820 - 2013-07-28 1820 - 00000000 ____D CProgram Files (x86)Spirent Communications
2013-07-28 1820 - 2013-05-22 0924 - 00035414 _____ CWindowsDPINST.LOG
2013-07-27 2013 - 2013-07-27 2013 - 00287600 _____ CWindowsmsxml4-KB954430-enu.LOG
2013-07-27 2013 - 2013-07-27 2013 - 00283814 _____ CWindowsmsxml4-KB973688-enu.LOG
2013-07-27 2013 - 2013-07-27 2013 - 00000000 ____D CProgram Files (x86)MSXML 4.0
2013-07-26 1922 - 2013-07-26 1922 - 00000000 ____D CUsersKaiAppDataLocalNero_AG
2013-07-26 1922 - 2013-07-26 1921 - 00000000 ____D CUsersKaiAppDataLocalNero
2013-07-26 1150 - 2013-05-22 0927 - 00000000 ____D CUsersKaiAppDataRoamingAdobe
2013-07-26 1149 - 2013-07-26 1148 - 00000000 ____D CUsersKaiAppDataRoamingNero
2013-07-26 1148 - 2013-07-26 1145 - 00000000 ____D CProgramDataNero
2013-07-26 1148 - 2013-07-26 1145 - 00000000 ____D CProgram Files (x86)Nero
2013-07-26 1148 - 2009-07-14 0520 - 00000000 ____D CWindowsCursors
2013-07-26 1147 - 2013-07-26 1147 - 00002797 _____ CUsersPublicDesktopNero Video 12.lnk
2013-07-25 2130 - 2013-07-25 2129 - 00000000 ____D CProgram FilesTrueCrypt
2013-07-25 2129 - 2013-07-25 2129 - 00231376 _____ (TrueCrypt Foundation) CWindowssystem32Driverstruecrypt.sys
2013-07-25 2129 - 2013-07-25 2129 - 00000875 _____ CUsersPublicDesktopTrueCrypt.lnk
2013-07-25 2126 - 2013-07-25 2126 - 00000000 ____D CUsersKaiAppDataLocalLogicCircuit
2013-07-25 2125 - 2013-07-25 2125 - 00001506 _____ CUsersKaiDesktopLogicCircuit - Verknüpfung.lnk
2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsLogic Circuit
2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CProgram Files (x86)LogicCircuit
2013-07-25 2112 - 2013-07-25 2112 - 00000000 ____D Copt
2013-07-25 1913 - 2013-06-23 1924 - 00000000 ____D CUsersKaiDesktopGfs Religion Sterbehilfe
2013-07-25 1651 - 2013-07-07 1703 - 00008788 _____ CUsersKaiDesktopSharePod.log
2013-07-25 1449 - 2013-07-25 1449 - 00002056 _____ CUsersPublicDesktopRage.lnk
2013-07-25 1432 - 2013-07-25 1432 - 00000000 ____D CProgram Files (x86)Bethesda Softworks
2013-07-25 1432 - 2013-07-25 1430 - 00000000 ____D CUsersKaiAppDataRoamingDAEMON Tools Lite
2013-07-25 1432 - 2013-07-25 1430 - 00000000 ____D CProgramDataDAEMON Tools Lite
2013-07-25 1431 - 2013-07-25 1431 - 00001954 _____ CUsersPublicDesktopDAEMON Tools Lite.lnk
2013-07-25 1430 - 2013-07-25 1430 - 00283200 _____ (DT Soft Ltd) CWindowssystem32Driversdtsoftbus01.sys
2013-07-25 1430 - 2013-07-25 1430 - 00000000 ____D CProgram Files (x86)DAEMON Tools Lite
2013-07-25 1414 - 2013-07-25 1414 - 00000871 _____ CUsersPublicDesktopVLC media player.lnk
2013-07-25 1156 - 2013-07-25 1156 - 00000000 _____ CWindowssetuperr.log
2013-07-25 0954 - 2013-07-25 0954 - 00000000 ____D CWindowspss
2013-07-25 0954 - 2013-05-21 2355 - 00000000 ___RD CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
2013-07-24 1453 - 2013-05-30 1238 - 00001708 _____ CUsersKaiDesktopPhotoshop - Verknüpfung.lnk
2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CUsersKaiAppDataRoamingPDAppFlex
2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CProgramDataregid.1986-12.com.adobe
2013-07-24 1323 - 2013-07-24 1323 - 00000000 ____D CProgram FilesAdobe
2013-07-24 1323 - 2013-07-24 1316 - 00000000 ____D CProgram FilesCommon FilesAdobe
2013-07-24 1318 - 2013-05-22 0927 - 00000000 ____D CProgram Files (x86)Adobe
2013-07-24 1316 - 2013-05-22 0927 - 00000000 ____D CProgramDataAdobe
2013-07-24 1254 - 2013-07-24 1254 - 00003494 _____ CWindowsSystem32TasksAdobeAAMUpdater-1.0-Kai-PC-Kai
2013-07-24 1253 - 2013-07-24 1253 - 00001074 _____ CUsersPublicDesktopAdobe Creative Cloud.lnk
2013-07-24 1235 - 2013-05-22 1030 - 00000000 ____D CUsersKaiAppDataLocalCrashDumps
2013-07-24 1221 - 2013-07-24 1221 - 00000546 _____ CUsersKaiDesktopEmsisoft Emergency Kit.lnk
2013-07-24 1221 - 2013-07-24 1221 - 00000000 ____D CEEK
2013-07-24 1207 - 2009-07-14 0520 - 00000000 ____D CWindowssystem32NDF
2013-07-23 1747 - 2013-05-22 1439 - 00062244 _____ CWindowsDirectX.log
2013-07-23 1711 - 2013-07-23 1711 - 00000219 _____ CUsersKaiDesktopCounter-Strike Global Offensive.url
2013-07-23 1640 - 2009-07-14 0520 - 00000000 ____D CWindowsregistration
2013-07-22 1940 - 2013-07-22 1927 - 00000000 ____D CUsersKaiAppDataRoamingTrueCrypt
2013-07-22 1907 - 2013-07-22 1908 - 00666633 _____ CUsersKaiDesktopAdwCleaner.exe
2013-07-22 1537 - 2013-07-22 1537 - 00001113 _____ CUsersPublicDesktopMalwarebytes Anti-Malware.lnk
2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CUsersKaiAppDataRoamingMalwarebytes
2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgramDataMalwarebytes
2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgram Files (x86)Malwarebytes' Anti-Malware
2013-07-21 2031 - 2013-07-08 2117 - 00000000 ____D CUsersKaiAppDataRoamingIntermediate
2013-07-21 2030 - 2013-07-21 2030 - 00000000 ____D CUsersKaiAppDataRoamingSnz
2013-07-18 1915 - 2013-07-18 1915 - 00000000 ____D CUsersKaiDocumentsGames for Windows - LIVE Demos
2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CWindowsSysWOW64xlive
2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CProgram Files (x86)Microsoft Games for Windows - LIVE
2013-07-18 1907 - 2013-07-18 1907 - 00000000 ____D CUsersKaiDocumentsRockstar Games
2013-07-18 1854 - 2009-07-14 0520 - 00000000 ____D CProgram FilesCommon FilesMicrosoft Shared
2013-07-18 1848 - 2013-07-18 1848 - 00000000 __SHD CProgramDataSecuROM
2013-07-18 1845 - 2013-07-18 1845 - 00178800 _____ (Sony DADC Austria AG.) CWindowsSysWOW64CmdLineExt_x64.dll
2013-07-18 1845 - 2013-07-18 1845 - 00000000 __RHD CUsersKaiAppDataRoamingSecuROM
2013-07-18 1845 - 2013-07-18 1845 - 00000000 ____D CUsersKaiAppDataLocalRockstar Games
2013-07-18 1540 - 2013-05-22 0930 - 00004100 _____ CWindowsSystem32TasksGoogleUpdateTaskMachineUA
2013-07-18 1540 - 2013-05-22 0930 - 00003848 _____ CWindowsSystem32TasksGoogleUpdateTaskMachineCore
2013-07-18 1518 - 2013-05-22 1128 - 00000000 ____D CProgram Files (x86)JDownloader
2013-07-18 1507 - 2013-05-22 0952 - 00001351 _____ CUsersPublicDesktopGeForce Experience.lnk
2013-07-18 1504 - 2013-05-22 0937 - 00000000 ___RD CProgram Files (x86)Skype
2013-07-18 1504 - 2013-05-22 0937 - 00000000 ____D CProgramDataSkype
2013-07-12 1340 - 2013-07-12 1340 - 00000000 ____D CUsersKaiAppDataLocalDeutscheBahn
2013-07-12 1338 - 2010-11-21 0917 - 00000000 ____D CProgram FilesWindows Journal
2013-07-12 1338 - 2009-07-14 0732 - 00000000 ____D CProgram FilesWindows Defender
2013-07-12 1338 - 2009-07-14 0732 - 00000000 ____D CProgram Files (x86)Windows Defender
2013-07-11 2203 - 2013-05-22 1756 - 78185248 _____ (Microsoft Corporation) CWindowssystem32MRT.exe
2013-07-11 2102 - 2013-07-11 2102 - 00001306 _____ CUsersPublicDesktopFree YouTube Download.lnk
2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CUsersKaiAppDataRoamingDVDVideoSoft
2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CProgram Files (x86)DVDVideoSoft
2013-07-11 0658 - 2013-05-22 1552 - 00692104 _____ (Adobe Systems Incorporated) CWindowsSysWOW64FlashPlayerApp.exe
2013-07-11 0658 - 2013-05-22 1552 - 00071048 _____ (Adobe Systems Incorporated) CWindowsSysWOW64FlashPlayerCPLApp.cpl
2013-07-11 0658 - 2013-05-22 1552 - 00003822 _____ CWindowsSystem32TasksAdobe Flash Player Updater
==================== Bamital & volsnap Check =================
CWindowsSystem32winlogon.exe = MD5 is legit
CWindowsSystem32wininit.exe = MD5 is legit
CWindowsSysWOW64wininit.exe = MD5 is legit
CWindowsexplorer.exe = MD5 is legit
CWindowsSysWOW64explorer.exe = MD5 is legit
CWindowsSystem32svchost.exe = MD5 is legit
CWindowsSysWOW64svchost.exe = MD5 is legit
CWindowsSystem32services.exe = MD5 is legit
CWindowsSystem32User32.dll = MD5 is legit
CWindowsSysWOW64User32.dll = MD5 is legit
CWindowsSystem32userinit.exe = MD5 is legit
CWindowsSysWOW64userinit.exe = MD5 is legit
CWindowsSystem32Driversvolsnap.sys = MD5 is legit
LastRegBack 2013-08-08 1414
==================== End Of Log ============================
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 1429 on 09082013 (Kai)
Checking for autostart values...
HKCU~Run values retrieved.
HKLM~Run values retrieved.
Checking for servicesdrivers...
-=E.O.F=-
Code:
ATTFilter GMER 2.1.19163 - httpwww.gmer.net
Rootkit scan 2013-08-09 145929
Windows 6.1.7601 Service Pack 1 x64 DeviceHarddisk1DR1 - DeviceIdeIdeDeviceP1T0L0-1 ST1000DM003-1CH162 rev.CC46 931,51GB
Running gmer_2.1.19163.exe; Driver CUsersKaiAppDataLocalTempuwldqpow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG CWindowssystem32ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800033b3000 4 bytes [CC, 05, ED, FF]
INITKDBG CWindowssystem32ntoskrnl.exe!ExDeleteNPagedLookasideList + 565 fffff800033b3005 12 bytes {MOV [RSP+0x28], RBX; LEA R12, [RSP+0x20]; JMP 0x22}
---- User code sections - GMER 2.1 ----
.text CProgram Files (x86)GameTrackerGSInGameService.exe[1180] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)GameTrackerGSInGameService.exe[1180] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe[2228] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe[2228] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe[2204] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe[2204] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe[3860] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe[3860] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe[3316] CWindowssyswow64psapi.dll!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe[3316] CWindowssyswow64psapi.dll!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)GameTrackerGTLite.exe[4668] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)GameTrackerGTLite.exe[4668] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe[4308] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe[4308] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe[4664] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe[4664] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe[4716] CWindowssyswow64psapi.dll!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe[4716] CWindowssyswow64psapi.dll!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram FilesLogitech Gaming SoftwareAppletsLCDMedia.exe[4928] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram FilesLogitech Gaming SoftwareAppletsLCDMedia.exe[4928] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
.text CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!FreeLibrary 00000000753534a8 5 bytes JMP 000000016efd2170
.text CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryExA 00000000753548fb 5 bytes JMP 000000016efd1fe0
.text CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryW 0000000075354913 5 bytes JMP 000000016efd1f20
.text CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryExW 0000000075354945 5 bytes JMP 000000016efd20a0
.text CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryA 00000000753549bf 5 bytes JMP 000000016efd1e70
.text CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64KERNELBASE.dll!HeapCreate 0000000076e9549c 5 bytes JMP 00000001000a0800
.text CProgram Files (x86)Common FilesSteamSteamService.exe[4900] CWindowssyswow64KERNELBASE.dll!HeapCreate 0000000076e9549c 5 bytes JMP 00000001001c0800
.text CProgram Files (x86)Common FilesSteamSteamService.exe[4900] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69 0000000075661465 2 bytes [66, 75]
.text CProgram Files (x86)Common FilesSteamSteamService.exe[4900] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155 00000000756614bb 2 bytes [66, 75]
.text ... 2
---- Processes - GMER 2.1 ----
Library CProgram Files (x86)AviraAntiVir Desktopsched.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 0000000000bf0000
Library CProgram Files (x86)AviraAntiVir Desktopgrdcore.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 0000000072a80000
Library cprogram files (x86)aviraantivir desktopcfglib.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 00000000723e0000
Library cprogram files (x86)aviraantivir desktopgpipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 00000000723a0000
Library cprogram files (x86)aviraantivir desktopgpgen.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 0000000072340000
Library cprogram files (x86)aviraantivir desktopgpschd.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 0000000072310000
Library CProgram Files (x86)AviraAntiVir Desktopavevtlog.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 0000000072250000
Library CProgram Files (x86)AviraAntiVir Desktopschedr.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 0000000072240000
Library CProgram Files (x86)AviraAntiVir Desktopsqlite3.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 00000000721d0000
Library CProgram Files (x86)AviraAntiVir Desktopavipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496] 00000000728c0000
Library CProgram Files (x86)AviraAntiVir Desktopavguard.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavguard.exe [1860] 0000000000b10000
Library CProgram Files (x86)AviraAntiVir Desktopavshadow.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavshadow.exe [1544] 000000013f560000
Library CProgram Files (x86)AviraAntiVir Desktopavipc64.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavshadow.exe [1544] 000007fef74c0000
Library CProgram Files (x86)AviraAntiVir Desktopavgnt.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000012b0000
Library CProgram Files (x86)AviraAntiVir Desktopccwkrlib.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073770000
Library cprogram files (x86)aviraantivir desktopcfglib.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000723e0000
Library cprogram files (x86)aviraantivir desktopccguard.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000736b0000
Library cprogram files (x86)aviraantivir desktopccgrdrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073d20000
Library cprogram files (x86)aviraantivir desktopccgrdw.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073730000
Library CProgram Files (x86)AviraAntiVir Desktopgrdcore.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000072a80000
Library cprogram files (x86)aviraantivir desktopgpipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000723a0000
Library CProgram Files (x86)AviraAntiVir Desktopavipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000728c0000
Library cprogram files (x86)aviraantivir desktopccwgrd.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000734a0000
Library cprogram files (x86)aviraantivir desktopccgen.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000730a0000
Library cprogram files (x86)aviraantivir desktopccgenrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073d30000
Library cprogram files (x86)aviraantivir desktopccupdate.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073410000
Library cprogram files (x86)aviraantivir desktopccupdrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073c80000
Library cprogram files (x86)aviraantivir desktopcclic.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073710000
Library cprogram files (x86)aviraantivir desktopcclicrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000733c0000
Library cprogram files (x86)aviraantivir desktopccmsg.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000072e90000
Library cprogram files (x86)aviraantivir desktopccmsgrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 0000000073840000
Library cprogram files (x86)aviraantivir desktopccmainrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 00000000736a0000
Library CProgram Files (x86)AviraAntiVir Desktopccupdw.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184] 000000006e030000
Library Cprogram files (x86)aviraantivir desktopavscan.exe ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000001200000
Library Cprogram files (x86)aviraantivir desktopavlode.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000068cd0000
Library Cprogram files (x86)aviraantivir desktopapcfile.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000069880000
Library Cprogram files (x86)aviraantivir desktoplibcurl.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000068c80000
Library Cprogram files (x86)aviraantivir desktopLIBEAY32.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000068720000
Library Cprogram files (x86)aviraantivir desktopSSLEAY32.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000068c30000
Library Cprogram files (x86)aviraantivir desktoplibaprutil-1.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006ee60000
Library Cprogram files (x86)aviraantivir desktoplibapriconv-1.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006ee50000
Library Cprogram files (x86)aviraantivir desktoplibapr-1.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006eec0000
Library Cprogram files (x86)aviraantivir desktopAVSCANRC.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006f860000
Library Cprogram files (x86)aviraantivir desktopAVWINLL.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006f6b0000
Library Cprogram files (x86)aviraantivir desktopLUKE.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006e530000
Library Cprogram files (x86)aviraantivir desktopExtDlgFw.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000069840000
Library Cprogram files (x86)aviraantivir desktopccwkrlib.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000073770000
Library cprogram files (x86)aviraantivir desktopcfglib.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 00000000723e0000
Library cprogram files (x86)aviraantivir desktopccavscanex.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000068bd0000
Library cprogram files (x86)aviraantivir desktopccavscanexrc.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006e080000
Library Cprogram files (x86)aviraantivir desktopAVREP.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 00000000696f0000
Library cprogram files (x86)aviraantivir desktopAVPREF.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071ed0000
Library cprogram files (x86)aviraantivir desktopaecore.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071e90000
Library cprogram files (x86)aviraantivir desktopaevdf.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071e70000
Library cprogram files (x86)aviraantivir desktopaescript.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071df0000
Library cprogram files (x86)aviraantivir desktopaescn.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071dc0000
Library cprogram files (x86)aviraantivir desktopaesbx.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071c90000
Library cprogram files (x86)aviraantivir desktopaerdl.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071be0000
Library cprogram files (x86)aviraantivir desktopaepack.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071b20000
Library cprogram files (x86)aviraantivir desktopaeoffice.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071ae0000
Library cprogram files (x86)aviraantivir desktopaeheur.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071500000
Library cprogram files (x86)aviraantivir desktopaehelp.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 00000000714b0000
Library cprogram files (x86)aviraantivir desktopaegen.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000071440000
Library cprogram files (x86)aviraantivir desktopaeexp.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 00000000713f0000
Library cprogram files (x86)aviraantivir desktopaeemu.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000010000000
Library cprogram files (x86)aviraantivir desktopaebb.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000000c60000
Library Cprogram files (x86)aviraantivir desktopavevtlog.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 0000000072250000
Library Cprogram files (x86)aviraantivir desktopsqlite3.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 00000000721d0000
Library Cprogram files (x86)aviraantivir desktopAVSCPLR.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006c640000
Library Cprogram files (x86)aviraantivir desktopAVREG.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 000000006fab0000
Library Cprogram files (x86)aviraantivir desktopavipc.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452] 00000000728c0000
---- EOF - GMER 2.1 ----
Code:
ATTFilter Emsisoft Anti-Malware - Version 8.0
Letztes Update 09.08.2013 153230
Benutzerkonto Kai-PCKai
Scan Einstellungen
Scan Methode Detail Scan
Objekte Rootkits, Speicher, Traces, C, D, F, H
Riskware-Erkennung Aus
Archiv Scan An
ADS Scan An
Dateitypen-Filter Aus
Erweitertes Caching An
Direkter Festplattenzugriff Aus
Scan Beginn 09.08.2013 161637
Gescannt 515635
Gefunden 0
Scan Ende 09.08.2013 174354
Scan Zeit 12717
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version v2013.07.22.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Kai KAI-PC [Administrator] Schutz Aktiviert 22.07.2013 161109 mbam-log-2013-07-22 (16-11-09).txt Art des Suchlaufs Vollständiger Suchlauf (CDFGH) Aktivierte Suchlaufeinstellungen Speicher Autostart Registrierung Dateisystem HeuristiksExtra HeuristiKsShuriken PUP PUM Deaktivierte Suchlaufeinstellungen P2P Durchsuchte Objekte 408410 Laufzeit 1 Stunde(n), 30 Sekunde(n) Infizierte Speicherprozesse 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Exportierte Ereignisse:
09.08.2013 19:35 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\File
System\000\t\00\00000002'
enthielt einen Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1e16f293.qua'
verschoben!
09.08.2013 19:23 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Avira\AntiVir
Desktop\TEMP\AVSCAN-20130809-181905-6072A14C\00000003-8D62B22E'
wurde ein Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
09.08.2013 19:23 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Avira\AntiVir
Desktop\TEMP\AVSCAN-20130809-181905-6072A14C\00000003-876E4D48'
wurde ein Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
09.08.2013 18:58 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Avira\AntiVir
Desktop\TEMP\AVSCAN-20130809-181905-6072A14C\00000002-4AED024B'
wurde ein Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
|
| Themen zu E-Mail Account versendet Spam-Mails |
| .com, antivirus, black, browser, e-mail, email account versendet spammails, emsisoft, error, explorer, farbar, farbar recovery scan tool, fehler, festplatte, flash player, google, home, homepage, ntdll.dll, offermosquito, photoshop, programm, registry, richtlinie, safer networking, scan, services.exe, software, spam, svchost.exe, traces, trojan, usb, viren, windows, öffnet |
Baum-Darstellung