| |
| |||||||
Log-Analyse und Auswertung: Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.08.2013, 23:00
| #1 |
 |  Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Schönen Abend Trojaner Board Team, ich hatte gestern erst einen Thread aufgemacht zur Bekämpfung von QV06. http://www.trojaner-board.de/140208-qv06-enfternt.html Das hat alles Wunderbar geklappt. Anschließend bin ich von Avira auf Avast umgestiegen und benutze Firefox mit den Addons "NoScript" und "Adblocker", damit solche Infektionen nicht so schnell wiederpassieren. Heut Abend lies ich dann nochmal Malwarebytes einen Vollscan durchlaufen. Als ich am Ende auf meinen PC schaute wollte ich nicht glauben das er 17 Funde hatte. Im log war "pup.optional.crossrider" immer wieder zu sehen. Ich entfernte sofort die Treffer und machte anschließend einen Neustart. Nach einen weiteren Scan wurde nichts mehr gemeldet. Richtig Sicher bin ich mir aber noch nicht. Lasse grad Avast einen komplett Scan durchlaufen. Keine Ahnung was die Woche los is, sowas is mir noch nie passiert. Ich hoffe ich belästige euch nicht. Hier noch die Malwarebytes logs. (2 Quickscans und 2 Vollscans) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.21.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Christain :: KARTOFFELBAUER [limitiert] 22.08.2013 16:33:30 mbam-log-2013-08-22 (16-33-30).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 268876 Laufzeit: 3 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.22.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Christain :: KARTOFFELBAUER [limitiert] 22.08.2013 21:17:10 mbam-log-2013-08-22 (21-17-10).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 565968 Laufzeit: 1 Stunde(n), 6 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211941181} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{11111111-1111-1111-1111-110211941181} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{44444444-4444-4444-4444-440244944481} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{55555555-5555-5555-5555-550255945581} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0029481.BHO.1 (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211941181} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311721112} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{11111111-1111-1111-1111-110311721112} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{44444444-4444-4444-4444-440344724412} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{55555555-5555-5555-5555-550355725512} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0037212.BHO.1 (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311721112} (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 5 C:\Users\Christain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PC803PM\mein-gutscheincode[1].exe (Adware.Packed.Ranver) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Christain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2KI66UJ\plus-hd-cp1-de[1].exe (Adware.Packed.Ranver) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Christain\AppData\Local\Temp\is357113909\10870956_Setup.EXE (PUP.Optional.LyricXeeker.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Mein Gutscheincode\Mein Gutscheincode-bho.dll (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-bho.dll (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.22.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Christain :: KARTOFFELBAUER [limitiert] 22.08.2013 22:32:22 mbam-log-2013-08-22 (22-32-22).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 269194 Laufzeit: 2 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.22.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Christain :: KARTOFFELBAUER [limitiert] 22.08.2013 22:35:31 mbam-log-2013-08-22 (22-35-31).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 565844 Laufzeit: 54 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Ich hoffe es kann mir wieder jemand helfen. MFG |
|
22.08.2013, 23:10
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Hallo und
__________________ Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
22.08.2013, 23:37
| #3 |
| | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Wieder einmal is der Service hier erstklassig.
__________________ Hier beide Logs. Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2013 02 Ran by Christain at 2013-08-23 00:24:33 Running from C:\Users\Christain\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 3DMark Demo (x32) 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Adobe AIR (x32 Version: 3.8.0.870) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Android SDK Tools (x32 Version: 1.16) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.1.0) Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.1.000) ASRock App Charger v1.0.5 ASRock InstantBoot v1.29 (x32) ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 ASUS GPU Tweak (x32 Version: 2.2.9.9) Audiograbber 1.83 SE (x32 Version: 1.83 SE) avast! Free Antivirus (x32 Version: 8.0.1489.0) Battle.net (x32) Battlefield 3™ (x32 Version: 1.4.0.0) Battlelog Web Plugins (x32 Version: 2.1.7) Bing-Desktop (x32 Version: 1.3.171.0) BioShock 2 (x32 Version: 1.0.0005.131) Broadcom NetLink Controller (Version: 14.8.5.1) Call of Duty: Black Ops - Multiplayer (x32) Core Temp 1.0 RC3 (Version: 1.0) CPUID CPU-Z 1.60 Crysis (x32) Crysis 2 Maximum Edition (x32) D3DX10 (x32 Version: 15.4.2368.0902) Darksiders II (x32) DarksidersInstaller (x32 Version: 1.00.1000) Dead Space™ 3 (x32 Version: 1.0.0.0) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) devolo dLAN Cockpit (x32 Version: 3.0.0.0) Diablo III (x32) dLAN Cockpit (x32 Version: 3 (23.12.2010)) dLAN Cockpit (x32 Version: 3.23.12) Dota 2 (x32) Dragon Age: Origins - Ultimate Edition (x32) DreamScene Seven version 1.6 (x32 Version: 1.6) Dropbox (HKCU Version: 2.0.22) Dungeon Defenders (x32) eReg (x32 Version: 1.20.138.34) ESN Sonar (x32 Version: 0.70.4) Fraps (x32) Futuremark SystemInfo (x32 Version: 4.17.0) Google Chrome (HKCU Version: 29.0.1547.57) Google Talk Plugin (x32 Version: 4.4.2.14502) Google Update Helper (x32 Version: 1.3.23.0) Guild Wars 2 (x32) Hauppauge WinTV 7 (x32 Version: v7.0.31050 (CD 2.7)) Heaven DX11 Benchmark version 3.0 (Version: 3.0) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36354) Intel(R) Management Engine Components (x32 Version: 8.1.0.1281) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) Intel® Trusted Connect Service Client (Version: 1.24.738.1) Java 7 Update 25 (64-bit) (Version: 7.0.250) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Just Cause 2 (x32) Logitech G35 (Version: 1.1.178) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Mass Effect (x32 Version: 1.2.20608.0) Mass Effect 2 (x32 Version: 1.02) Mass Effect™ 3 (x32 Version: 1.05.0.0) Max Payne 3 (x32) Mein Gutscheincode (x32 Version: 1.27.153.0) Microsoft .NET Compact Framework 3.5 (x32 Version: 3.5.7283) Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320) Microsoft .NET Framework 4 Extended (Version: 4.0.30320) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Music Manager (HKCU) NVIDIA 3D Vision Controller-Treiber 326.80 (Version: 326.80) NVIDIA 3D Vision Treiber 326.80 (Version: 326.80) NVIDIA FaceWorks: Real-time Performance Capture Demo (x32 Version: 1.0) NVIDIA GeForce Experience 1.6 (Version: 1.6) NVIDIA Grafiktreiber 326.80 (Version: 326.80) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.889) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2680) NVIDIA Systemsteuerung 326.80 (Version: 326.80) NVIDIA Update 7.2.17 (Version: 7.2.17) NVIDIA Update Components (Version: 7.2.17) NVIDIA Virtual Audio 1.2.2 (Version: 1.2.2) OpenOffice.org 3.3 (x32 Version: 3.3.9567) Orcs Must Die! 2 (x32) Origin (x32 Version: 8.5.2.23) Pingzapper version 1.1.4 (x32 Version: 1.1.4) Plants vs. Zombies: Game of the Year (x32) Plus-HD-3.7 (x32 Version: 1.27.153.10) PunkBuster Services (x32 Version: 0.986) Razer Game Booster (x32 Version: 3.7) Razer Synapse 2.0 (x32 Version: 1.12.8) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6559) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0) Resident Evil 5 (x32) RESIDENT EVIL 6 / BIOHAZARD 6 (x32) Rockstar Games Social Club (x32 Version: 1.1.0.6) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0) Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32) Skype™ 6.6 (x32 Version: 6.6.106) StarCraft II (x32) Steam (x32 Version: 1.0.0.0) Super Meat Boy (x32) Team Fortress 2 (x32) TeamSpeak 3 Client (Version: 3.0.11.1) The Elder Scrolls V: Skyrim (x32) The Witcher 2: Assassins of Kings Enhanced Edition (x32) Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (Version: 2.6.2.0) Unigine Valley Benchmark version 1.0 (x32 Version: 1.0) Unlocker 1.9.1-x64 (Version: 1.9.1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Zip Opener (HKCU) us Mod Manager (Version: 0.45.5) Vimicro USB2.0 UVC PC Camera (x32 Version: 2009.03.18) VLC media player 2.0.8 (x32 Version: 2.0.8) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) XFastUSB (x32 Version: 3.02.31) ==================== Restore Points ========================= 22-08-2013 11:20:52 Ende der Bereinigung 22-08-2013 11:41:36 avast! Free Antivirus Setup 22-08-2013 11:48:19 Removed Java 7 Update 25 22-08-2013 11:48:50 Installed Java 7 Update 25 22-08-2013 11:51:35 Installed Java 7 Update 25 (64-bit) 22-08-2013 12:53:15 Installed MSXML 4.0 SP3 Parser 22-08-2013 12:58:24 Windows Update 22-08-2013 13:09:36 Windows Update 22-08-2013 13:13:01 Windows Update 22-08-2013 13:17:18 OpenOffice 4.0.0 wird installiert 22-08-2013 14:27:05 Wiederherstellungsvorgang ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {02D37614-1F20-4C59-B070-6A0DDD36375D} - System32\Tasks\{5384CA2A-4136-4B27-8AFD-CB82363E817E} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {046C5A47-9AAE-4C3F-98F6-78D57A60E798} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: {176849F6-285F-4A8A-BA25-766911D5FE38} - System32\Tasks\Plus-HD-3.7-enabler => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-enabler.exe [2013-08-22] (Plus HD) Task: {1A31F339-D597-4736-82A5-9B054B46EBA9} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {2AFECC5D-4E50-455C-AAB9-F59DD02469E9} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe No File Task: {2F735289-EB67-4BC4-A2B1-5F46462D94AC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {359AF376-7A39-4480-A3C1-D222C2D241B5} - System32\Tasks\Plus-HD-3.7-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-firefoxinstaller.exe [2013-08-22] (Plus HD) Task: {37F5375F-9C07-49DC-8A17-E9C44EC85268} - \DealPly No Task File Task: {3B26DA98-3C11-48FD-9198-A8CB87319298} - \DSite No Task File Task: {43646FA1-E9DE-4B8B-861D-E156FD586CDB} - System32\Tasks\{7AFC2EC2-81D3-45A3-B34B-C81CE9677F9E} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {43E9B62E-069C-47ED-8928-D35C511405A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000Core => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-11] (Google Inc.) Task: {50449C35-A964-4B47-900E-D1231477FE69} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000UA => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-11] (Google Inc.) Task: {562B1F19-E09C-472D-B4C0-F72D90432AC9} - System32\Tasks\{A8649D11-5F02-4324-A28A-85A1BA62BC66} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {5AA3DFA8-1B3C-4547-8780-A66DFECB41CB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {6734A223-2E53-4AE5-B721-3D897C0F435B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {6FC62B22-FEF8-411D-B5A9-74D69D17DF13} - \DealPlyUpdate No Task File Task: {7C00BD36-73C4-4C4D-8D11-D8AB0FFE9466} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] () Task: {82D99EE2-CA41-4C8B-A077-04A6B00619BA} - System32\Tasks\Core Temp Autostart Christain => C:\Program Files\Core Temp\Core Temp.exe [2012-01-25] () Task: {82EF6BFE-98E8-4FDA-8509-51C92585CB65} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File Task: {962B1A3D-5E1F-47BD-B6A4-62F4CABF989F} - System32\Tasks\Plus-HD-3.7-updater => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-updater.exe [2013-08-22] (Plus HD) Task: {9DE6C859-C068-4B89-BAF0-E3141CAAC346} - System32\Tasks\{8A8C1470-FB45-41B7-946F-A60850964FF7} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {A0533C73-9CE6-4306-A9CE-B05C4AACB266} - System32\Tasks\Plus-HD-3.7-chromeinstaller => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-chromeinstaller.exe [2013-08-22] (Plus HD) Task: {A3D3D4A9-D553-4E4B-82C5-A16BE36372C8} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {BA89FBE5-5BE1-4126-8B64-4D8B19CA4F79} - System32\Tasks\Plus-HD-3.7-codedownloader => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-codedownloader.exe [2013-08-22] (Plus HD) Task: {EBAA7E52-44A1-4495-B952-1636C0A6BA1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {F9626125-83D7-4D9C-AA24-6643C9DA7E83} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated) Task: {FFF01F34-CDD5-4782-B05D-EA02F0E662B7} - System32\Tasks\Open Hardware Monitor\Startup => C:\Users\Christain\PC overclock\OpenHardwareMonitor\OpenHardwareMonitor.exe [2013-02-13] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000Core.job => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000UA.job => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\Plus-HD-3.7-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-chromeinstaller.exe Task: C:\Windows\Tasks\Plus-HD-3.7-codedownloader.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-codedownloader.exe Task: C:\Windows\Tasks\Plus-HD-3.7-enabler.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-enabler.exe Task: C:\Windows\Tasks\Plus-HD-3.7-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-firefoxinstaller.exe Task: C:\Windows\Tasks\Plus-HD-3.7-updater.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-updater.exe ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Intel(R) HD Graphics 4000 Description: Intel(R) HD Graphics 4000 Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: igfx Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12) Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table). You can use Device Manager to determine where the conflict is and disable the conflicting device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/22/2013 10:29:29 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0 Name des fehlerhaften Moduls: ISDI2.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0b6 Ausnahmecode: 0xc0000417 Fehleroffset: 0x0004d11f ID des fehlerhaften Prozesses: 0xce0 Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0 Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1 Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2 Berichtskennung: IAStorDataMgrSvc.exe3 Error: (08/22/2013 10:27:39 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 09:16:11 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0 Name des fehlerhaften Moduls: ISDI2.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0b6 Ausnahmecode: 0xc0000417 Fehleroffset: 0x0004d11f ID des fehlerhaften Prozesses: 0xf34 Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0 Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1 Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2 Berichtskennung: IAStorDataMgrSvc.exe3 Error: (08/22/2013 09:15:09 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 06:21:52 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000332b0 ID des fehlerhaften Prozesses: 0x95c Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0 Pfad der fehlerhaften Anwendung: PSIA.exe1 Pfad des fehlerhaften Moduls: PSIA.exe2 Berichtskennung: PSIA.exe3 Error: (08/22/2013 04:31:39 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0 Name des fehlerhaften Moduls: ISDI2.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0b6 Ausnahmecode: 0xc0000417 Fehleroffset: 0x0004d11f ID des fehlerhaften Prozesses: 0xc98 Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0 Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1 Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2 Berichtskennung: IAStorDataMgrSvc.exe3 Error: (08/22/2013 04:30:57 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 03:20:51 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000332b0 ID des fehlerhaften Prozesses: 0x99c Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0 Pfad der fehlerhaften Anwendung: PSIA.exe1 Pfad des fehlerhaften Moduls: PSIA.exe2 Berichtskennung: PSIA.exe3 Error: (08/22/2013 03:14:47 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000332b0 ID des fehlerhaften Prozesses: 0x1438 Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0 Pfad der fehlerhaften Anwendung: PSIA.exe1 Pfad des fehlerhaften Moduls: PSIA.exe2 Berichtskennung: PSIA.exe3 Error: (08/22/2013 03:04:22 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 System errors: ============= Error: (08/22/2013 11:37:38 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden. Error: (08/22/2013 10:30:25 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/22/2013 10:29:39 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/22/2013 09:16:25 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/22/2013 04:37:56 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/22/2013 04:37:56 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (08/22/2013 04:31:43 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/22/2013 04:31:32 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/22/2013 03:33:10 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/22/2013 03:33:10 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Microsoft Office Sessions: ========================= Error: (08/22/2013 10:29:29 PM) (Source: Application Error)(User: ) Description: IAStorDataMgrSvc.exe11.6.0.10305042b0f0ISDI2.dll11.6.0.10305042b0b6c00004170004d11fce001ce9f76168de0e0C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll8b225e5d-0b69-11e3-bcc3-bc5ff485e7d7 Error: (08/22/2013 10:27:39 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 09:16:11 PM) (Source: Application Error)(User: ) Description: IAStorDataMgrSvc.exe11.6.0.10305042b0f0ISDI2.dll11.6.0.10305042b0b6c00004170004d11ff3401ce9f6bfa68550eC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll4d8b443c-0b5f-11e3-a8ea-bc5ff485e7d7 Error: (08/22/2013 09:15:09 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 06:21:52 PM) (Source: Application Error)(User: ) Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db9710c0000005000332b095c01ce9f53403e1294C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\SysWOW64\ntdll.dllf3df9035-0b46-11e3-93a8-bc5ff485e7d7 Error: (08/22/2013 04:31:39 PM) (Source: Application Error)(User: ) Description: IAStorDataMgrSvc.exe11.6.0.10305042b0f0ISDI2.dll11.6.0.10305042b0b6c00004170004d11fc9801ce9f4437f61509C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll8dba2d50-0b37-11e3-93a8-bc5ff485e7d7 Error: (08/22/2013 04:30:57 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 03:20:51 PM) (Source: Application Error)(User: ) Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db9710c0000005000332b099c01ce9f3a38be42bbC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\SysWOW64\ntdll.dllaa2a631d-0b2d-11e3-a777-bc5ff485e7d7 Error: (08/22/2013 03:14:47 PM) (Source: Application Error)(User: ) Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db9710c0000005000332b0143801ce9f38fffbbafeC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\SysWOW64\ntdll.dlld138d90a-0b2c-11e3-a777-bc5ff485e7d7 Error: (08/22/2013 03:04:22 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 CodeIntegrity Errors: =================================== Date: 2012-04-22 00:42:05.990 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-04-22 00:40:28.203 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-04-11 01:37:15.541 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\CHRIST~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-04-11 01:37:15.512 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\CHRIST~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-04-11 01:37:15.283 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-04-11 01:37:15.254 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 28% Total physical RAM: 12173.73 MB Available physical RAM: 8710.08 MB Total Pagefile: 24345.64 MB Available Pagefile: 20811.66 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:596.07 GB) (Free:498.21 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:931.51 GB) (Free:552.85 GB) NTFS ==================== MBR & Partition Table ================== ==================== End Of Log ============================ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2013 02
Ran by Christain (administrator) on 23-08-2013 00:23:54
Running from C:\Users\Christain\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Users\Christain\PC overclock\OpenHardwareMonitor\OpenHardwareMonitor.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Pingzapper\PZService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-05-30] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-11] (Google Inc.)
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Policies\system: [DisableLockWorkstation] 0
MountPoints2: E - E:\ASRSetup.exe
MountPoints2: {458d0a12-6ab0-11e1-a10b-806e6f6e6963} - E:\Run.exe
MountPoints2: {78590d4e-757d-11e2-9b4f-806e6f6e6963} - E:\ASRSetup.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [606056 2013-07-23] (Razer Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2013-02-13] (FNet Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [168616 2013-08-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [141336 2013-08-18] (NVIDIA Corporation)
Startup: C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\G35 konfigurieren.lnk
ShortcutTarget: G35 konfigurieren.lnk -> C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c))
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY903821138211&ts=1377088359
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY903821138211&ts=1377088359
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default
FF Homepage: hxxp://www.buffed.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Christain\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Christain\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Christain\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Christain\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Christain\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\de9372bd-c6d6-4690-9bf6-238a8622d6b1@09af4fd9-64cf-4b1b-9464-1de3f20e38f7.com
FF Extension: jid1-qQSMEVsYTOjgYA - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: adblocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Mein Gutscheincode) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiomkimgbpmhibpejnghmmoedaijgdda\1.23.26_0
CHR Extension: (avast! Ad Blocker) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0
CHR Extension: (avast! Online Security) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Plus-HD-3.7) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii\1.23.7_0
CHR Extension: (Google Wallet Service) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (Gmail) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Christain\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 DAUpdaterSvc; D:\Programme\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-04-25] (BioWare)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [137336 2013-02-17] (Futuremark Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [577536 2013-01-25] (Hauppauge Computer Works)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 PingzapperSvc; C:\Program Files (x86)\Pingzapper\PZService.exe [679424 2012-06-11] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-12] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
==================== Drivers (Whitelisted) ====================
R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [47160 2008-04-28] (AMD, Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-22] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-22] ()
R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2011-09-21] (CPUID)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-06-09] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-02-13] (FNet Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-07-06] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-07-06] (Windows (R) Server 2003 DDK provider)
R3 HCW3x64; C:\Windows\System32\DRIVERS\HCW71364.sys [1501200 2012-01-31] (Hauppauge Computer Works, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [20352 2009-09-30] (Razer USA Ltd.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-07-18] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [39096 2013-07-10] (Razer Inc)
R3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [30904 2013-07-10] (Razer Inc)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [199296 2010-01-12] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-08-22] ()
S3 ALSysIO; \??\C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz130; \??\C:\Users\CHRIST~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [x]
R3 WinRing0_1_2_0; \??\C:\Users\Christain\AppData\Local\Temp\tmp62D7.tmp [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-23 00:16 - 2013-08-23 00:16 - 01576476 _____ (Farbar) C:\Users\Christain\Desktop\FRST64.exe
2013-08-22 22:27 - 2013-08-22 22:27 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-08-22 21:02 - 2013-08-22 21:02 - 00275360 _____ (Microsoft Corporation) C:\Windows\system32\DreamScene.dll
2013-08-22 20:58 - 2013-08-22 22:27 - 00001296 _____ C:\Windows\Tasks\Plus-HD-3.7-updater.job
2013-08-22 20:58 - 2013-08-22 22:27 - 00001208 _____ C:\Windows\Tasks\Plus-HD-3.7-codedownloader.job
2013-08-22 20:58 - 2013-08-22 22:27 - 00001106 _____ C:\Windows\Tasks\Plus-HD-3.7-enabler.job
2013-08-22 20:58 - 2013-08-22 22:25 - 00000000 ____D C:\Program Files (x86)\Mein Gutscheincode
2013-08-22 20:58 - 2013-08-22 20:58 - 00004326 _____ C:\Windows\System32\Tasks\Plus-HD-3.7-updater
2013-08-22 20:58 - 2013-08-22 20:58 - 00004238 _____ C:\Windows\System32\Tasks\Plus-HD-3.7-codedownloader
2013-08-22 20:58 - 2013-08-22 20:58 - 00004136 _____ C:\Windows\System32\Tasks\Plus-HD-3.7-enabler
2013-08-22 20:57 - 2013-08-22 22:27 - 00001914 _____ C:\Windows\Tasks\Plus-HD-3.7-chromeinstaller.job
2013-08-22 20:57 - 2013-08-22 22:27 - 00001840 _____ C:\Windows\Tasks\Plus-HD-3.7-firefoxinstaller.job
2013-08-22 20:57 - 2013-08-22 22:25 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.7
2013-08-22 20:56 - 2013-08-22 20:56 - 01650073 _____ (DREAMSCENESEVEN.COM ) C:\Users\Christain\Downloads\dreamsceneseven.exe
2013-08-22 20:56 - 2013-08-22 20:56 - 00000000 ____D C:\Program Files (x86)\DreamScene Seven
2013-08-22 20:54 - 2013-08-22 20:54 - 01795356 _____ C:\Users\Christain\Downloads\D3RoS_Malthael.wmv
2013-08-22 15:18 - 2013-08-22 15:18 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-22 15:16 - 2013-08-22 15:16 - 00000000 ____D C:\Users\Christain\Downloads\OpenOffice 4.0.0 (de) Installation Files
2013-08-22 15:15 - 2013-08-22 15:16 - 162401424 _____ C:\Users\Christain\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-08-22 15:09 - 2013-08-22 15:10 - 00260376 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-08-22 14:52 - 2013-08-22 14:52 - 02434048 _____ C:\Users\Christain\Downloads\msxml.msi
2013-08-22 14:48 - 2013-08-22 14:48 - 03272136 _____ (Secunia) C:\Users\Christain\Downloads\PSISetup711.exe
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Secunia PSI
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-08-22 13:52 - 2013-08-22 13:52 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-22 13:52 - 2013-08-22 13:52 - 00000000 ____D C:\Program Files\Java
2013-08-22 13:49 - 2013-08-22 13:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-22 13:48 - 2013-08-22 13:48 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-22 13:42 - 2013-08-22 22:29 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-22 13:42 - 2013-08-22 14:50 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-22 13:42 - 2013-08-22 13:42 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-22 13:42 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-22 13:42 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-22 13:42 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-22 13:41 - 2013-08-22 13:41 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-22 13:39 - 2013-08-22 13:41 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-22 13:20 - 2013-08-22 13:22 - 00001324 _____ C:\DelFix.txt
2013-08-22 13:07 - 2013-08-22 13:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-21 20:32 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\ERUNT
2013-08-21 19:20 - 2013-08-21 19:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 19:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-21 15:25 - 2013-08-22 22:30 - 00001650 _____ C:\autoupdate.log
2013-08-21 15:25 - 2013-08-22 22:27 - 00000616 _____ C:\Windows\setupact.log
2013-08-21 15:25 - 2013-08-21 15:25 - 00000000 _____ C:\Windows\setuperr.log
2013-08-21 15:24 - 2013-08-22 22:26 - 00017120 _____ C:\Windows\PFRO.log
2013-08-21 14:47 - 2013-08-21 14:49 - 00000000 ____D C:\Program Files\ASRock
2013-08-21 14:32 - 2013-08-22 23:37 - 00000912 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-21 14:32 - 2013-08-21 14:32 - 00003908 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-08-21 11:28 - 2013-08-21 11:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-21 11:26 - 2013-08-18 21:34 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-21 11:26 - 2013-08-18 21:34 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-21 11:26 - 2013-08-17 07:30 - 03319709 _____ C:\Windows\system32\nvcoproc.bin
2013-08-21 11:21 - 2013-08-18 23:02 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-21 11:21 - 2013-08-18 23:02 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-08-21 11:21 - 2013-07-18 19:15 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-21 11:21 - 2013-07-18 19:15 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-21 11:21 - 2013-07-18 19:15 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-21 11:21 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-08-21 11:21 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-08-21 11:21 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-17 21:25 - 2013-08-17 21:25 - 00000000 ____D C:\Users\Christain\Neuer Ordner
2013-08-15 10:03 - 2013-08-15 10:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzp1endpt_01009.Wdf
2013-08-14 20:41 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 20:41 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 20:41 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 20:41 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 20:41 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 20:41 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 20:41 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 20:41 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 20:41 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 20:41 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 20:41 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 20:41 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 20:37 - 2013-08-14 20:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 17:58 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 17:58 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 17:58 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 17:58 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 17:58 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 17:58 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 17:58 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 17:58 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 17:57 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 17:57 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 17:57 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 17:57 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 17:57 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 17:57 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 17:57 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 17:57 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 17:57 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 17:57 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 17:57 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 17:57 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 17:57 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 17:57 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 17:57 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 17:57 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 17:57 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 17:57 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 17:57 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-08 09:34 - 2013-08-08 09:34 - 00000000 ____D C:\NvidiaLogging
2013-07-29 09:44 - 2013-08-22 22:25 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Battle.net
2013-07-29 09:44 - 2013-08-22 16:28 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Battle.net
2013-07-29 09:44 - 2013-08-13 20:41 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-07-29 09:44 - 2013-07-29 09:44 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Blizzard Entertainment
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\Christain\Documents\Nexus Mod Manager
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Black_Tree_Gaming
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-07-27 14:37 - 2013-07-27 14:37 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2013-07-27 14:35 - 2013-07-27 14:40 - 00000000 ____D C:\Users\Christain\.android
2013-07-27 14:32 - 2013-07-27 14:32 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2013-07-27 14:31 - 2013-07-27 14:37 - 00000000 ____D C:\Program Files (x86)\Android SDK
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____D C:\Users\Christain\Documents\Square Enix
2013-07-25 05:38 - 2013-07-25 05:38 - 00296448 _____ (Razer Inc) C:\Windows\SysWOW64\rzaudiodll.dll
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\Christain\Documents\Robot Entertainment
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Robot Entertainment
==================== One Month Modified Files and Folders =======
2013-08-23 00:23 - 2013-08-23 00:23 - 00000000 ____D C:\FRST
2013-08-23 00:16 - 2013-08-23 00:16 - 01576476 _____ (Farbar) C:\Users\Christain\Desktop\FRST64.exe
2013-08-22 23:50 - 2012-11-11 01:14 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000UA.job
2013-08-22 23:40 - 2012-10-12 22:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-22 23:37 - 2013-08-21 14:32 - 00000912 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-22 22:35 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-22 22:35 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-22 22:31 - 2012-03-10 14:57 - 01486259 _____ C:\Windows\WindowsUpdate.log
2013-08-22 22:30 - 2013-08-21 15:25 - 00001650 _____ C:\autoupdate.log
2013-08-22 22:29 - 2013-08-22 13:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-22 22:27 - 2013-08-22 22:27 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-08-22 22:27 - 2013-08-22 20:58 - 00001296 _____ C:\Windows\Tasks\Plus-HD-3.7-updater.job
2013-08-22 22:27 - 2013-08-22 20:58 - 00001208 _____ C:\Windows\Tasks\Plus-HD-3.7-codedownloader.job
2013-08-22 22:27 - 2013-08-22 20:58 - 00001106 _____ C:\Windows\Tasks\Plus-HD-3.7-enabler.job
2013-08-22 22:27 - 2013-08-22 20:57 - 00001914 _____ C:\Windows\Tasks\Plus-HD-3.7-chromeinstaller.job
2013-08-22 22:27 - 2013-08-22 20:57 - 00001840 _____ C:\Windows\Tasks\Plus-HD-3.7-firefoxinstaller.job
2013-08-22 22:27 - 2013-08-21 15:25 - 00000616 _____ C:\Windows\setupact.log
2013-08-22 22:27 - 2013-03-29 23:08 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2013-08-22 22:27 - 2013-02-13 03:59 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-08-22 22:27 - 2012-04-09 17:44 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-22 22:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-22 22:26 - 2013-08-21 15:24 - 00017120 _____ C:\Windows\PFRO.log
2013-08-22 22:25 - 2013-08-22 20:58 - 00000000 ____D C:\Program Files (x86)\Mein Gutscheincode
2013-08-22 22:25 - 2013-08-22 20:57 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.7
2013-08-22 22:25 - 2013-07-29 09:44 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Battle.net
2013-08-22 21:22 - 2012-09-01 16:52 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Dropbox
2013-08-22 21:22 - 2012-03-10 15:06 - 00000000 ___RD C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-22 21:14 - 2012-03-10 15:06 - 00000000 ____D C:\Users\Christain
2013-08-22 21:05 - 2012-03-11 22:19 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-22 21:05 - 2012-03-10 22:30 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-22 21:02 - 2013-08-22 21:02 - 00275360 _____ (Microsoft Corporation) C:\Windows\system32\DreamScene.dll
2013-08-22 20:58 - 2013-08-22 20:58 - 00004326 _____ C:\Windows\System32\Tasks\Plus-HD-3.7-updater
2013-08-22 20:58 - 2013-08-22 20:58 - 00004238 _____ C:\Windows\System32\Tasks\Plus-HD-3.7-codedownloader
2013-08-22 20:58 - 2013-08-22 20:58 - 00004136 _____ C:\Windows\System32\Tasks\Plus-HD-3.7-enabler
2013-08-22 20:57 - 2012-03-10 22:30 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-22 20:56 - 2013-08-22 20:56 - 01650073 _____ (DREAMSCENESEVEN.COM ) C:\Users\Christain\Downloads\dreamsceneseven.exe
2013-08-22 20:56 - 2013-08-22 20:56 - 00000000 ____D C:\Program Files (x86)\DreamScene Seven
2013-08-22 20:54 - 2013-08-22 20:54 - 01795356 _____ C:\Users\Christain\Downloads\D3RoS_Malthael.wmv
2013-08-22 16:30 - 2013-05-29 20:05 - 00000000 ____D C:\Users\UpdatusUser.Kartoffelbauer
2013-08-22 16:28 - 2013-07-29 09:44 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Battle.net
2013-08-22 16:28 - 2012-03-31 11:15 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-08-22 16:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-22 16:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-22 15:18 - 2013-08-22 15:18 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-22 15:16 - 2013-08-22 15:16 - 00000000 ____D C:\Users\Christain\Downloads\OpenOffice 4.0.0 (de) Installation Files
2013-08-22 15:16 - 2013-08-22 15:15 - 162401424 _____ C:\Users\Christain\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-08-22 15:10 - 2013-08-22 15:09 - 00260376 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-08-22 15:01 - 2012-03-10 17:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-22 15:01 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-22 14:56 - 2012-03-10 16:21 - 00000000 ____D C:\Users\Christain\Desktop Icons
2013-08-22 14:53 - 2012-03-12 23:10 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-22 14:52 - 2013-08-22 14:52 - 02434048 _____ C:\Users\Christain\Downloads\msxml.msi
2013-08-22 14:50 - 2013-08-22 13:42 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-22 14:48 - 2013-08-22 14:48 - 03272136 _____ (Secunia) C:\Users\Christain\Downloads\PSISetup711.exe
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Secunia PSI
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-08-22 13:52 - 2013-08-22 13:52 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-22 13:52 - 2013-08-22 13:52 - 00000000 ____D C:\Program Files\Java
2013-08-22 13:52 - 2012-05-20 19:21 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-22 13:52 - 2012-05-01 15:28 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-22 13:49 - 2013-08-22 13:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-22 13:49 - 2012-08-27 19:57 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-22 13:49 - 2012-03-31 11:15 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-22 13:48 - 2013-08-22 13:48 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-22 13:42 - 2013-08-22 13:42 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-22 13:41 - 2013-08-22 13:41 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-22 13:41 - 2013-08-22 13:39 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-22 13:24 - 2012-04-24 22:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 13:22 - 2013-08-22 13:20 - 00001324 _____ C:\DelFix.txt
2013-08-22 13:20 - 2013-08-21 20:32 - 00000000 ____D C:\Windows\ERUNT
2013-08-22 13:09 - 2012-03-10 15:46 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Adobe
2013-08-22 13:09 - 2012-03-10 15:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-22 13:09 - 2012-03-10 15:42 - 00000000 ____D C:\ProgramData\Adobe
2013-08-22 13:07 - 2013-08-22 13:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-22 12:42 - 2013-02-13 03:59 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-08-22 09:32 - 2009-07-14 19:58 - 02917790 _____ C:\Windows\system32\perfh007.dat
2013-08-22 09:32 - 2009-07-14 19:58 - 00863738 _____ C:\Windows\system32\perfc007.dat
2013-08-22 09:32 - 2009-07-14 07:13 - 00006280 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-21 19:20 - 2013-08-21 19:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 16:08 - 2013-02-13 04:38 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\CrashDumps
2013-08-21 15:25 - 2013-08-21 15:25 - 00000000 _____ C:\Windows\setuperr.log
2013-08-21 15:24 - 2012-11-11 01:14 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-08-21 15:24 - 2012-03-10 15:06 - 00001003 _____ C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-21 14:49 - 2013-08-21 14:47 - 00000000 ____D C:\Program Files\ASRock
2013-08-21 14:32 - 2013-08-21 14:32 - 00003908 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-08-21 11:40 - 2012-10-12 22:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 11:40 - 2012-10-12 22:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 11:40 - 2012-03-10 15:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 11:28 - 2013-08-21 11:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-21 11:28 - 2012-03-16 19:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-21 11:26 - 2012-10-04 16:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-21 11:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-08-21 11:25 - 2013-05-29 20:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-21 00:50 - 2012-11-11 01:14 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000Core.job
2013-08-20 20:29 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-19 12:57 - 2012-03-10 16:46 - 00000000 ____D C:\Users\Christain\AppData\Roaming\TS3Client
2013-08-19 12:56 - 2012-04-07 22:19 - 00000000 ____D C:\Windows\Minidump
2013-08-19 12:56 - 2012-03-10 14:53 - 00000000 ____D C:\Windows\Panther
2013-08-19 00:00 - 2012-03-10 15:59 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Skype
2013-08-18 23:02 - 2013-08-21 11:21 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 23:02 - 2013-08-21 11:21 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-08-18 21:34 - 2013-08-21 11:26 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-18 21:34 - 2013-08-21 11:26 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-17 21:25 - 2013-08-17 21:25 - 00000000 ____D C:\Users\Christain\Neuer Ordner
2013-08-17 07:30 - 2013-08-21 11:26 - 03319709 _____ C:\Windows\system32\nvcoproc.bin
2013-08-15 14:28 - 2012-03-10 16:46 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-15 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 10:05 - 2012-07-17 17:01 - 00000000 ____D C:\Program Files (x86)\Razer
2013-08-15 10:03 - 2013-08-15 10:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzp1endpt_01009.Wdf
2013-08-15 10:02 - 2012-07-17 17:01 - 00000000 ____D C:\ProgramData\Razer
2013-08-14 20:38 - 2013-08-14 20:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 20:37 - 2012-03-14 18:30 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 20:41 - 2013-07-29 09:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-08-08 09:34 - 2013-08-08 09:34 - 00000000 ____D C:\NvidiaLogging
2013-08-07 20:50 - 2012-03-10 15:18 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Mozilla
2013-07-30 20:35 - 2012-03-10 16:08 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Origin
2013-07-30 20:35 - 2012-03-10 16:08 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Origin
2013-07-29 13:01 - 2013-07-16 22:03 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Skyrim
2013-07-29 09:44 - 2013-07-29 09:44 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Blizzard Entertainment
2013-07-28 17:36 - 2012-11-11 01:14 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Google
2013-07-28 12:47 - 2013-01-06 19:24 - 00000000 ____D C:\Users\Christain\Documents\Witcher 2
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\Christain\Documents\Nexus Mod Manager
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Black_Tree_Gaming
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-07-27 20:23 - 2012-04-22 00:28 - 00000000 ____D C:\Users\Christain\Handy
2013-07-27 14:40 - 2013-07-27 14:35 - 00000000 ____D C:\Users\Christain\.android
2013-07-27 14:37 - 2013-07-27 14:37 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2013-07-27 14:37 - 2013-07-27 14:31 - 00000000 ____D C:\Program Files (x86)\Android SDK
2013-07-27 14:32 - 2013-07-27 14:32 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____D C:\Users\Christain\Documents\Square Enix
2013-07-26 07:13 - 2013-08-14 20:41 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-14 20:41 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-14 20:41 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-14 20:41 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-14 20:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-14 20:41 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-14 20:41 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-14 20:41 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-14 20:41 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-14 20:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-14 20:41 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-14 20:41 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 21:02 - 2013-07-16 20:40 - 00000000 ____D C:\Users\Christain\Documents\Shiner
2013-07-25 11:25 - 2013-08-14 17:57 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 17:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-25 05:38 - 2013-07-25 05:38 - 00296448 _____ (Razer Inc) C:\Windows\SysWOW64\rzaudiodll.dll
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\Christain\Documents\Robot Entertainment
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Robot Entertainment
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 12:55
==================== End Of Log ============================
--- --- --- Avast hat nun grade den Scan abgeschlossen und keine Viren oder ähnliches gefunden. Würde gerne auch ein Log reinstellen, aber irgendiwe zeigt mir nix an... wahrscheinlich bin ich noch zu doof für Avast xD |
|
22.08.2013, 23:59
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.08.2013, 00:27
| #5 |
| | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) so alle Scans ausgeführt. Hier die Logs. Code:
ATTFilter # AdwCleaner v3.000 - Report created 23/08/2013 at 01:07:04
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Christain - KARTOFFELBAUER
# Running from : C:\Users\Christain\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\jetpack
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0029481.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0029481.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0029481.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0037212.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0037212.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0037212.Sandbox.1
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\prefs.js ]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.internaldb.Resources_meta.value", "%7B%22css/icon_128.png%22%3A%7B%22id%22%3A155226%2C%22ver%22%3A[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.internaldb.Resources_resource_155230.value", "%22/**%20todo%3A%20clean%20this%20shit%20up%2C%20scs[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.internaldb.Resources_resource_155237.value", "%22/*%21%20jQuery%20v1.8.2%20jquery.com%20%7C%20jque[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Line Deleted : user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.plugins.plugin_78.name", "CrossriderInfo");
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.backgroundjs", "\n\n/*****************************************************************************[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.cookie.previous_page.value", "%22hxxp%3A//www.trojaner-board.de/140281-entfernen-qv06-fand-malware[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.js", "\n\n /************************************************************************************\[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_78.name", "CrossriderInfo");
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Line Deleted : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Line Deleted : user_pref("extensions.crossrider.bic", "140a7657a191f5f242f823e1213f7323");
-\\ Google Chrome v
[ File : C:\Users\Christain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10185 octets] - [23/08/2013 01:06:30]
AdwCleaner[S0].txt - [10103 octets] - [23/08/2013 01:07:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10164 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Christain on 23.08.2013 at 1:14:38,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222942281}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322722212}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266946681}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366726612}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220222942281}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322722212}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266946681}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366726612}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660266946681}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366726612}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266946681}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366726612}
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.7-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.7-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.7-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.7-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.7-updater.job
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\Christain\AppData\Roaming\mozilla\firefox\profiles\kgchiz5g.default\prefs.js
user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.internaldb.Resources_resource_155226.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.internaldb.Resources_resource_155227.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.internaldb.Resources_resource_155228.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a126c9ec1e913410f94df6262dd70e04494392a4bd7bd45638bcdba96cf8055b2com29481.29481.internaldb.Resources_resource_155229.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.value", "%22var%20ca
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.08.2013 at 1:18:23,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2013 02 Ran by Christain at 2013-08-23 00:24:33 Running from C:\Users\Christain\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 3DMark Demo (x32) 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Adobe AIR (x32 Version: 3.8.0.870) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Android SDK Tools (x32 Version: 1.16) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.1.0) Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.1.000) ASRock App Charger v1.0.5 ASRock InstantBoot v1.29 (x32) ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 ASUS GPU Tweak (x32 Version: 2.2.9.9) Audiograbber 1.83 SE (x32 Version: 1.83 SE) avast! Free Antivirus (x32 Version: 8.0.1489.0) Battle.net (x32) Battlefield 3™ (x32 Version: 1.4.0.0) Battlelog Web Plugins (x32 Version: 2.1.7) Bing-Desktop (x32 Version: 1.3.171.0) BioShock 2 (x32 Version: 1.0.0005.131) Broadcom NetLink Controller (Version: 14.8.5.1) Call of Duty: Black Ops - Multiplayer (x32) Core Temp 1.0 RC3 (Version: 1.0) CPUID CPU-Z 1.60 Crysis (x32) Crysis 2 Maximum Edition (x32) D3DX10 (x32 Version: 15.4.2368.0902) Darksiders II (x32) DarksidersInstaller (x32 Version: 1.00.1000) Dead Space™ 3 (x32 Version: 1.0.0.0) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) devolo dLAN Cockpit (x32 Version: 3.0.0.0) Diablo III (x32) dLAN Cockpit (x32 Version: 3 (23.12.2010)) dLAN Cockpit (x32 Version: 3.23.12) Dota 2 (x32) Dragon Age: Origins - Ultimate Edition (x32) DreamScene Seven version 1.6 (x32 Version: 1.6) Dropbox (HKCU Version: 2.0.22) Dungeon Defenders (x32) eReg (x32 Version: 1.20.138.34) ESN Sonar (x32 Version: 0.70.4) Fraps (x32) Futuremark SystemInfo (x32 Version: 4.17.0) Google Chrome (HKCU Version: 29.0.1547.57) Google Talk Plugin (x32 Version: 4.4.2.14502) Google Update Helper (x32 Version: 1.3.23.0) Guild Wars 2 (x32) Hauppauge WinTV 7 (x32 Version: v7.0.31050 (CD 2.7)) Heaven DX11 Benchmark version 3.0 (Version: 3.0) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36354) Intel(R) Management Engine Components (x32 Version: 8.1.0.1281) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) Intel® Trusted Connect Service Client (Version: 1.24.738.1) Java 7 Update 25 (64-bit) (Version: 7.0.250) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Just Cause 2 (x32) Logitech G35 (Version: 1.1.178) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Mass Effect (x32 Version: 1.2.20608.0) Mass Effect 2 (x32 Version: 1.02) Mass Effect™ 3 (x32 Version: 1.05.0.0) Max Payne 3 (x32) Mein Gutscheincode (x32 Version: 1.27.153.0) Microsoft .NET Compact Framework 3.5 (x32 Version: 3.5.7283) Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320) Microsoft .NET Framework 4 Extended (Version: 4.0.30320) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Music Manager (HKCU) NVIDIA 3D Vision Controller-Treiber 326.80 (Version: 326.80) NVIDIA 3D Vision Treiber 326.80 (Version: 326.80) NVIDIA FaceWorks: Real-time Performance Capture Demo (x32 Version: 1.0) NVIDIA GeForce Experience 1.6 (Version: 1.6) NVIDIA Grafiktreiber 326.80 (Version: 326.80) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.889) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2680) NVIDIA Systemsteuerung 326.80 (Version: 326.80) NVIDIA Update 7.2.17 (Version: 7.2.17) NVIDIA Update Components (Version: 7.2.17) NVIDIA Virtual Audio 1.2.2 (Version: 1.2.2) OpenOffice.org 3.3 (x32 Version: 3.3.9567) Orcs Must Die! 2 (x32) Origin (x32 Version: 8.5.2.23) Pingzapper version 1.1.4 (x32 Version: 1.1.4) Plants vs. Zombies: Game of the Year (x32) Plus-HD-3.7 (x32 Version: 1.27.153.10) PunkBuster Services (x32 Version: 0.986) Razer Game Booster (x32 Version: 3.7) Razer Synapse 2.0 (x32 Version: 1.12.8) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6559) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0) Resident Evil 5 (x32) RESIDENT EVIL 6 / BIOHAZARD 6 (x32) Rockstar Games Social Club (x32 Version: 1.1.0.6) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0) Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32) Skype™ 6.6 (x32 Version: 6.6.106) StarCraft II (x32) Steam (x32 Version: 1.0.0.0) Super Meat Boy (x32) Team Fortress 2 (x32) TeamSpeak 3 Client (Version: 3.0.11.1) The Elder Scrolls V: Skyrim (x32) The Witcher 2: Assassins of Kings Enhanced Edition (x32) Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (Version: 2.6.2.0) Unigine Valley Benchmark version 1.0 (x32 Version: 1.0) Unlocker 1.9.1-x64 (Version: 1.9.1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Zip Opener (HKCU) us Mod Manager (Version: 0.45.5) Vimicro USB2.0 UVC PC Camera (x32 Version: 2009.03.18) VLC media player 2.0.8 (x32 Version: 2.0.8) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) XFastUSB (x32 Version: 3.02.31) ==================== Restore Points ========================= 22-08-2013 11:20:52 Ende der Bereinigung 22-08-2013 11:41:36 avast! Free Antivirus Setup 22-08-2013 11:48:19 Removed Java 7 Update 25 22-08-2013 11:48:50 Installed Java 7 Update 25 22-08-2013 11:51:35 Installed Java 7 Update 25 (64-bit) 22-08-2013 12:53:15 Installed MSXML 4.0 SP3 Parser 22-08-2013 12:58:24 Windows Update 22-08-2013 13:09:36 Windows Update 22-08-2013 13:13:01 Windows Update 22-08-2013 13:17:18 OpenOffice 4.0.0 wird installiert 22-08-2013 14:27:05 Wiederherstellungsvorgang ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {02D37614-1F20-4C59-B070-6A0DDD36375D} - System32\Tasks\{5384CA2A-4136-4B27-8AFD-CB82363E817E} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {046C5A47-9AAE-4C3F-98F6-78D57A60E798} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: {176849F6-285F-4A8A-BA25-766911D5FE38} - System32\Tasks\Plus-HD-3.7-enabler => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-enabler.exe [2013-08-22] (Plus HD) Task: {1A31F339-D597-4736-82A5-9B054B46EBA9} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {2AFECC5D-4E50-455C-AAB9-F59DD02469E9} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe No File Task: {2F735289-EB67-4BC4-A2B1-5F46462D94AC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {359AF376-7A39-4480-A3C1-D222C2D241B5} - System32\Tasks\Plus-HD-3.7-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-firefoxinstaller.exe [2013-08-22] (Plus HD) Task: {37F5375F-9C07-49DC-8A17-E9C44EC85268} - \DealPly No Task File Task: {3B26DA98-3C11-48FD-9198-A8CB87319298} - \DSite No Task File Task: {43646FA1-E9DE-4B8B-861D-E156FD586CDB} - System32\Tasks\{7AFC2EC2-81D3-45A3-B34B-C81CE9677F9E} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {43E9B62E-069C-47ED-8928-D35C511405A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000Core => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-11] (Google Inc.) Task: {50449C35-A964-4B47-900E-D1231477FE69} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000UA => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-11] (Google Inc.) Task: {562B1F19-E09C-472D-B4C0-F72D90432AC9} - System32\Tasks\{A8649D11-5F02-4324-A28A-85A1BA62BC66} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {5AA3DFA8-1B3C-4547-8780-A66DFECB41CB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {6734A223-2E53-4AE5-B721-3D897C0F435B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {6FC62B22-FEF8-411D-B5A9-74D69D17DF13} - \DealPlyUpdate No Task File Task: {7C00BD36-73C4-4C4D-8D11-D8AB0FFE9466} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] () Task: {82D99EE2-CA41-4C8B-A077-04A6B00619BA} - System32\Tasks\Core Temp Autostart Christain => C:\Program Files\Core Temp\Core Temp.exe [2012-01-25] () Task: {82EF6BFE-98E8-4FDA-8509-51C92585CB65} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File Task: {962B1A3D-5E1F-47BD-B6A4-62F4CABF989F} - System32\Tasks\Plus-HD-3.7-updater => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-updater.exe [2013-08-22] (Plus HD) Task: {9DE6C859-C068-4B89-BAF0-E3141CAAC346} - System32\Tasks\{8A8C1470-FB45-41B7-946F-A60850964FF7} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-22] (Mozilla Corporation) Task: {A0533C73-9CE6-4306-A9CE-B05C4AACB266} - System32\Tasks\Plus-HD-3.7-chromeinstaller => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-chromeinstaller.exe [2013-08-22] (Plus HD) Task: {A3D3D4A9-D553-4E4B-82C5-A16BE36372C8} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {BA89FBE5-5BE1-4126-8B64-4D8B19CA4F79} - System32\Tasks\Plus-HD-3.7-codedownloader => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-codedownloader.exe [2013-08-22] (Plus HD) Task: {EBAA7E52-44A1-4495-B952-1636C0A6BA1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {F9626125-83D7-4D9C-AA24-6643C9DA7E83} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated) Task: {FFF01F34-CDD5-4782-B05D-EA02F0E662B7} - System32\Tasks\Open Hardware Monitor\Startup => C:\Users\Christain\PC overclock\OpenHardwareMonitor\OpenHardwareMonitor.exe [2013-02-13] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000Core.job => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000UA.job => C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\Plus-HD-3.7-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-chromeinstaller.exe Task: C:\Windows\Tasks\Plus-HD-3.7-codedownloader.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-codedownloader.exe Task: C:\Windows\Tasks\Plus-HD-3.7-enabler.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-enabler.exe Task: C:\Windows\Tasks\Plus-HD-3.7-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-firefoxinstaller.exe Task: C:\Windows\Tasks\Plus-HD-3.7-updater.job => C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-updater.exe ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Intel(R) HD Graphics 4000 Description: Intel(R) HD Graphics 4000 Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: igfx Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12) Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table). You can use Device Manager to determine where the conflict is and disable the conflicting device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/22/2013 10:29:29 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0 Name des fehlerhaften Moduls: ISDI2.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0b6 Ausnahmecode: 0xc0000417 Fehleroffset: 0x0004d11f ID des fehlerhaften Prozesses: 0xce0 Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0 Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1 Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2 Berichtskennung: IAStorDataMgrSvc.exe3 Error: (08/22/2013 10:27:39 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 09:16:11 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0 Name des fehlerhaften Moduls: ISDI2.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0b6 Ausnahmecode: 0xc0000417 Fehleroffset: 0x0004d11f ID des fehlerhaften Prozesses: 0xf34 Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0 Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1 Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2 Berichtskennung: IAStorDataMgrSvc.exe3 Error: (08/22/2013 09:15:09 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 06:21:52 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000332b0 ID des fehlerhaften Prozesses: 0x95c Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0 Pfad der fehlerhaften Anwendung: PSIA.exe1 Pfad des fehlerhaften Moduls: PSIA.exe2 Berichtskennung: PSIA.exe3 Error: (08/22/2013 04:31:39 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0 Name des fehlerhaften Moduls: ISDI2.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0b6 Ausnahmecode: 0xc0000417 Fehleroffset: 0x0004d11f ID des fehlerhaften Prozesses: 0xc98 Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0 Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1 Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2 Berichtskennung: IAStorDataMgrSvc.exe3 Error: (08/22/2013 04:30:57 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 03:20:51 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000332b0 ID des fehlerhaften Prozesses: 0x99c Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0 Pfad der fehlerhaften Anwendung: PSIA.exe1 Pfad des fehlerhaften Moduls: PSIA.exe2 Berichtskennung: PSIA.exe3 Error: (08/22/2013 03:14:47 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000332b0 ID des fehlerhaften Prozesses: 0x1438 Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0 Pfad der fehlerhaften Anwendung: PSIA.exe1 Pfad des fehlerhaften Moduls: PSIA.exe2 Berichtskennung: PSIA.exe3 Error: (08/22/2013 03:04:22 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 System errors: ============= Error: (08/22/2013 11:37:38 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden. Error: (08/22/2013 10:30:25 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/22/2013 10:29:39 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/22/2013 09:16:25 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/22/2013 04:37:56 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/22/2013 04:37:56 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (08/22/2013 04:31:43 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/22/2013 04:31:32 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/22/2013 03:33:10 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/22/2013 03:33:10 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Microsoft Office Sessions: ========================= Error: (08/22/2013 10:29:29 PM) (Source: Application Error)(User: ) Description: IAStorDataMgrSvc.exe11.6.0.10305042b0f0ISDI2.dll11.6.0.10305042b0b6c00004170004d11fce001ce9f76168de0e0C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll8b225e5d-0b69-11e3-bcc3-bc5ff485e7d7 Error: (08/22/2013 10:27:39 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 09:16:11 PM) (Source: Application Error)(User: ) Description: IAStorDataMgrSvc.exe11.6.0.10305042b0f0ISDI2.dll11.6.0.10305042b0b6c00004170004d11ff3401ce9f6bfa68550eC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll4d8b443c-0b5f-11e3-a8ea-bc5ff485e7d7 Error: (08/22/2013 09:15:09 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 06:21:52 PM) (Source: Application Error)(User: ) Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db9710c0000005000332b095c01ce9f53403e1294C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\SysWOW64\ntdll.dllf3df9035-0b46-11e3-93a8-bc5ff485e7d7 Error: (08/22/2013 04:31:39 PM) (Source: Application Error)(User: ) Description: IAStorDataMgrSvc.exe11.6.0.10305042b0f0ISDI2.dll11.6.0.10305042b0b6c00004170004d11fc9801ce9f4437f61509C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll8dba2d50-0b37-11e3-93a8-bc5ff485e7d7 Error: (08/22/2013 04:30:57 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (08/22/2013 03:20:51 PM) (Source: Application Error)(User: ) Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db9710c0000005000332b099c01ce9f3a38be42bbC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\SysWOW64\ntdll.dllaa2a631d-0b2d-11e3-a777-bc5ff485e7d7 Error: (08/22/2013 03:14:47 PM) (Source: Application Error)(User: ) Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db9710c0000005000332b0143801ce9f38fffbbafeC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\SysWOW64\ntdll.dlld138d90a-0b2c-11e3-a777-bc5ff485e7d7 Error: (08/22/2013 03:04:22 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 CodeIntegrity Errors: =================================== Date: 2012-04-22 00:42:05.990 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-04-22 00:40:28.203 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-04-11 01:37:15.541 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\CHRIST~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-04-11 01:37:15.512 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\CHRIST~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-04-11 01:37:15.283 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-04-11 01:37:15.254 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 28% Total physical RAM: 12173.73 MB Available physical RAM: 8710.08 MB Total Pagefile: 24345.64 MB Available Pagefile: 20811.66 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:596.07 GB) (Free:498.21 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:931.51 GB) (Free:552.85 GB) NTFS ==================== MBR & Partition Table ================== ==================== End Of Log ============================ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2013 02
Ran by Christain (administrator) on 23-08-2013 01:24:15
Running from C:\Users\Christain\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Users\Christain\PC overclock\OpenHardwareMonitor\OpenHardwareMonitor.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Pingzapper\PZService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-05-30] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Christain\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-11] (Google Inc.)
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Policies\system: [DisableLockWorkstation] 0
MountPoints2: E - E:\ASRSetup.exe
MountPoints2: {458d0a12-6ab0-11e1-a10b-806e6f6e6963} - E:\Run.exe
MountPoints2: {78590d4e-757d-11e2-9b4f-806e6f6e6963} - E:\ASRSetup.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [606056 2013-07-23] (Razer Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2013-02-13] (FNet Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [168616 2013-08-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [141336 2013-08-18] (NVIDIA Corporation)
Startup: C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\G35 konfigurieren.lnk
ShortcutTarget: G35 konfigurieren.lnk -> C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c))
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY903821138211&ts=1377088359
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY903821138211&ts=1377088359
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default
FF Homepage: hxxp://www.buffed.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Christain\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Christain\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Christain\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Christain\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Christain\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\de9372bd-c6d6-4690-9bf6-238a8622d6b1@09af4fd9-64cf-4b1b-9464-1de3f20e38f7.com
FF Extension: jid1-qQSMEVsYTOjgYA - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Christain\AppData\Roaming\Mozilla\Firefox\Profiles\kgchiz5g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: adblocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Docs) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Mein Gutscheincode) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiomkimgbpmhibpejnghmmoedaijgdda\1.23.26_0
CHR Extension: (avast! Ad Blocker) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0
CHR Extension: (avast! Online Security) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Plus-HD-3.7) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii\1.23.7_0
CHR Extension: (Google Wallet Service) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (Gmail) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Christain\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 DAUpdaterSvc; D:\Programme\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-04-25] (BioWare)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [137336 2013-02-17] (Futuremark Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [577536 2013-01-25] (Hauppauge Computer Works)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 PingzapperSvc; C:\Program Files (x86)\Pingzapper\PZService.exe [679424 2012-06-11] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-12] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
==================== Drivers (Whitelisted) ====================
R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [47160 2008-04-28] (AMD, Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-22] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-22] ()
R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2011-09-21] (CPUID)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-06-09] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-02-13] (FNet Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-07-06] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-07-06] (Windows (R) Server 2003 DDK provider)
R3 HCW3x64; C:\Windows\System32\DRIVERS\HCW71364.sys [1501200 2012-01-31] (Hauppauge Computer Works, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [20352 2009-09-30] (Razer USA Ltd.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-07-18] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [39096 2013-07-10] (Razer Inc)
R3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [30904 2013-07-10] (Razer Inc)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [199296 2010-01-12] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-08-23] ()
S3 ALSysIO; \??\C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz130; \??\C:\Users\CHRIST~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [x]
R3 WinRing0_1_2_0; \??\C:\Users\Christain\AppData\Local\Temp\tmpE9E1.tmp [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-23 01:20 - 2013-08-23 01:20 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-08-23 01:18 - 2013-08-23 01:18 - 00003745 _____ C:\Users\Christain\Desktop\JRT.txt
2013-08-23 01:07 - 2013-08-23 01:07 - 00010245 _____ C:\Users\Christain\Desktop\AdwCleaner[S0].txt
2013-08-23 01:06 - 2013-08-23 01:13 - 00000000 ____D C:\AdwCleaner
2013-08-23 01:05 - 2013-08-23 01:05 - 01021434 _____ (Thisisu) C:\Users\Christain\Desktop\JRT.exe
2013-08-23 01:03 - 2013-08-23 01:04 - 00975858 _____ C:\Users\Christain\Desktop\adwcleaner.exe
2013-08-23 00:24 - 2013-08-23 00:24 - 00030722 _____ C:\Users\Christain\Desktop\Addition.txt
2013-08-23 00:23 - 2013-08-23 00:23 - 00000000 ____D C:\FRST
2013-08-23 00:16 - 2013-08-23 00:16 - 01576476 _____ (Farbar) C:\Users\Christain\Desktop\FRST64.exe
2013-08-22 21:02 - 2013-08-23 01:23 - 00275360 _____ (Microsoft Corporation) C:\Windows\system32\DreamScene.dll
2013-08-22 20:58 - 2013-08-22 22:25 - 00000000 ____D C:\Program Files (x86)\Mein Gutscheincode
2013-08-22 20:57 - 2013-08-22 22:25 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.7
2013-08-22 20:56 - 2013-08-22 20:56 - 01650073 _____ (DREAMSCENESEVEN.COM ) C:\Users\Christain\Downloads\dreamsceneseven.exe
2013-08-22 20:56 - 2013-08-22 20:56 - 00000000 ____D C:\Program Files (x86)\DreamScene Seven
2013-08-22 20:54 - 2013-08-22 20:54 - 01795356 _____ C:\Users\Christain\Downloads\D3RoS_Malthael.wmv
2013-08-22 15:18 - 2013-08-22 15:18 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-22 15:16 - 2013-08-22 15:16 - 00000000 ____D C:\Users\Christain\Downloads\OpenOffice 4.0.0 (de) Installation Files
2013-08-22 15:15 - 2013-08-22 15:16 - 162401424 _____ C:\Users\Christain\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-08-22 15:09 - 2013-08-22 15:10 - 00260376 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-08-22 14:52 - 2013-08-22 14:52 - 02434048 _____ C:\Users\Christain\Downloads\msxml.msi
2013-08-22 14:48 - 2013-08-22 14:48 - 03272136 _____ (Secunia) C:\Users\Christain\Downloads\PSISetup711.exe
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Secunia PSI
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-08-22 13:52 - 2013-08-22 13:52 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-22 13:52 - 2013-08-22 13:52 - 00000000 ____D C:\Program Files\Java
2013-08-22 13:49 - 2013-08-22 13:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-22 13:48 - 2013-08-22 13:48 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-22 13:42 - 2013-08-22 22:29 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-22 13:42 - 2013-08-22 14:50 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-22 13:42 - 2013-08-22 13:42 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-22 13:42 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-22 13:42 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-22 13:42 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-22 13:42 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-22 13:41 - 2013-08-22 13:41 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-22 13:39 - 2013-08-22 13:41 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-22 13:20 - 2013-08-22 13:22 - 00001324 _____ C:\DelFix.txt
2013-08-22 13:07 - 2013-08-22 13:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-21 20:32 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\ERUNT
2013-08-21 19:20 - 2013-08-21 19:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 19:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-21 15:25 - 2013-08-23 01:22 - 00001950 _____ C:\autoupdate.log
2013-08-21 15:25 - 2013-08-23 01:19 - 00000728 _____ C:\Windows\setupact.log
2013-08-21 15:25 - 2013-08-21 15:25 - 00000000 _____ C:\Windows\setuperr.log
2013-08-21 15:24 - 2013-08-23 01:19 - 00017776 _____ C:\Windows\PFRO.log
2013-08-21 14:47 - 2013-08-21 14:49 - 00000000 ____D C:\Program Files\ASRock
2013-08-21 11:28 - 2013-08-21 11:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-21 11:26 - 2013-08-18 21:34 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-21 11:26 - 2013-08-18 21:34 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-21 11:26 - 2013-08-18 21:34 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-21 11:26 - 2013-08-17 07:30 - 03319709 _____ C:\Windows\system32\nvcoproc.bin
2013-08-21 11:21 - 2013-08-18 23:02 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-21 11:21 - 2013-08-18 23:02 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-21 11:21 - 2013-08-18 23:02 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-08-21 11:21 - 2013-07-18 19:15 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-21 11:21 - 2013-07-18 19:15 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-21 11:21 - 2013-07-18 19:15 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-21 11:21 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-08-21 11:21 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-08-21 11:21 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-17 21:25 - 2013-08-17 21:25 - 00000000 ____D C:\Users\Christain\Neuer Ordner
2013-08-15 10:03 - 2013-08-15 10:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzp1endpt_01009.Wdf
2013-08-14 20:41 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 20:41 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 20:41 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 20:41 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 20:41 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 20:41 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 20:41 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 20:41 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 20:41 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 20:41 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 20:41 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 20:41 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 20:37 - 2013-08-14 20:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 17:58 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 17:58 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 17:58 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 17:58 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 17:58 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 17:58 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 17:58 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 17:58 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 17:57 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 17:57 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 17:57 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 17:57 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 17:57 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 17:57 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 17:57 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 17:57 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 17:57 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 17:57 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 17:57 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 17:57 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 17:57 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 17:57 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 17:57 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 17:57 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 17:57 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 17:57 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 17:57 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-08 09:34 - 2013-08-08 09:34 - 00000000 ____D C:\NvidiaLogging
2013-07-29 09:44 - 2013-08-22 22:25 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Battle.net
2013-07-29 09:44 - 2013-08-22 16:28 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Battle.net
2013-07-29 09:44 - 2013-08-13 20:41 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-07-29 09:44 - 2013-07-29 09:44 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Blizzard Entertainment
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\Christain\Documents\Nexus Mod Manager
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Black_Tree_Gaming
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-07-27 14:37 - 2013-07-27 14:37 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2013-07-27 14:35 - 2013-07-27 14:40 - 00000000 ____D C:\Users\Christain\.android
2013-07-27 14:32 - 2013-07-27 14:32 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2013-07-27 14:31 - 2013-07-27 14:37 - 00000000 ____D C:\Program Files (x86)\Android SDK
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____D C:\Users\Christain\Documents\Square Enix
2013-07-25 05:38 - 2013-07-25 05:38 - 00296448 _____ (Razer Inc) C:\Windows\SysWOW64\rzaudiodll.dll
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\Christain\Documents\Robot Entertainment
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Robot Entertainment
==================== One Month Modified Files and Folders =======
2013-08-23 01:23 - 2013-08-22 21:02 - 00275360 _____ (Microsoft Corporation) C:\Windows\system32\DreamScene.dll
2013-08-23 01:23 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-23 01:23 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-23 01:22 - 2013-08-21 15:25 - 00001950 _____ C:\autoupdate.log
2013-08-23 01:20 - 2013-08-23 01:20 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-08-23 01:20 - 2013-03-29 23:08 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2013-08-23 01:20 - 2013-02-13 03:59 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-08-23 01:19 - 2013-08-21 15:25 - 00000728 _____ C:\Windows\setupact.log
2013-08-23 01:19 - 2013-08-21 15:24 - 00017776 _____ C:\Windows\PFRO.log
2013-08-23 01:19 - 2012-04-09 17:44 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-23 01:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-23 01:18 - 2013-08-23 01:18 - 00003745 _____ C:\Users\Christain\Desktop\JRT.txt
2013-08-23 01:18 - 2012-03-10 14:57 - 01499460 _____ C:\Windows\WindowsUpdate.log
2013-08-23 01:13 - 2013-08-23 01:06 - 00000000 ____D C:\AdwCleaner
2013-08-23 01:07 - 2013-08-23 01:07 - 00010245 _____ C:\Users\Christain\Desktop\AdwCleaner[S0].txt
2013-08-23 01:05 - 2013-08-23 01:05 - 01021434 _____ (Thisisu) C:\Users\Christain\Desktop\JRT.exe
2013-08-23 01:04 - 2013-08-23 01:03 - 00975858 _____ C:\Users\Christain\Desktop\adwcleaner.exe
2013-08-23 00:50 - 2012-11-11 01:14 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000UA.job
2013-08-23 00:50 - 2012-11-11 01:14 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1094274934-3104664694-3043791998-1000Core.job
2013-08-23 00:40 - 2012-10-12 22:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-23 00:24 - 2013-08-23 00:24 - 00030722 _____ C:\Users\Christain\Desktop\Addition.txt
2013-08-23 00:23 - 2013-08-23 00:23 - 00000000 ____D C:\FRST
2013-08-23 00:16 - 2013-08-23 00:16 - 01576476 _____ (Farbar) C:\Users\Christain\Desktop\FRST64.exe
2013-08-22 22:29 - 2013-08-22 13:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-22 22:25 - 2013-08-22 20:58 - 00000000 ____D C:\Program Files (x86)\Mein Gutscheincode
2013-08-22 22:25 - 2013-08-22 20:57 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.7
2013-08-22 22:25 - 2013-07-29 09:44 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Battle.net
2013-08-22 21:22 - 2012-09-01 16:52 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Dropbox
2013-08-22 21:22 - 2012-03-10 15:06 - 00000000 ___RD C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-22 21:14 - 2012-03-10 15:06 - 00000000 ____D C:\Users\Christain
2013-08-22 21:05 - 2012-03-11 22:19 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-22 21:05 - 2012-03-10 22:30 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-22 20:57 - 2012-03-10 22:30 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-22 20:56 - 2013-08-22 20:56 - 01650073 _____ (DREAMSCENESEVEN.COM ) C:\Users\Christain\Downloads\dreamsceneseven.exe
2013-08-22 20:56 - 2013-08-22 20:56 - 00000000 ____D C:\Program Files (x86)\DreamScene Seven
2013-08-22 20:54 - 2013-08-22 20:54 - 01795356 _____ C:\Users\Christain\Downloads\D3RoS_Malthael.wmv
2013-08-22 16:30 - 2013-05-29 20:05 - 00000000 ____D C:\Users\UpdatusUser.Kartoffelbauer
2013-08-22 16:28 - 2013-07-29 09:44 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Battle.net
2013-08-22 16:28 - 2012-03-31 11:15 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-08-22 16:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-22 16:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-22 15:18 - 2013-08-22 15:18 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-22 15:16 - 2013-08-22 15:16 - 00000000 ____D C:\Users\Christain\Downloads\OpenOffice 4.0.0 (de) Installation Files
2013-08-22 15:16 - 2013-08-22 15:15 - 162401424 _____ C:\Users\Christain\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-08-22 15:10 - 2013-08-22 15:09 - 00260376 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-08-22 15:01 - 2012-03-10 17:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-22 15:01 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-22 14:56 - 2012-03-10 16:21 - 00000000 ____D C:\Users\Christain\Desktop Icons
2013-08-22 14:53 - 2012-03-12 23:10 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-22 14:52 - 2013-08-22 14:52 - 02434048 _____ C:\Users\Christain\Downloads\msxml.msi
2013-08-22 14:50 - 2013-08-22 13:42 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-22 14:48 - 2013-08-22 14:48 - 03272136 _____ (Secunia) C:\Users\Christain\Downloads\PSISetup711.exe
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Secunia PSI
2013-08-22 14:48 - 2013-08-22 14:48 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-08-22 13:52 - 2013-08-22 13:52 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-22 13:52 - 2013-08-22 13:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-22 13:52 - 2013-08-22 13:52 - 00000000 ____D C:\Program Files\Java
2013-08-22 13:52 - 2012-05-20 19:21 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-22 13:52 - 2012-05-01 15:28 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-22 13:49 - 2013-08-22 13:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-22 13:49 - 2013-08-22 13:49 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-22 13:49 - 2012-08-27 19:57 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-22 13:49 - 2012-03-31 11:15 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-22 13:48 - 2013-08-22 13:48 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-22 13:42 - 2013-08-22 13:42 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-22 13:42 - 2013-08-22 13:42 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-22 13:41 - 2013-08-22 13:41 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-22 13:41 - 2013-08-22 13:39 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-22 13:24 - 2012-04-24 22:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 13:22 - 2013-08-22 13:20 - 00001324 _____ C:\DelFix.txt
2013-08-22 13:20 - 2013-08-21 20:32 - 00000000 ____D C:\Windows\ERUNT
2013-08-22 13:09 - 2012-03-10 15:46 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Adobe
2013-08-22 13:09 - 2012-03-10 15:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-22 13:09 - 2012-03-10 15:42 - 00000000 ____D C:\ProgramData\Adobe
2013-08-22 13:07 - 2013-08-22 13:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-22 12:42 - 2013-02-13 03:59 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-08-22 09:32 - 2009-07-14 19:58 - 02917790 _____ C:\Windows\system32\perfh007.dat
2013-08-22 09:32 - 2009-07-14 19:58 - 00863738 _____ C:\Windows\system32\perfc007.dat
2013-08-22 09:32 - 2009-07-14 07:13 - 00006280 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-21 19:20 - 2013-08-21 19:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 16:08 - 2013-02-13 04:38 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\CrashDumps
2013-08-21 15:25 - 2013-08-21 15:25 - 00000000 _____ C:\Windows\setuperr.log
2013-08-21 15:24 - 2012-11-11 01:14 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-08-21 15:24 - 2012-03-10 15:06 - 00001003 _____ C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-21 14:49 - 2013-08-21 14:47 - 00000000 ____D C:\Program Files\ASRock
2013-08-21 11:40 - 2012-10-12 22:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 11:40 - 2012-10-12 22:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 11:40 - 2012-03-10 15:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 11:28 - 2013-08-21 11:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-21 11:28 - 2012-03-16 19:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-21 11:26 - 2012-10-04 16:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-21 11:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-08-21 11:25 - 2013-05-29 20:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-20 20:29 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-19 12:57 - 2012-03-10 16:46 - 00000000 ____D C:\Users\Christain\AppData\Roaming\TS3Client
2013-08-19 12:56 - 2012-04-07 22:19 - 00000000 ____D C:\Windows\Minidump
2013-08-19 12:56 - 2012-03-10 14:53 - 00000000 ____D C:\Windows\Panther
2013-08-19 00:00 - 2012-03-10 15:59 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Skype
2013-08-18 23:02 - 2013-08-21 11:21 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 23:02 - 2013-08-21 11:21 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 23:02 - 2013-08-21 11:21 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-08-18 21:34 - 2013-08-21 11:26 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-18 21:34 - 2013-08-21 11:26 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-18 21:34 - 2013-08-21 11:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-17 21:25 - 2013-08-17 21:25 - 00000000 ____D C:\Users\Christain\Neuer Ordner
2013-08-17 07:30 - 2013-08-21 11:26 - 03319709 _____ C:\Windows\system32\nvcoproc.bin
2013-08-15 14:28 - 2012-03-10 16:46 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-15 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 10:05 - 2012-07-17 17:01 - 00000000 ____D C:\Program Files (x86)\Razer
2013-08-15 10:03 - 2013-08-15 10:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzp1endpt_01009.Wdf
2013-08-15 10:02 - 2012-07-17 17:01 - 00000000 ____D C:\ProgramData\Razer
2013-08-14 20:38 - 2013-08-14 20:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 20:37 - 2012-03-14 18:30 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 20:41 - 2013-07-29 09:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-08-08 09:34 - 2013-08-08 09:34 - 00000000 ____D C:\NvidiaLogging
2013-08-07 20:50 - 2012-03-10 15:18 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Mozilla
2013-07-30 20:35 - 2012-03-10 16:08 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Origin
2013-07-30 20:35 - 2012-03-10 16:08 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Origin
2013-07-29 13:01 - 2013-07-16 22:03 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Skyrim
2013-07-29 09:44 - 2013-07-29 09:44 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Blizzard Entertainment
2013-07-28 17:36 - 2012-11-11 01:14 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Google
2013-07-28 12:47 - 2013-01-06 19:24 - 00000000 ____D C:\Users\Christain\Documents\Witcher 2
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\Christain\Documents\Nexus Mod Manager
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Black_Tree_Gaming
2013-07-28 12:45 - 2013-07-28 12:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-07-27 20:23 - 2012-04-22 00:28 - 00000000 ____D C:\Users\Christain\Handy
2013-07-27 14:40 - 2013-07-27 14:35 - 00000000 ____D C:\Users\Christain\.android
2013-07-27 14:37 - 2013-07-27 14:37 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2013-07-27 14:37 - 2013-07-27 14:31 - 00000000 ____D C:\Program Files (x86)\Android SDK
2013-07-27 14:32 - 2013-07-27 14:32 - 00000000 ____D C:\Users\Christain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____D C:\Users\Christain\Documents\Square Enix
2013-07-26 07:13 - 2013-08-14 20:41 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-14 20:41 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-14 20:41 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-14 20:41 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-14 20:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-14 20:41 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-14 20:41 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-14 20:41 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-14 20:41 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-14 20:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-14 20:41 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-14 20:41 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 21:02 - 2013-07-16 20:40 - 00000000 ____D C:\Users\Christain\Documents\Shiner
2013-07-25 11:25 - 2013-08-14 17:57 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 17:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-25 05:38 - 2013-07-25 05:38 - 00296448 _____ (Razer Inc) C:\Windows\SysWOW64\rzaudiodll.dll
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\Christain\Documents\Robot Entertainment
2013-07-24 20:40 - 2013-07-24 20:40 - 00000000 ____D C:\Users\CHRIST~1\AppData\Local\Robot Entertainment
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 12:55
==================== End Of Log ============================
Hoffe das sind gute Ergebnisse |
|
23.08.2013, 08:55
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files (x86)\Mein Gutscheincode
C:\Program Files (x86)\Plus-HD-3.7
C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiomkimgbpmhibpejnghmmoedaijgdda\1.23.26_0
C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii\1.23.7_0
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ --> Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) |
|
23.08.2013, 09:08
| #7 |
| | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Hab den Scan durchgeführt. Hier ist das Log. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-08-2013 02
Ran by Christain at 2013-08-23 10:05:57 Run:1
Running from C:\Users\Christain\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Program Files (x86)\Mein Gutscheincode
C:\Program Files (x86)\Plus-HD-3.7
C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiomkimgbpmhibpejnghmmoedaijgdda\1.23.26_0
C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii\1.23.7_0
*****************
C:\Program Files (x86)\Mein Gutscheincode => Moved successfully.
C:\Program Files (x86)\Plus-HD-3.7 => Moved successfully.
C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiomkimgbpmhibpejnghmmoedaijgdda\1.23.26_0 => Moved successfully.
C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii\1.23.7_0 => Moved successfully.
==== End of Fixlog ====
|
|
23.08.2013, 09:09
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.08.2013, 11:39
| #9 |
| | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Scans sind durchgeführt. Hat leider etwas länger gedauert. Malwarebytes ergab keine Treffer. Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.22.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Christain :: KARTOFFELBAUER [Administrator] 23.08.2013 10:15:36 mbam-log-2013-08-23 (10-15-36).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 269417 Laufzeit: 2 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8f815639d82800468d93302f70eb25da
# engine=14875
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-23 10:37:16
# local_time=2013-08-23 12:37:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 78432 153964108 0 0
# compatibility_mode=5893 16776573 100 94 55414 128884086 0 0
# scanned=312825
# found=0
# cleaned=0
# scan_time=8111
MFG |
|
23.08.2013, 11:58
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.08.2013, 12:02
| #11 |
| | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Super vielen vielen Dank  ich hab eben nur noch die Frage was ich mit der Quarantäne von Malwarebytes machen soll da isn haufen Zeug drin. |
|
23.08.2013, 12:05
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Was habt ihr alle immer nur mit der Quarantäne?  Überleg doch mal was eine Quarantäne ist. Ob da die schädliche Datei drinbleibt oder nicht, das hat keine Auswirkungen. Schädlinge in der Quarantäne können nichts mehr anrichten, sie sind dort isoliert. Du solltest grundsätzlich mit der Quarantäne arbeiten, denn falls der Virenscanner durch einen Fehlalarm was wichtiges löscht, kannst Du notfalls noch über die Quarantäne an die Datei ran.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.08.2013, 12:11
| #13 |
| | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Okay super dann lass ich ma alles so wies jetzt is^^ Nochmal vielen Dank für die sehr gute Arbeit. Den CookieCuller werd ich gleich laden und das mit den Hosts files werd ich mir aufjedenfall auch zu gemüte führen. Wünsch dir dann noch ein schönes Wochenende MFG |
|
23.08.2013, 12:23
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. (Tools wie zB FRST einfach per Rechtsklick vom Desktop löschen) Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Nach entfernen von QV06 fand Malwarebytes 17 treffer (pup.optional.crossrider) |
| adware.packed.ranver, anti-malware, appdata, autostart, avast, browser, dateien, entfernen, explorer, firefox, gelöscht, helper, malwarebytes, microsoft, neustart., pup.optional.crossrider, pup.optional.lyricxeeker.a, quarantäne, service, software, speicher, trojaner, trojaner board, version |
Linear-Darstellung
