Logs nach Beheben des QVO6

Humpestos · 19.08.2013, 10:16

Hi,

habe mir den QVO6 Virus eingefangen aber ADWCleaner, MBAM, ESET und Junk drüberlaufen lassen. Sind die Logs sauber?

FRST:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-08-2013 01
Ran by Deskrates (administrator) on 19-08-2013 11:01:39
Running from C:\Users\Deskrates\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Valve Corporation) E:\Steam\Steam.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
(CyberLink Corp.) E:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
(Spotify Ltd) C:\Users\Deskrates\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Deskrates\Downloads\Defogger.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKCU\...\Run: [Steam] - E:\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Deskrates\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\Deskrates\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [PC_GIZMOS] - "C:\Users\Deskrates\AppData\Roaming\PC-Gizmos\PC_170333.en_78.exe" --update [x]
MountPoints2: {32a849da-e7a8-11e2-bfdf-6c626dec0912} - "G:\LGAutoRun.exe" 
MountPoints2: {32a84bf3-e7a8-11e2-bfdf-6c626dec0912} - "G:\LGAutoRun.exe" 
MountPoints2: {51dca46d-a82d-11e2-bf19-6c626dec0912} - "H:\LGAutoRun.exe" 
MountPoints2: {52f6c208-b18d-11e2-bf38-6c626dec0912} - "G:\LGAutoRun.exe" 
MountPoints2: {52f6c29a-b18d-11e2-bf38-6c626dec0912} - "G:\LGAutoRun.exe" 
MountPoints2: {5727647c-618f-11e2-be7d-6c626dec0912} - "G:\LGAutoRun.exe" 
MountPoints2: {bd95065e-b0ce-11e2-bf35-6c626dec0912} - "G:\LGAutoRun.exe" 
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2011-08-22] (Creative Technology Ltd)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl9] - e:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)

==================== Internet (Whitelisted) ====================

ProxyServer: 203.115.81.196:80
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: 127.0.0.1 csmg.lgmobile.com
Tcpip\..\Interfaces\{B44C7FCC-9D2E-406F-A048-9FCC7FC587B9}: [NameServer]208.67.222.222 208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Deskrates\AppData\Roaming\Mozilla\Firefox\Profiles\tg0y080s.default
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "87.250.52.230"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "87.250.52.230"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.250.52.230"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "87.250.52.230"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - E:\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF Extension: No Name - C:\Users\Deskrates\AppData\Roaming\Mozilla\Firefox\Profiles\tg0y080s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

S2 CLKMSVC10_173EB256; e:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-08-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\system32\DRIVERS\lgandnetdiag264.sys [29696 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-05-14] (Google Inc)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-02-27] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-02-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-18] ()
R3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-18] ()
R1 UimBus; C:\Windows\System32\drivers\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 Andbus; \SystemRoot\System32\drivers\lgandbus64.sys [x]
S3 AndDiag; \SystemRoot\system32\DRIVERS\lganddiag64.sys [x]
S3 AndGps; \SystemRoot\system32\DRIVERS\lgandgps64.sys [x]
S3 ANDModem; \SystemRoot\system32\DRIVERS\lgandmodem64.sys [x]
S3 andnetndis; \SystemRoot\system32\DRIVERS\lgandnetndis64.sys [x]
S3 cpuz136; \??\C:\Users\DESKRA~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
S3 usbbus; \SystemRoot\System32\drivers\lgx64bus.sys [x]
S3 UsbDiag; \SystemRoot\system32\DRIVERS\lgx64diag.sys [x]
S3 USBModem; \SystemRoot\system32\DRIVERS\lgx64modem.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-19 10:59 - 2013-08-19 10:59 - 00000000 _____ C:\Users\Deskrates\defogger_reenable
2013-08-18 20:44 - 2013-08-18 20:44 - 01575812 _____ (Farbar) C:\Users\Deskrates\Downloads\FRST64.exe
2013-08-18 20:41 - 2013-08-18 20:41 - 00008474 _____ C:\Users\Deskrates\Desktop\asdassdf.log
2013-08-18 18:58 - 2013-08-18 18:58 - 00001392 _____ C:\Users\Deskrates\Desktop\JRT.txt
2013-08-18 18:50 - 2013-08-18 18:55 - 00019032 _____ C:\Windows\PFRO.log
2013-08-18 18:49 - 2013-08-18 18:49 - 00013113 _____ C:\AdwCleaner[R7].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00012490 _____ C:\AdwCleaner[S3].txt
2013-08-18 18:44 - 2013-08-18 18:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 18:42 - 2013-08-19 10:47 - 00000926 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-18 18:42 - 2013-08-18 18:42 - 00003898 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-08-18 18:42 - 2013-08-18 18:42 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Google
2013-08-18 18:36 - 2013-08-18 18:36 - 72385460 _____ C:\Users\Deskrates\Desktop\log2.pcapng
2013-08-18 18:34 - 2013-08-19 02:59 - 00001386 _____ C:\Users\Deskrates\Desktop\Windows installieren.lnk
2013-08-18 17:54 - 2013-08-18 17:56 - 00000000 ____D C:\Windows\system32\MRT
2013-08-18 17:26 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 17:26 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 17:26 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-18 17:25 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-18 17:25 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-18 17:25 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-18 17:25 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-18 17:25 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-18 17:25 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-18 17:25 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-18 17:25 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-18 17:25 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-18 17:25 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 17:25 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 17:25 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 17:25 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-18 17:25 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-18 17:25 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 17:25 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 17:25 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-18 17:25 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-18 17:25 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-18 17:25 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-18 17:22 - 2013-08-18 17:22 - 00035324 _____ C:\Users\Deskrates\Desktop\FRST.txt
2013-08-12 00:02 - 2013-08-19 03:09 - 00617285 _____ C:\Windows\WindowsUpdate.log
2013-08-11 23:52 - 2013-08-11 23:52 - 00307904 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-10 21:35 - 2013-08-10 21:35 - 00001261 _____ C:\AdwCleaner[R6].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001203 _____ C:\AdwCleaner[S2].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001140 _____ C:\AdwCleaner[R5].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001080 _____ C:\AdwCleaner[R4].txt
2013-08-10 21:32 - 2013-08-10 21:33 - 00001019 _____ C:\AdwCleaner[R3].txt
2013-08-10 21:31 - 2013-08-10 21:31 - 00000960 _____ C:\AdwCleaner[R2].txt
2013-08-10 19:38 - 2013-08-10 19:38 - 00020394 _____ C:\Users\Deskrates\Desktop\FRST.rar
2013-08-10 19:37 - 2013-08-18 17:22 - 00023741 _____ C:\Users\Deskrates\Desktop\Addition.txt
2013-08-10 19:35 - 2013-08-10 19:35 - 01790633 _____ (Farbar) C:\Users\Deskrates\Desktop\FRST64.exe
2013-08-10 19:32 - 2013-08-10 19:32 - 00000000 ____D C:\Windows\ERUNT
2013-08-10 19:27 - 2013-08-10 19:27 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Malwarebytes
2013-08-10 19:26 - 2013-08-10 19:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-10 19:26 - 2013-08-10 19:26 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-10 19:26 - 2013-08-10 19:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-10 19:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-10 19:14 - 2013-08-10 19:14 - 00003867 _____ C:\AdwCleaner[S1].txt
2013-08-10 19:14 - 2013-08-10 19:14 - 00000000 ____D C:\Users\Deskrates\Desktop\Neuer Ordner (10)
2013-08-10 19:13 - 2013-08-10 19:13 - 00004491 _____ C:\AdwCleaner[R1].txt
2013-08-10 18:54 - 2013-08-10 18:54 - 00377856 _____ C:\Users\Deskrates\Downloads\gmer_2.1.19163.exe
2013-08-10 18:52 - 2013-08-10 18:52 - 00000000 ____D C:\FRST
2013-08-10 18:50 - 2013-08-10 18:50 - 00050477 _____ C:\Users\Deskrates\Downloads\Defogger.exe
2013-08-10 17:58 - 2013-08-18 18:43 - 00000157 _____ C:\Users\Deskrates\AppData\Roaming\uninstall.bat
2013-08-09 02:45 - 2013-08-09 02:45 - 00000000 ____D C:\Users\Deskrates\Desktop\Für Deutschland 0221  37050193
2013-08-09 02:25 - 2013-08-09 02:25 - 00000919 _____ C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2013-08-06 12:36 - 2013-08-06 12:36 - 00000022 _____ C:\Users\Deskrates\Desktop\asdas.txt
2013-08-05 00:45 - 2013-08-05 00:45 - 02434856 _____ C:\Windows\SysWOW64\pbsvc_bc2.exe
2013-08-02 12:17 - 2013-08-02 12:17 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-01 18:41 - 2013-08-01 18:42 - 00000074 _____ C:\Users\Deskrates\Desktop\asdasdadasd.txt
2013-07-30 20:09 - 2013-07-30 20:09 - 00000436 _____ C:\Users\Deskrates\Desktop\asdasd.txt
2013-07-26 16:32 - 2013-07-26 16:42 - 00000000 ____D C:\Users\Deskrates\Documents\ArcaniA - Gothic 4
2013-07-23 21:59 - 2013-07-23 21:59 - 00000008 _____ C:\Users\Deskrates\Desktop\Neues Textdokument (2).txt
2013-07-22 20:47 - 2013-07-22 20:47 - 00000943 _____ C:\Users\Public\Desktop\GTA IV San Andreas.lnk
2013-07-22 14:35 - 2013-07-22 15:25 - 00000000 ____D C:\Users\Deskrates\Documents\Gothic3ForsakenGods
2013-07-22 02:13 - 2013-07-22 02:13 - 00000000 ____D C:\Users\Deskrates\Desktop\Abschluß 07
2013-07-21 21:24 - 2013-08-19 01:24 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Spotify
2013-07-21 21:12 - 2013-07-21 21:12 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-20 11:51 - 2013-07-20 22:57 - 00000074 _____ C:\Users\Deskrates\Desktop\bc.txt

==================== One Month Modified Files and Folders =======

2013-08-19 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-19 10:59 - 2013-08-19 10:59 - 00000480 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-19 10:59 - 2013-08-19 10:59 - 00000000 _____ C:\Users\Deskrates\defogger_reenable
2013-08-19 10:59 - 2012-12-25 02:36 - 00000000 ____D C:\Users\Deskrates
2013-08-19 10:47 - 2013-08-18 18:42 - 00000926 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-19 10:47 - 2012-12-25 05:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-19 10:29 - 2012-12-25 02:42 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2375759766-3280221063-1239557780-1001
2013-08-19 10:25 - 2012-12-25 02:41 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Spotify
2013-08-19 10:25 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2013-08-19 10:25 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2013-08-19 10:25 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-19 10:19 - 2013-01-29 01:07 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-19 10:19 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-19 03:21 - 2013-03-07 22:07 - 00003026 _____ C:\Windows\System32\Tasks\EVGAPrecision
2013-08-19 03:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-19 03:09 - 2013-08-12 00:02 - 00617285 _____ C:\Windows\WindowsUpdate.log
2013-08-19 02:59 - 2013-08-18 18:34 - 00001386 _____ C:\Users\Deskrates\Desktop\Windows installieren.lnk
2013-08-19 02:59 - 2013-04-20 14:15 - 00001388 _____ C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Windows installieren.lnk
2013-08-19 02:47 - 2012-12-25 02:56 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Skype
2013-08-19 02:10 - 2013-01-26 02:30 - 00007588 _____ C:\Users\DESKRA~1\AppData\Local\Resmon.ResmonCfg
2013-08-19 01:49 - 2013-03-15 11:00 - 00000000 ____D C:\Windows\rescache
2013-08-19 01:24 - 2013-07-21 21:24 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Spotify
2013-08-19 00:48 - 2013-01-04 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 21:04 - 2013-07-09 16:09 - 00001246 _____ C:\Users\Deskrates\Desktop\cports.cfg
2013-08-18 20:44 - 2013-08-18 20:44 - 01575812 _____ (Farbar) C:\Users\Deskrates\Downloads\FRST64.exe
2013-08-18 20:41 - 2013-08-18 20:41 - 00008474 _____ C:\Users\Deskrates\Desktop\asdassdf.log
2013-08-18 18:58 - 2013-08-18 18:58 - 00001392 _____ C:\Users\Deskrates\Desktop\JRT.txt
2013-08-18 18:55 - 2013-08-18 18:50 - 00019032 _____ C:\Windows\PFRO.log
2013-08-18 18:49 - 2013-08-18 18:49 - 00013113 _____ C:\AdwCleaner[R7].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00012490 _____ C:\AdwCleaner[S3].txt
2013-08-18 18:49 - 2013-01-04 06:17 - 00001053 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-18 18:49 - 2012-12-25 02:36 - 00001003 _____ C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-18 18:49 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-18 18:49 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-18 18:44 - 2013-08-18 18:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 18:43 - 2013-08-10 17:58 - 00000157 _____ C:\Users\Deskrates\AppData\Roaming\uninstall.bat
2013-08-18 18:42 - 2013-08-18 18:42 - 00003898 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-08-18 18:42 - 2013-08-18 18:42 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Google
2013-08-18 18:36 - 2013-08-18 18:36 - 72385460 _____ C:\Users\Deskrates\Desktop\log2.pcapng
2013-08-18 17:56 - 2013-08-18 17:54 - 00000000 ____D C:\Windows\system32\MRT
2013-08-18 17:54 - 2012-12-26 05:52 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-18 17:26 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-18 17:22 - 2013-08-18 17:22 - 00035324 _____ C:\Users\Deskrates\Desktop\FRST.txt
2013-08-18 17:22 - 2013-08-10 19:37 - 00023741 _____ C:\Users\Deskrates\Desktop\Addition.txt
2013-08-11 23:52 - 2013-08-11 23:52 - 00307904 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-11 23:52 - 2012-12-25 07:20 - 03613696 ___SH C:\Users\Deskrates\Desktop\Thumbs.db
2013-08-11 15:46 - 2013-01-12 03:45 - 01616384 ___SH C:\Users\Deskrates\Downloads\Thumbs.db
2013-08-11 02:38 - 2013-02-24 00:20 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-11 02:38 - 2012-12-25 07:00 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-11 02:11 - 2012-12-25 02:48 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-10 21:35 - 2013-08-10 21:35 - 00001261 _____ C:\AdwCleaner[R6].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001203 _____ C:\AdwCleaner[S2].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001140 _____ C:\AdwCleaner[R5].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001080 _____ C:\AdwCleaner[R4].txt
2013-08-10 21:33 - 2013-08-10 21:32 - 00001019 _____ C:\AdwCleaner[R3].txt
2013-08-10 21:31 - 2013-08-10 21:31 - 00000960 _____ C:\AdwCleaner[R2].txt
2013-08-10 20:25 - 2012-12-31 01:06 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\vlc
2013-08-10 19:38 - 2013-08-10 19:38 - 00020394 _____ C:\Users\Deskrates\Desktop\FRST.rar
2013-08-10 19:35 - 2013-08-10 19:35 - 01790633 _____ (Farbar) C:\Users\Deskrates\Desktop\FRST64.exe
2013-08-10 19:32 - 2013-08-10 19:32 - 00000000 ____D C:\Windows\ERUNT
2013-08-10 19:27 - 2013-08-10 19:27 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Malwarebytes
2013-08-10 19:27 - 2013-08-10 19:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-10 19:26 - 2013-08-10 19:26 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-10 19:26 - 2013-08-10 19:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-10 19:25 - 2012-12-25 02:53 - 00000000 ____D C:\Program Files (x86)\EVGA Precision X
2013-08-10 19:24 - 2013-03-08 20:33 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
2013-08-10 19:24 - 2012-12-25 02:53 - 00001092 _____ C:\Users\Deskrates\Desktop\EVGA Precision X.lnk
2013-08-10 19:14 - 2013-08-10 19:14 - 00003867 _____ C:\AdwCleaner[S1].txt
2013-08-10 19:14 - 2013-08-10 19:14 - 00000000 ____D C:\Users\Deskrates\Desktop\Neuer Ordner (10)
2013-08-10 19:13 - 2013-08-10 19:13 - 00004491 _____ C:\AdwCleaner[R1].txt
2013-08-10 18:54 - 2013-08-10 18:54 - 00377856 _____ C:\Users\Deskrates\Downloads\gmer_2.1.19163.exe
2013-08-10 18:52 - 2013-08-10 18:52 - 00000000 ____D C:\FRST
2013-08-10 18:50 - 2013-08-10 18:50 - 00050477 _____ C:\Users\Deskrates\Downloads\Defogger.exe
2013-08-09 02:45 - 2013-08-09 02:45 - 00000000 ____D C:\Users\Deskrates\Desktop\Für Deutschland 0221  37050193
2013-08-09 02:25 - 2013-08-09 02:25 - 00000919 _____ C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2013-08-09 02:25 - 2012-12-25 02:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-06 12:36 - 2013-08-06 12:36 - 00000022 _____ C:\Users\Deskrates\Desktop\asdas.txt
2013-08-05 01:11 - 2012-12-25 06:10 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-05 01:06 - 2013-02-24 00:20 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-05 01:06 - 2012-12-25 07:00 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\PunkBuster
2013-08-05 00:45 - 2013-08-05 00:45 - 02434856 _____ C:\Windows\SysWOW64\pbsvc_bc2.exe
2013-08-05 00:15 - 2012-12-25 02:49 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Origin
2013-08-05 00:15 - 2012-12-25 02:49 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Origin
2013-08-04 17:21 - 2013-02-27 03:37 - 00002301 _____ C:\Users\Public\Desktop\LG 3D Game - TriDef 3D.lnk
2013-08-04 17:21 - 2013-02-27 03:36 - 00000000 ____D C:\Program Files (x86)\TriDef 3D
2013-08-02 12:17 - 2013-08-02 12:17 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-01 18:42 - 2013-08-01 18:41 - 00000074 _____ C:\Users\Deskrates\Desktop\asdasdadasd.txt
2013-08-01 01:11 - 2013-01-20 09:22 - 00002413 _____ C:\Windows\SysWOW64\lgAxconfig.ini
2013-08-01 01:09 - 2013-04-07 03:23 - 00000831 _____ C:\Users\Deskrates\Desktop\LGMobile Support Tool.lnk
2013-08-01 01:09 - 2013-01-20 09:22 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-07-31 20:20 - 2013-05-26 17:24 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-31 20:20 - 2013-05-26 17:24 - 00000000 ____D C:\ProgramData\Skype
2013-07-30 20:09 - 2013-07-30 20:09 - 00000436 _____ C:\Users\Deskrates\Desktop\asdasd.txt
2013-07-26 16:42 - 2013-07-26 16:32 - 00000000 ____D C:\Users\Deskrates\Documents\ArcaniA - Gothic 4
2013-07-26 07:13 - 2013-08-18 17:25 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-18 17:25 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-18 17:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-18 17:25 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-18 17:25 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:13 - 2013-08-18 17:25 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-18 17:25 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-18 17:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-18 17:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 02:54 - 2013-08-18 17:25 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-23 21:59 - 2013-07-23 21:59 - 00000008 _____ C:\Users\Deskrates\Desktop\Neues Textdokument (2).txt
2013-07-23 12:24 - 2012-12-25 05:55 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Rockstar Games
2013-07-22 20:47 - 2013-07-22 20:47 - 00000943 _____ C:\Users\Public\Desktop\GTA IV San Andreas.lnk
2013-07-22 15:25 - 2013-07-22 14:35 - 00000000 ____D C:\Users\Deskrates\Documents\Gothic3ForsakenGods
2013-07-22 12:23 - 2012-12-25 03:07 - 00000000 ____D C:\Users\Deskrates\Documents\my games
2013-07-22 02:13 - 2013-07-22 02:13 - 00000000 ____D C:\Users\Deskrates\Desktop\Abschluß 07
2013-07-21 21:14 - 2012-12-25 04:16 - 00000000 ____D C:\Users\Deskrates\Documents\EA Games
2013-07-21 21:12 - 2013-07-21 21:12 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-21 03:12 - 2013-02-19 02:42 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Windows Live
2013-07-20 22:57 - 2013-07-20 11:51 - 00000074 _____ C:\Users\Deskrates\Desktop\bc.txt

Files to move or delete:
====================
C:\ProgramData\hash.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-11 12:11

==================== End Of Log ============================

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-08-2013 01
Ran by Deskrates at 2013-08-19 11:02:09
Running from C:\Users\Deskrates\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
ANNO 1404 - Gold Edition (x32 Version: 3.10.0000)
ArcaniA – Gothic 4 (x32)
Assassin’s Creed® III (x32)
Batman: Arkham Asylum GOTY Edition (x32)
Battlefield 3™ (x32 Version: 1.5.0.0)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BioShock Infinite (x32)
Borderlands 2 (x32)
Call of Juarez Gunslinger (x32)
Counter-Strike: Source (x32)
Creative Audio-Systemsteuerung (x32 Version: 2.00)
Creative Software AutoUpdate (x32 Version: 1.40)
Creative Sound Blaster Properties x64 Edition (x32)
Crysis (x32)
Crysis® 2 (x32 Version: 1.0.0.0)
Crysis®3 (x32 Version: 1.0.0.0)
CrystalDiskInfo 5.3.1 (x32 Version: 5.3.1)
CrystalDiskMark 3.0.2c (Version: 3.0.2c)
Curse Client (HKCU Version: 5.1.1.792)
CyberLink PowerDVD 9 (x32 Version: 9.0.4322.52)
D3DX10 (x32 Version: 15.4.2368.0902)
Dark Souls: Prepare to Die Edition (x32)
DC Universe Online Live (HKCU)
Dead Rising 2 (x32 Version: 1.0.0000.130)
Dead Rising 2: Off The Record (x32 Version: 1.0.0001.131)
Dead Rising 2: OTR (x32 Version: 1.0.0000.131)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Diablo III (x32 Version: 1.0.8.16603)
Die Sims™ 3 (x32 Version: 1.55.4)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101)
Die Sims™ 3 Late Night (x32 Version: 6.0.81)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87)
Die Sims™ 3 Wildes Studentenleben (x32 Version: 18.0.126)
DiRT 3 (x32)
DmC Devil May Cry (x32)
Dual-Core Optimizer (x32 Version: 1.1.4.0169)
eaner (Version: 3.27)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
EVGA OC Scanner X 2.2.2 (x32)
EVGA Precision X 4.2.1 (x32 Version: 4.2.1)
Far Cry 3 (x32 Version: 1.05)
Far Cry 3 Blood Dragon (x32 Version: 1.01)
FIFA 11 (x32 Version: 1.0.0.0)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fraps (remove only) (x32)
Google Update Helper (x32 Version: 1.3.23.0)
Gothic 3 Forsaken Gods Enhanced Edition (x32)
GrabIt 1.7.2 Beta 6 (build 1008) (x32)
Grand Theft Auto IV (x32)
Grand Theft Auto: Episodes from Liberty City (x32)
GTA IV: San Andreas (x32 Version: 0.5.4.0)
Harry Potter und die Heiligtümer des Todes™ - Teil 1 (x32 Version: 1.0.0.0)
HD Tune 2.55 (x32)
HD Tune Pro 5.00 (x32)
Hitman: Absolution (x32)
Hotline Miami (x32)
ImgBurn (x32 Version: 2.5.7.0)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Kane & Lynch 2: Dog Days (x32)
LG United Mobile Driver (x32 Version: 3.10.1.0)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Max Payne 2 DE (x32)
Max Payne 3 (x32 Version: 1.0.0.0)
Metro: Last Light (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Primary Interoperability Assemblies 2010 (x32 Version: 10.0.30319)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
MKVToolNix 6.3.0 (x32 Version: 6.3.0)
Monkey Island 2: Special Edition (x32)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
NVIDIA 3D Vision Controller-Treiber 320.14 (Version: 320.14)
NVIDIA 3D Vision Treiber 320.14 (Version: 320.14)
NVIDIA Grafiktreiber 320.14 (Version: 320.14)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.122.791)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2014)
NVIDIA Systemsteuerung 320.14 (Version: 320.14)
NVIDIA Update 1.14.17 (Version: 1.14.17)
NVIDIA Update Components (Version: 1.14.17)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.1.3.2637)
Paragon Backup & Recovery™ 2013 Free (x32 Version: 90.00.0003)
Photo Gallery (x32 Version: 16.4.3505.0912)
PS3Splitter version 1.1.5.2 (x32 Version: 1.1.5.2)
PunkBuster Services (x32 Version: 0.988)
RAGE (x32)
Resident Evil 6 version 1 (x32 Version: 1)
Risen 2 - Dark Waters (x32)
Rockstar Games Social Club (x32 Version: 1.1.0.6)
SeaTools for Windows (x32 Version: 1.2.0.7)
Serious Sam 3: BFE (x32)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.7 (x32 Version: 6.7.102)
Sleeping Dogs™ (x32)
SpeedFan (remove only) (x32)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Steam (x32 Version: 1.0.0.0)
STREET FIGHTER IV (x32 Version: 1.00.3013)
The Elder Scrolls V: Skyrim (x32)
The Witcher 2: Assassins of Kings Enhanced Edition (x32)
Tomb Raider (x32)
Torchlight II (x32)
TrackMania² Stadium (x32)
TreeSize Free V2.7 (x32 Version: 2.7)
TriDef 3D Games (LG 3D Monitor/TV) 1.8.5 (x32 Version: 1.8.5)
Trillian (x32)
Two Worlds II (x32 Version: 1.0.0)
Uplay (x32 Version: 2.0)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wireshark 1.8.4 (64-bit) (x32 Version: 1.8.4)
World of Warcraft (x32 Version: 5.3.0.17128)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (x32)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

==================== Restore Points  =========================

18-08-2013 21:13:54 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-08-18 20:34 - 00000853 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 csmg.lgmobile.com

==================== Scheduled Tasks (whitelisted) =============

Task: {003D0DEA-F997-4EC3-A746-2AF02F84BC60} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {03B6EAD0-E174-450B-8B33-D0C748040386} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {0422C002-AC67-41C3-82FA-E256AE0C3A8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated)
Task: {058315BB-0250-4325-B506-B405D3555C8E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {0A0008A2-F971-465E-8B4A-8A532BC4FE28} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3B45C8CF-ECFC-4420-8137-C60C8F542D92} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-07-18] ()
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {535982B4-B09A-4C98-9637-8E40318C5040} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A4996D95-3879-481A-BA95-5AC891284BA4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A8CF5AA7-9A33-43D0-8D14-C0D2DA4AEF64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B4664C7F-19BF-413D-9772-EB7D4CE256EB} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe [2013-01-22] (Crystal Dew World)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C09A0E93-BC53-4B37-BB1E-E88DDCAE4517} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C391A8D1-7229-4E06-A074-47DE6094FE89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {C3C22889-18E2-4138-92F7-A5CCCFDD60D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E6EACF70-8DE7-45CB-8B83-68CEC3B6F280} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2375759766-3280221063-1239557780-1001
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E9C97BD0-F081-4ABA-B3DA-517DC5D36FB3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {EAD4949A-7B8A-4AA6-809E-5B90B5EDFA57} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/18/2013 09:05:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Error: (08/18/2013 07:52:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.


System errors:
=============
Error: (08/19/2013 10:21:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/19/2013 10:21:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/19/2013 01:22:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/19/2013 01:22:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/19/2013 00:50:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/19/2013 00:50:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/18/2013 08:36:05 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{B44C7FCC-9D2E-406F-A048-9FCC7FC587B9} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (08/18/2013 08:36:05 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{98BE0671-7976-4BAF-8258-EFCCADA692A5} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (08/18/2013 07:24:34 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (08/18/2013 07:03:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069


Microsoft Office Sessions:
=========================
Error: (08/18/2013 09:05:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/18/2013 07:52:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 8173.55 MB
Available physical RAM: 6038.24 MB
Total Pagefile: 9389.55 MB
Available Pagefile: 7127.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.28 GB) (Free:10.59 GB) NTFS
Drive d: (Downloads) (Fixed) (Total:1863.01 GB) (Free:1758.55 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:114.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 5ACC781B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F876568C)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: D0AF8B5F)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================

GMER im Anhang,

mfg

schrauber · 19.08.2013, 10:42

Hi,

da sind noch Reste. Hast Du die Proxys in IE und FF gesetzt?

Humpestos · 19.08.2013, 12:44

welche Reste? Ich habe einen indischen Proxy mit 208..... gesetzt

mfg

schrauber · 19.08.2013, 16:49

Zitat:

ProxyServer: 203.115.81.196:80

Diesen Proxy meine ich. Wenn nicht:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

19.08.2013, 10:42	#2
schrauber /// the machine /// TB-Ausbilder	Logs nach Beheben des QVO6 Hi, da sind noch Reste. Hast Du die Proxys in IE und FF gesetzt? __________________ __________________

Logs nach Beheben des QVO6

Log-Analyse und Auswertung: Logs nach Beheben des QVO6

Logs nach Beheben des QVO6

Logs nach Beheben des QVO6

Logs nach Beheben des QVO6

Logs nach Beheben des QVO6

Ähnliche Themen: Logs nach Beheben des QVO6

19.08.2013, 12:44	#3
Humpestos	Logs nach Beheben des QVO6 welche Reste? Ich habe einen indischen Proxy mit 208..... gesetzt mfg __________________