| |
| |||||||
Log-Analyse und Auswertung: [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.08.2013, 21:19
| #1 |
| | ![[WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen - Standard](images/icons/icon1.gif){kind=icon} [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Hallo Trojaner-Boarder, ich habe mir beim Neueinrichten meines Rechners (Neuaufgesetzt) Qvo6 und die deltatoolbar-Suche eingefangen und bekomme sie jetzt nicht vollständig entfernt. Hinzu kommt das ich auf eigene Faust versucht habe die Schädlinge loszuwerden. Aus diesem Grund habe ich nach kurzer Internetrecherche um was es sich handelt bereits den adwcleaner mehrfach ausgeführt und dachte eigentlich alles entfernt zu haben. Heute Abend habe ich dann das Programm Winzipper auf meinem Rechner entdeckt und musste feststellen das es sich dabei anscheinend um Überreste von Qvo6 handelt. Jedenfalls bekomme ich das jetzt nicht mehr deinstalliert und wende mich deswegen hilfesuchend an euch. Ich habe bereits einige Logs nach Anweisung des Hilfe-Leitfadens erstellt. Den defogger habe ich weggelassen, weil ich keine Emulator-Software benutze. Die adwcleaner-Logs sind auch mit dabei. FRST-Log: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 04
Ran by Marvin (administrator) on Nachname-PC on 31-08-2013 21:34:13
Running from C:\Users\Marvin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
MountPoints2: {168ab4a5-f69c-11e2-a7db-f46d041a2533} - G:\pushinst.exe
MountPoints2: {c94c2f19-f6ca-11e2-93e6-f46d041a2533} - "G:\WD SmartWare.exe" autoplay=true
MountPoints2: {da345204-f49e-11e2-8dfc-806e6f6e6963} - E:\Bin\assetup.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [606056 2013-07-23] (Razer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39096 2013-07-10] (Razer Inc)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-31 21:33 - 2013-08-31 21:33 - 01589860 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2013-08-31 21:13 - 2013-08-31 21:14 - 00994642 _____ C:\Users\Marvin\Downloads\adwcleaner.exe
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:45 - 2013-08-31 20:46 - 53635584 _____ C:\Users\Marvin\Downloads\wz175-64gev.msi
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-30 18:21 - 2013-08-31 20:58 - 00000000 ____D C:\Users\matt
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-22 19:31 - 2013-08-22 19:35 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:29 - 2013-08-31 20:41 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-22 19:29 - 2013-08-31 20:40 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-18 21:58 - 2013-08-31 19:41 - 00005088 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nachname-PC-Marvin Nachname-PC
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 20:53 - 2013-08-18 22:04 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-08-18 20:48 - 2013-08-18 20:48 - 06220854 _____ C:\Users\Marvin\Desktop\Neue Bitmap.bmp
2013-08-18 20:48 - 2013-08-18 20:48 - 00000000 ____D C:\Users\Marvin\Desktop\Alte Firefox-Daten
2013-08-18 20:47 - 2013-08-18 20:47 - 00389157 _____ C:\Users\Marvin\Desktop\bookmarks.html
2013-08-18 20:47 - 2013-08-18 20:47 - 00166976 _____ C:\Users\Marvin\Desktop\bookmarks-2013-08-18.json
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:31 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 18:31 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 18:31 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-08-18 18:31 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-08-18 18:31 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:44 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2013-08-18 11:44 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-08-18 11:44 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:37 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-08-18 11:37 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-08-18 11:37 - 2003-06-05 13:57 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-08-18 11:37 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:28 - 2013-08-18 11:29 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 10:59 - 2013-08-18 11:13 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:08 - 2013-08-18 11:35 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 10:08 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 11:39 - 2013-08-17 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 19:54 - 2013-08-18 12:43 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 17:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 17:15 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 17:15 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 17:15 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 17:15 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 17:15 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 17:15 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 17:15 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 17:13 - 2013-07-24 15:40 - 12295680 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 09065472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 06036480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 01231872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 13:43 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 17:13 - 2013-07-24 13:23 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 17:13 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
2013-08-03 23:10 - 2013-08-22 19:32 - 00000985 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-03 22:27 - 2013-08-03 22:27 - 00715038 _____ C:\Windows\unins000.exe
2013-08-03 22:27 - 2013-08-03 22:27 - 00001994 _____ C:\Windows\unins000.dat
2013-08-03 22:27 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2013-08-03 22:27 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-08-03 16:15 - 2013-08-03 16:27 - 00017610 _____ C:\Users\Marvin\Documents\TombRaider.log
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Dxtory Software
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Program Files (x86)\ExKode
2013-08-03 13:59 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2013-08-03 13:59 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll
2013-08-03 11:22 - 2013-08-03 11:22 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western_Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\ProgramData\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-08-03 09:42 - 2013-08-03 09:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western Digital
==================== One Month Modified Files and Folders =======
2013-08-31 21:33 - 2013-08-31 21:33 - 01589860 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2013-08-31 21:14 - 2013-08-31 21:13 - 00994642 _____ C:\Users\Marvin\Downloads\adwcleaner.exe
2013-08-31 21:01 - 2013-07-27 17:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 20:58 - 2013-08-30 18:21 - 00000000 ____D C:\Users\matt
2013-08-31 20:48 - 2013-07-24 22:31 - 00000000 ____D C:\Users\Marvin
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:46 - 2013-08-31 20:45 - 53635584 _____ C:\Users\Marvin\Downloads\wz175-64gev.msi
2013-08-31 20:41 - 2013-08-22 19:29 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-31 20:40 - 2013-08-22 19:29 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-31 19:57 - 2013-07-24 22:31 - 01271736 _____ C:\Windows\WindowsUpdate.log
2013-08-31 19:41 - 2013-08-18 21:58 - 00005088 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nachname-PC-Marvin Nachname-PC
2013-08-31 12:18 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-31 12:18 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-31 12:16 - 2011-04-12 09:43 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-08-31 12:16 - 2011-04-12 09:43 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-08-31 12:16 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 12:11 - 2013-07-24 22:41 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-31 12:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 12:11 - 2009-07-14 06:51 - 00011213 _____ C:\Windows\setupact.log
2013-08-30 20:00 - 2013-07-27 22:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-30 18:21 - 2013-07-28 14:13 - 00027962 _____ C:\Windows\DirectX.log
2013-08-30 17:25 - 2013-07-28 19:22 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\.minecraft
2013-08-22 19:35 - 2013-08-22 19:31 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:32 - 2013-08-03 23:10 - 00000985 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-22 19:32 - 2013-07-24 22:31 - 00001168 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-18 22:04 - 2013-08-18 20:53 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:16 - 2013-07-27 11:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 21:16 - 2010-11-21 05:47 - 00012818 _____ C:\Windows\PFRO.log
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 20:48 - 2013-08-18 20:48 - 06220854 _____ C:\Users\Marvin\Desktop\Neue Bitmap.bmp
2013-08-18 20:48 - 2013-08-18 20:48 - 00000000 ____D C:\Users\Marvin\Desktop\Alte Firefox-Daten
2013-08-18 20:47 - 2013-08-18 20:47 - 00389157 _____ C:\Users\Marvin\Desktop\bookmarks.html
2013-08-18 20:47 - 2013-08-18 20:47 - 00166976 _____ C:\Users\Marvin\Desktop\bookmarks-2013-08-18.json
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 13:47 - 2013-07-27 23:37 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\vlc
2013-08-18 12:43 - 2013-08-16 19:54 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 12:09 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:35 - 2013-08-18 10:08 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 11:29 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 11:13 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:09 - 2013-08-18 10:08 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 13:09 - 2013-07-27 18:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-17 11:40 - 2013-08-17 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 11:36 - 2013-07-28 13:42 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-17 00:32 - 2013-07-27 22:42 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\TS3Client
2013-08-16 18:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 23:04 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-15 22:49 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-15 17:07 - 2013-07-27 21:31 - 00143356 _____ C:\Windows\DPINST.LOG
2013-08-12 21:52 - 2013-07-28 20:39 - 01589442 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-05 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-08-05 22:12 - 2013-07-27 20:10 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Skype
2013-08-04 20:19 - 2013-07-29 20:55 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-04 20:19 - 2013-07-28 14:14 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-04 20:19 - 2013-07-28 14:14 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
2013-08-04 11:29 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-03 22:27 - 2013-08-03 22:27 - 00715038 _____ C:\Windows\unins000.exe
2013-08-03 22:27 - 2013-08-03 22:27 - 00001994 _____ C:\Windows\unins000.dat
2013-08-03 21:14 - 2013-07-28 13:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Origin
2013-08-03 21:14 - 2013-07-28 13:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Origin
2013-08-03 16:27 - 2013-08-03 16:15 - 00017610 _____ C:\Users\Marvin\Documents\TombRaider.log
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Dxtory Software
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Program Files (x86)\ExKode
2013-08-03 11:22 - 2013-08-03 11:22 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western_Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\ProgramData\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-08-03 09:42 - 2013-08-03 09:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western Digital
Files to move or delete:
====================
C:\Users\Marvin\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Marvin\AppData\Local\Temp\installerdll7751549.dll
C:\Users\Marvin\AppData\Local\Temp\installerdll7766478.dll
C:\Users\Marvin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Marvin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marvin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Marvin\AppData\Local\Temp\nvStInst.exe
C:\Users\Marvin\AppData\Local\Temp\Quarantine.exe
C:\Users\Marvin\AppData\Local\Temp\rootsupd.exe
C:\Users\Marvin\AppData\Local\Temp\sam__2268_il2369263.exe
C:\Users\Marvin\AppData\Local\Temp\Setup.exe
C:\Users\Marvin\AppData\Local\Temp\SHSetup.exe
C:\Users\Marvin\AppData\Local\Temp\sonarinst.exe
C:\Users\Marvin\AppData\Local\Temp\UpdUninstall.exe
C:\Users\Marvin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Marvin\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marvin\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Marvin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Marvin\AppData\Local\Temp\_is22AC.exe
C:\Users\Marvin\AppData\Local\Temp\{BD736320-B23C-4B47-9BD3-8F2C23D6FF3E}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{92748AFA-78DB-4AE6-BEF6-605B162DF93C}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{89CD0288-9AD5-441F-B6FF-E9A1A72F8B9B}\ISSetup.dll
C:\Users\Marvin\AppData\Local\Temp\{89CD0288-9AD5-441F-B6FF-E9A1A72F8B9B}\_Setup.dll
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEWI64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEWX64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISRT.dll
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\_isres_0x0409.dll
C:\Users\Marvin\AppData\Local\Temp\{48F87537-3125-4447-A45F-E2AE107DC759}\{08FA496D-B19A-42f4-ABE8-0463EF768B1B}\dotNetFx40_Full_setup.exe
C:\Users\Marvin\AppData\Local\Temp\WDEDB32.tmp\CddbLangDE.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\Ionic.Zip.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\log4net.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzCommon.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzStorage.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzUpdateManager.exe
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzUpdateManagerUI.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86_x64de.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\isp284B.tmp\_Setup.dll
C:\Users\Marvin\AppData\Local\Temp\is-JKK5P.tmp\sam__2268_il2369263.exe
C:\Users\Marvin\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\Marvin\AppData\Local\Temp\Blizzard Installer Temporary Data - 418da2e2\vcredist_x86.exe
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\CbsProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\CompatProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismCore.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismCorePS.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismHost.exe
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismProv.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DmiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\FolderProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\IntlProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\LogProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\MsiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\OSProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\SmiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\TransmogProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\UnattendProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\wdscore.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\WimProvider.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 18:58
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2013 04
Ran by Marvin at 2013-08-31 21:34:30
Running from C:\Users\Marvin\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader 8.1.2 (x32 Version: 8.1.2)
Age of Empires II: HD Edition (x32)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.8.0)
ASUS nVidia Driver (x32 Version: 1.00.0000)
Audacity 2.0.3 (x32 Version: 2.0.3)
AVM FRITZ!Box Dokumentation (x32)
AVM FRITZ!WLAN (x32)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
Chivalry: Medieval Warfare (x32)
Counter-Strike: Global Offensive (x32)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Diablo III (x32 Version: 1.0.8.16603)
Dxtory version 2.0.123 (x32 Version: 2.0.123)
eaner (Version: 4.04)
ESN Sonar (x32 Version: 0.70.4)
Far Cry® 3 (x32)
Fraps (remove only) (x32)
Free YouTube to MP3 Converter version 3.12.10.812 (x32 Version: 3.12.10.812)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Lagarith Lossless Codec (1.3.27) (x32)
marvell 91xx driver (x32 Version: 1.0.0.1045)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Security Client (Version: 4.3.0216.0)
Microsoft Security Essentials (Version: 4.3.216.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Notepad++ (x32 Version: 6.4.2)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
Origin (x32 Version: 9.2.1.4399)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
Portal (x32)
PunkBuster Services (x32 Version: 0.991)
Rainmeter (x32 Version: 3.0 beta r2022)
Razer Synapse 2.0 (x32 Version: 1.12.8)
Realtek Ethernet Controller Driver (x32 Version: 7.37.1229.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6251)
Skype™ 6.6 (x32 Version: 6.6.106)
Steam (x32 Version: 1.0.0.0)
Symphony (x32)
TeamSpeak 3 Client (Version: 3.0.11.1)
Tomb Raider (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2727096) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2817629) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition
Update for Microsoft Word 2013 (KB2810086) 64-Bit Edition
VLC media player 2.0.7 (x32 Version: 2.0.7)
WD SmartWare (Version: 1.1.1.6)
Winamp (x32 Version: 5.65 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
World of Warcraft (x32 Version: 5.3.0.17128)
==================== Restore Points =========================
18-08-2013 20:03:13 Removed SpyHunter
18-08-2013 20:03:28 Removed SpyHunter
20-08-2013 19:53:06 Windows Update
26-08-2013 05:44:41 Windows-Sicherung
29-08-2013 18:05:31 Windows Update
30-08-2013 16:21:26 DirectX wurde installiert
31-08-2013 18:47:35 WinZip 17.5 wird installiert
31-08-2013 18:49:35 WinZip 17.5 wird entfernt
31-08-2013 18:58:11 Removed Browser Configuration Utility.
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0482B933-D776-4901-B259-8D2D57B548B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-27] (Adobe Systems Incorporated)
Task: {2ABE30C6-ABE2-41A2-9E8E-C1F7F01572E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {3A3A3BCC-31D6-49B9-B41C-95C476A17B7C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {58F73785-DADF-4514-9F2B-5CEC4A220287} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Nachname-PC-Vorname Nachname-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {668101BE-5307-4439-B4E9-875A9F5C9956} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File
Task: {A9B11A8D-B00C-40F3-B440-896D71F8B22A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {BB7D8F13-8B3B-4835-8783-6F8953403594} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {E17183BB-B8BC-400B-97D9-5E017135F20D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation)
Task: {F74FF427-0E56-43BD-AB24-1CFC179DA22D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {FE8340FE-0159-440C-8899-E9E89F8879B2} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-07-18] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-02-26 00:32 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-13 04:37 - 2013-07-13 04:37 - 02328776 _____ (Microsoft Corporation) C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL
2011-06-11 01:15 - 2011-06-11 01:15 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll
2011-06-11 01:15 - 2011-06-11 01:15 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll
2011-06-11 01:15 - 2011-06-11 01:15 - 00158536 _____ (Microsoft Corporation) C:\Windows\system32\ATL100.DLL
2013-07-11 15:33 - 2013-07-11 15:33 - 08922840 _____ (Microsoft Corporation) C:\PROGRA~1\MICROS~3\Office15\1031\GrooveIntlResource.dll
2011-01-07 20:49 - 2013-06-21 12:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2009-07-14 02:31 - 2009-07-14 03:41 - 02137600 _____ (Microsoft Corporation) C:\Windows\System32\NLSData0007.dll
2013-07-27 16:51 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\NETAPI32.DLL
2013-08-22 19:29 - 2013-08-22 19:29 - 00150184 _____ (337 Technology Limited.) C:\Program Files (x86)\WinZipper\eshellctx64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2009-07-11 23:14 - 2009-07-11 23:14 - 01655296 _____ (Microsoft Corporation) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
2013-07-21 17:57 - 2013-07-21 17:57 - 00735416 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2012-11-05 22:26 - 2012-11-05 22:26 - 00849360 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR110.dll
2012-11-05 22:26 - 2012-11-05 22:26 - 00661456 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP110.dll
2013-07-21 17:57 - 2013-07-21 17:57 - 00383488 _____ () C:\Program Files\Rainmeter\Plugins\NowPlaying.dll
2013-07-21 17:56 - 2013-07-21 17:56 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
2013-07-21 17:57 - 2013-07-21 17:57 - 00062976 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2011-01-07 20:49 - 2013-06-21 12:23 - 04528416 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvUI.dll
2013-07-27 20:21 - 2013-05-16 16:39 - 01225504 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU64.DLL
2013-07-27 20:21 - 2013-05-16 16:39 - 04843296 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
2013-07-27 20:21 - 2013-05-16 16:39 - 01649440 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL
2010-11-21 05:24 - 2010-11-21 05:24 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Cabinet.dll
2013-07-27 11:11 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
Name: L:\
Description: MS/MS-Pro/HG
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/31/2013 00:12:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2013 00:11:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/31/2013 00:11:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/31/2013 00:11:10 PM) (Source: WDSmartWareBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)
Error: (08/31/2013 00:11:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/30/2013 04:26:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/30/2013 04:24:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/30/2013 04:24:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/30/2013 04:24:12 PM) (Source: WDSmartWareBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)
Error: (08/30/2013 04:24:12 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (08/30/2013 07:17:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/30/2013 07:17:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (08/26/2013 07:51:53 AM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (08/24/2013 00:05:57 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 24.08.2013 um 00:03:24 unerwartet heruntergefahren.
Error: (08/22/2013 05:49:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error: (08/21/2013 05:03:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error: (08/20/2013 09:43:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error: (08/19/2013 05:51:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error: (08/18/2013 10:03:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error: (08/18/2013 09:18:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (08/31/2013 00:12:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2013 00:11:10 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
Error: (08/31/2013 00:11:10 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
Error: (08/31/2013 00:11:10 PM) (Source: WDSmartWareBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)
Error: (08/31/2013 00:11:09 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
Error: (08/30/2013 04:26:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/30/2013 04:24:13 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
Error: (08/30/2013 04:24:13 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
Error: (08/30/2013 04:24:12 PM) (Source: WDSmartWareBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)
Error: (08/30/2013 04:24:12 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 8173.42 MB
Available physical RAM: 5900.2 MB
Total Pagefile: 16345.02 MB
Available Pagefile: 13912.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:66.34 GB) NTFS
Drive d: (Lokaler Datenträger) (Fixed) (Total:931.41 GB) (Free:779.8 GB) NTFS
Drive f: (Lokaler Datenträger) (Fixed) (Total:931.51 GB) (Free:824.62 GB) NTFS
Drive g: (WD SmartWare) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF
Drive h: () (Fixed) (Total:297.44 GB) (Free:297.34 GB) NTFS
Drive m: (Elements) (Fixed) (Total:931.51 GB) (Free:597.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 963AB564)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: F6738818)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 441B15E6)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 00372B75)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 297 GB) (Disk ID: 00035F28)
Partition 1: (Not Active) - (Size=297 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-31 21:52:31
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2 KINGSTON rev.501A 111,79GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Marvin\AppData\Local\Temp\ufddrkow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[1780] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 00000000729e1a22 2 bytes [9E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1780] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 00000000729e1ad0 2 bytes [9E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1780] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 00000000729e1b08 2 bytes [9E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1780] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 00000000729e1bba 2 bytes [9E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1780] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 00000000729e1bda 2 bytes [9E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077651465 2 bytes [65, 77]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000776514bb 2 bytes [65, 77]
.text ... * 2
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3060] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000077651465 2 bytes [65, 77]
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3060] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000776514bb 2 bytes [65, 77]
.text ... * 2
---- EOF - GMER 2.1 ----
Code:
ATTFilter # AdwCleaner v2.306 - Datei am 18/08/2013 um 21:14:21 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Marvin - KUCHAREK-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marvin\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : BCUService
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Windows\Tasks\Dealply.job
Datei Infiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Datei Infiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584)
Ordner Gefunden : C:\Program Files (x86)\Common Files\337
Ordner Gefunden : C:\Program Files (x86)\Desk 365
Ordner Gefunden : C:\Program Files (x86)\DeviceVM
Ordner Gefunden : C:\ProgramData\DeviceVM
Ordner Gefunden : C:\ProgramData\eSafe
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Marvin\AppData\Local\lollipop
Ordner Gefunden : C:\Users\Marvin\AppData\Local\SwvUpdater
Ordner Gefunden : C:\Users\Marvin\AppData\Local\Temp\Desk365
Ordner Gefunden : C:\Users\Marvin\AppData\Local\Temp\eIntaller
Ordner Gefunden : C:\Users\Marvin\AppData\Roaming\DealPly
Ordner Gefunden : C:\Users\Marvin\AppData\Roaming\DeviceVM
Ordner Gefunden : C:\Users\Marvin\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\jetpack
***** [Registrierungsdatenbank] *****
Daten Gefunden : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
Daten Gefunden : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
Schlüssel Gefunden : HKCU\Software\DeviceVM
Schlüssel Gefunden : HKCU\Software\lollipop
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gefunden : HKLM\Software\Desksvc
Schlüssel Gefunden : HKLM\Software\DeviceVM
Schlüssel Gefunden : HKLM\Software\eSafeSecControl
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gefunden : HKLM\Software\qvo6Software
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : HKU\S-1-5-21-1879151872-581772068-3287113573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
-\\ Mozilla Firefox v23.0.1 (de)
Datei : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [7622 octets] - [18/08/2013 21:14:21]
########## EOF - C:\AdwCleaner[R1].txt - [7682 octets] ##########
Code:
ATTFilter # AdwCleaner v2.306 - Datei am 18/08/2013 um 21:14:43 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Marvin - KUCHAREK-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marvin\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : BCUService
***** [Dateien / Ordner] *****
Datei Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Datei Desinfiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Datei Desinfiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Datei Desinfiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Datei Desinfiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Datei Desinfiziert : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Datei Gelöscht : C:\Windows\Tasks\Dealply.job
Gelöscht mit Neustart : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Program Files (x86)\Desk 365
Ordner Gelöscht : C:\Program Files (x86)\DeviceVM
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Marvin\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Marvin\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Marvin\AppData\Local\Temp\Desk365
Ordner Gelöscht : C:\Users\Marvin\AppData\Local\Temp\eIntaller
Ordner Gelöscht : C:\Users\Marvin\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Marvin\AppData\Roaming\DeviceVM
Ordner Gelöscht : C:\Users\Marvin\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\jetpack
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
Daten Gelöscht : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\Software\qvo6Software
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1376818584 --> hxxp://www.google.com
-\\ Mozilla Firefox v23.0.1 (de)
Datei : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [7735 octets] - [18/08/2013 21:14:21]
AdwCleaner[S1].txt - [6161 octets] - [18/08/2013 21:14:43]
########## EOF - C:\AdwCleaner[S1].txt - [6221 octets] ##########
Code:
ATTFilter # AdwCleaner v2.306 - Datei am 18/08/2013 um 21:18:16 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Marvin - KUCHAREK-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marvin\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\ProgramData\eSafe
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKLM\Software\eSafeSecControl
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v23.0.1 (de)
Datei : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [7735 octets] - [18/08/2013 21:14:21]
AdwCleaner[R2].txt - [897 octets] - [18/08/2013 21:18:16]
AdwCleaner[S1].txt - [6274 octets] - [18/08/2013 21:14:43]
########## EOF - C:\AdwCleaner[R2].txt - [1016 octets] ##########
Code:
ATTFilter # AdwCleaner v3.000 - Report created 22/08/2013 at 19:31:44
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marvin - KUCHAREK-PC
# Running from : C:\Users\Marvin\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : WsysSvc
***** [ Files / Folders ] *****
Folder Found C:\ProgramData\eSafe
Folder Found C:\Users\Marvin\AppData\Local\Temp\eIntaller
Folder Found C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\jetpack
***** [ Shortcuts ] *****
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581 )
Shortcut Found : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581 )
Shortcut Found : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581 )
Shortcut Found : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581 )
Shortcut Found : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581 )
Shortcut Found : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
Key Found : HKLM\Software\delta-homesSoftware
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_super_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_super_RASMANCS
Key Found : HKLM\Software\V9
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "delta-homes");
Line Found : user_pref("browser.search.order.1", "delta-homes");
Line Found : user_pref("browser.search.selectedEngine", "delta-homes");
*************************
AdwCleaner[R0].txt - [4762 octets] - [22/08/2013 19:31:44]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4822 octets] ##########
Code:
ATTFilter # AdwCleaner v3.000 - Report created 22/08/2013 at 19:32:19
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marvin - KUCHAREK-PC
# Running from : C:\Users\Marvin\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : WsysSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Users\Marvin\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\jetpack
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Marvin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_super_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_super_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\V9
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "delta-homes");
Line Deleted : user_pref("browser.search.order.1", "delta-homes");
Line Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
*************************
AdwCleaner[R0].txt - [4906 octets] - [22/08/2013 19:31:44]
AdwCleaner[S0].txt - [2957 octets] - [22/08/2013 19:32:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3017 octets] ##########
Code:
ATTFilter # AdwCleaner v3.000 - Report created 22/08/2013 at 19:34:57
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marvin - KUCHAREK-PC
# Running from : C:\Users\Marvin\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default-1376851720758\prefs.js ]
*************************
AdwCleaner[R0].txt - [4906 octets] - [22/08/2013 19:31:44]
AdwCleaner[R1].txt - [713 octets] - [22/08/2013 19:34:57]
AdwCleaner[S0].txt - [3101 octets] - [22/08/2013 19:32:19]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [832 octets] ##########
Gruß Rudeltier P.S. Gibt es Empfehlungen für Virenscanner (etc.) ? Nachdem Vorfall bin ich mir nämlich nicht mehr sicher ob man dem Microsoft Security Essentials vertrauen kann oder nicht. |
|
01.09.2013, 06:50
| #2 |
| /// the machine /// TB-Ausbilder    | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
01.09.2013, 11:47
| #3 |
| | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Hallo, hier die Logs.
__________________Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.01.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Marvin :: Nachname-PC [Administrator] Schutz: Aktiviert 01.09.2013 12:28:35 MBAM-log-2013-09-01 (12-30-28).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 252927 Laufzeit: 1 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Users\Marvin\AppData\Local\Temp\sam__2268_il2369263.exe (PUP.Optional.Amonetize) -> Keine Aktion durchgeführt. C:\Users\Marvin\AppData\Local\Temp\UpdUninstall.exe (PUP.Optional.Amonetize) -> Keine Aktion durchgeführt. C:\Users\Marvin\AppData\Local\Temp\is-JKK5P.tmp\sam__2268_il2369263.exe (PUP.Optional.Amonetize) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Home Premium x64
Ran by Marvin on 01.09.2013 at 12:35:22,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DEALPL~1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DEALPL~1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DEALPL~1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DEALPL~1_RASMANCS
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.09.2013 at 12:39:02,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-09-2013
Ran by Marvin (administrator) on Nachname-PC on 01-09-2013 12:42:58
Running from C:\Users\Marvin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
MountPoints2: {168ab4a5-f69c-11e2-a7db-f46d041a2533} - G:\pushinst.exe
MountPoints2: {c94c2f19-f6ca-11e2-93e6-f46d041a2533} - "G:\WD SmartWare.exe" autoplay=true
MountPoints2: {da345204-f49e-11e2-8dfc-806e6f6e6963} - E:\Bin\assetup.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [606056 2013-07-23] (Razer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39096 2013-07-10] (Razer Inc)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-01 12:39 - 2013-09-01 12:39 - 00001710 _____ C:\Users\Marvin\Desktop\JRT.txt
2013-09-01 12:35 - 2013-09-01 12:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-01 12:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-01 12:23 - 2013-09-01 12:24 - 01027511 _____ (Thisisu) C:\Users\Marvin\Desktop\JRT.exe
2013-09-01 12:22 - 2013-09-01 12:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 21:53 - 2013-08-31 21:53 - 878264836 _____ C:\Windows\MEMORY.DMP
2013-08-31 21:53 - 2013-08-31 21:53 - 00293192 _____ C:\Windows\Minidump\083113-10358-01.dmp
2013-08-31 21:53 - 2013-08-31 21:53 - 00000000 ____D C:\Windows\Minidump
2013-08-31 21:52 - 2013-08-31 21:52 - 00002020 _____ C:\Users\Marvin\Desktop\Gmer.txt
2013-08-31 21:39 - 2013-08-31 21:39 - 00377856 _____ C:\Users\Marvin\Desktop\gmer_2.1.19163.exe
2013-08-31 21:34 - 2013-08-31 21:36 - 00031856 _____ C:\Users\Marvin\Desktop\Addition.txt
2013-08-31 21:34 - 2013-08-31 21:34 - 00000000 ____D C:\FRST
2013-08-31 21:13 - 2013-08-31 21:14 - 00994642 _____ C:\Users\Marvin\Desktop\adwcleaner.exe
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-30 18:21 - 2013-08-31 20:58 - 00000000 ____D C:\Users\matt
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-22 19:31 - 2013-08-22 19:35 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:29 - 2013-09-01 12:36 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-22 19:29 - 2013-08-31 20:40 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-18 21:58 - 2013-09-01 12:34 - 00005088 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nachname-PC-Marvin Nachname-PC
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 20:53 - 2013-08-18 22:04 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-08-18 20:48 - 2013-08-18 20:48 - 00000000 ____D C:\Users\Marvin\Desktop\Alte Firefox-Daten
2013-08-18 20:47 - 2013-08-18 20:47 - 00389157 _____ C:\Users\Marvin\Desktop\bookmarks.html
2013-08-18 20:47 - 2013-08-18 20:47 - 00166976 _____ C:\Users\Marvin\Desktop\bookmarks-2013-08-18.json
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:31 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 18:31 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 18:31 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-08-18 18:31 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-08-18 18:31 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:44 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2013-08-18 11:44 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-08-18 11:44 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:37 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-08-18 11:37 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-08-18 11:37 - 2003-06-05 13:57 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-08-18 11:37 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:28 - 2013-08-18 11:29 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 10:59 - 2013-08-18 11:13 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:08 - 2013-08-18 11:35 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 10:08 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 11:39 - 2013-08-17 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 19:54 - 2013-08-18 12:43 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 17:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 17:15 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 17:15 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 17:15 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 17:15 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 17:15 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 17:15 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 17:15 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 17:13 - 2013-07-24 15:40 - 12295680 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 09065472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 06036480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 01231872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 13:43 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 17:13 - 2013-07-24 13:23 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 17:13 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
2013-08-03 23:10 - 2013-08-22 19:32 - 00000985 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-03 22:27 - 2013-08-03 22:27 - 00715038 _____ C:\Windows\unins000.exe
2013-08-03 22:27 - 2013-08-03 22:27 - 00001994 _____ C:\Windows\unins000.dat
2013-08-03 22:27 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2013-08-03 22:27 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-08-03 16:15 - 2013-08-03 16:27 - 00017610 _____ C:\Users\Marvin\Documents\TombRaider.log
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Dxtory Software
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Program Files (x86)\ExKode
2013-08-03 13:59 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2013-08-03 13:59 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll
2013-08-03 11:22 - 2013-08-03 11:22 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western_Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\ProgramData\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-08-03 09:42 - 2013-08-03 09:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western Digital
==================== One Month Modified Files and Folders =======
2013-09-01 12:41 - 2013-09-01 12:41 - 01590206 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2013-09-01 12:40 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 12:40 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 12:39 - 2013-09-01 12:39 - 00001710 _____ C:\Users\Marvin\Desktop\JRT.txt
2013-09-01 12:39 - 2011-04-12 09:43 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-09-01 12:39 - 2011-04-12 09:43 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-09-01 12:39 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-01 12:36 - 2013-08-22 19:29 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-09-01 12:36 - 2013-07-24 22:31 - 01465816 _____ C:\Windows\WindowsUpdate.log
2013-09-01 12:35 - 2013-09-01 12:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 12:34 - 2013-08-18 21:58 - 00005088 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nachname-PC-Marvin Nachname-PC
2013-09-01 12:33 - 2013-07-24 22:41 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-01 12:33 - 2010-11-21 05:47 - 00013694 _____ C:\Windows\PFRO.log
2013-09-01 12:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 12:33 - 2009-07-14 06:51 - 00011381 _____ C:\Windows\setupact.log
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-01 12:24 - 2013-09-01 12:23 - 01027511 _____ (Thisisu) C:\Users\Marvin\Desktop\JRT.exe
2013-09-01 12:22 - 2013-09-01 12:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 23:01 - 2013-07-27 17:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 21:53 - 2013-08-31 21:53 - 878264836 _____ C:\Windows\MEMORY.DMP
2013-08-31 21:53 - 2013-08-31 21:53 - 00293192 _____ C:\Windows\Minidump\083113-10358-01.dmp
2013-08-31 21:53 - 2013-08-31 21:53 - 00000000 ____D C:\Windows\Minidump
2013-08-31 21:52 - 2013-08-31 21:52 - 00002020 _____ C:\Users\Marvin\Desktop\Gmer.txt
2013-08-31 21:39 - 2013-08-31 21:39 - 00377856 _____ C:\Users\Marvin\Desktop\gmer_2.1.19163.exe
2013-08-31 21:36 - 2013-08-31 21:34 - 00031856 _____ C:\Users\Marvin\Desktop\Addition.txt
2013-08-31 21:34 - 2013-08-31 21:34 - 00000000 ____D C:\FRST
2013-08-31 21:14 - 2013-08-31 21:13 - 00994642 _____ C:\Users\Marvin\Desktop\adwcleaner.exe
2013-08-31 20:58 - 2013-08-30 18:21 - 00000000 ____D C:\Users\matt
2013-08-31 20:48 - 2013-07-24 22:31 - 00000000 ____D C:\Users\Marvin
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:40 - 2013-08-22 19:29 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-30 20:00 - 2013-07-27 22:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-30 18:21 - 2013-07-28 14:13 - 00027962 _____ C:\Windows\DirectX.log
2013-08-30 17:25 - 2013-07-28 19:22 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\.minecraft
2013-08-22 19:35 - 2013-08-22 19:31 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:32 - 2013-08-03 23:10 - 00000985 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-22 19:32 - 2013-07-24 22:31 - 00001168 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-18 22:04 - 2013-08-18 20:53 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:16 - 2013-07-27 11:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 20:48 - 2013-08-18 20:48 - 00000000 ____D C:\Users\Marvin\Desktop\Alte Firefox-Daten
2013-08-18 20:47 - 2013-08-18 20:47 - 00389157 _____ C:\Users\Marvin\Desktop\bookmarks.html
2013-08-18 20:47 - 2013-08-18 20:47 - 00166976 _____ C:\Users\Marvin\Desktop\bookmarks-2013-08-18.json
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 13:47 - 2013-07-27 23:37 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\vlc
2013-08-18 12:43 - 2013-08-16 19:54 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 12:09 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:35 - 2013-08-18 10:08 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 11:29 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 11:13 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:09 - 2013-08-18 10:08 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 13:09 - 2013-07-27 18:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-17 11:40 - 2013-08-17 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 11:36 - 2013-07-28 13:42 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-17 00:32 - 2013-07-27 22:42 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\TS3Client
2013-08-16 18:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 23:04 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-15 22:49 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-15 17:07 - 2013-07-27 21:31 - 00143356 _____ C:\Windows\DPINST.LOG
2013-08-12 21:52 - 2013-07-28 20:39 - 01589442 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-05 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-08-05 22:12 - 2013-07-27 20:10 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Skype
2013-08-04 20:19 - 2013-07-29 20:55 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-04 20:19 - 2013-07-28 14:14 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-04 20:19 - 2013-07-28 14:14 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
2013-08-04 11:29 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-03 22:27 - 2013-08-03 22:27 - 00715038 _____ C:\Windows\unins000.exe
2013-08-03 22:27 - 2013-08-03 22:27 - 00001994 _____ C:\Windows\unins000.dat
2013-08-03 21:14 - 2013-07-28 13:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Origin
2013-08-03 21:14 - 2013-07-28 13:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Origin
2013-08-03 16:27 - 2013-08-03 16:15 - 00017610 _____ C:\Users\Marvin\Documents\TombRaider.log
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Dxtory Software
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Program Files (x86)\ExKode
2013-08-03 11:22 - 2013-08-03 11:22 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western_Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\ProgramData\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-08-03 09:42 - 2013-08-03 09:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western Digital
Files to move or delete:
====================
C:\Users\Marvin\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Marvin\AppData\Local\Temp\installerdll7751549.dll
C:\Users\Marvin\AppData\Local\Temp\installerdll7766478.dll
C:\Users\Marvin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Marvin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marvin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Marvin\AppData\Local\Temp\nvStInst.exe
C:\Users\Marvin\AppData\Local\Temp\Quarantine.exe
C:\Users\Marvin\AppData\Local\Temp\rootsupd.exe
C:\Users\Marvin\AppData\Local\Temp\Setup.exe
C:\Users\Marvin\AppData\Local\Temp\SHSetup.exe
C:\Users\Marvin\AppData\Local\Temp\sonarinst.exe
C:\Users\Marvin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Marvin\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marvin\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Marvin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Marvin\AppData\Local\Temp\_is22AC.exe
C:\Users\Marvin\AppData\Local\Temp\{BD736320-B23C-4B47-9BD3-8F2C23D6FF3E}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{92748AFA-78DB-4AE6-BEF6-605B162DF93C}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{89CD0288-9AD5-441F-B6FF-E9A1A72F8B9B}\ISSetup.dll
C:\Users\Marvin\AppData\Local\Temp\{89CD0288-9AD5-441F-B6FF-E9A1A72F8B9B}\_Setup.dll
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEWI64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEWX64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISRT.dll
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\_isres_0x0409.dll
C:\Users\Marvin\AppData\Local\Temp\{48F87537-3125-4447-A45F-E2AE107DC759}\{08FA496D-B19A-42f4-ABE8-0463EF768B1B}\dotNetFx40_Full_setup.exe
C:\Users\Marvin\AppData\Local\Temp\WDEDB32.tmp\CddbLangDE.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\Ionic.Zip.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\log4net.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzCommon.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzStorage.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzUpdateManager.exe
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzUpdateManagerUI.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86_x64de.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Marvin\AppData\Local\Temp\isp284B.tmp\_Setup.dll
C:\Users\Marvin\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\Marvin\AppData\Local\Temp\Blizzard Installer Temporary Data - 418da2e2\vcredist_x86.exe
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\CbsProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\CompatProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismCore.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismCorePS.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismHost.exe
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismProv.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DmiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\FolderProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\IntlProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\LogProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\MsiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\OSProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\SmiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\TransmogProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\UnattendProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\wdscore.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\WimProvider.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 18:58
==================== End Of Log ============================
--- --- --- |
|
01.09.2013, 13:40
| #4 |
| /// the machine /// TB-Ausbilder | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2013, 19:18
| #5 |
| | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f7c08499ec71f34fa1c2afefd99e3bd0
# engine=14974
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-01 04:49:49
# local_time=2013-09-01 06:49:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 3098650 129684039 0 0
# scanned=202812
# found=0
# cleaned=0
# scan_time=7971
Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED!
FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-09-2013
Ran by Marvin (administrator) on KUCHAREK-PC on 01-09-2013 20:18:08
Running from C:\Users\Marvin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Blizzard Entertainment) F:\World of Warcraft\WoW-64.exe
(Blizzard Entertainment) F:\World of Warcraft\Utils\WowBrowserProxy.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
MountPoints2: {168ab4a5-f69c-11e2-a7db-f46d041a2533} - G:\pushinst.exe
MountPoints2: {c94c2f19-f6ca-11e2-93e6-f46d041a2533} - "G:\WD SmartWare.exe" autoplay=true
MountPoints2: {da345204-f49e-11e2-8dfc-806e6f6e6963} - E:\Bin\assetup.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [606056 2013-07-23] (Razer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39096 2013-07-10] (Razer Inc)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-01 16:31 - 2013-09-01 16:31 - 02347384 _____ (ESET) C:\Users\Marvin\Downloads\esetsmartinstaller_enu.exe
2013-09-01 16:30 - 2013-09-01 16:30 - 01009369 _____ C:\Users\Marvin\Downloads\VuhDo_3.42.zip
2013-09-01 14:54 - 2013-09-01 14:54 - 00009196 _____ C:\Users\Marvin\Downloads\Masque_CleanIcons_v1.2.zip
2013-09-01 14:50 - 2013-09-01 14:50 - 00201405 _____ C:\Users\Marvin\Downloads\Masque-v5.3.394.zip
2013-09-01 14:07 - 2013-09-01 14:17 - 00000000 ____D C:\Users\Marvin\Downloads\LeilaUI343a-1609
2013-09-01 12:41 - 2013-09-01 12:41 - 01590206 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2013-09-01 12:39 - 2013-09-01 12:39 - 00001710 _____ C:\Users\Marvin\Desktop\JRT.txt
2013-09-01 12:35 - 2013-09-01 12:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-01 12:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-01 12:23 - 2013-09-01 12:24 - 01027511 _____ (Thisisu) C:\Users\Marvin\Desktop\JRT.exe
2013-09-01 12:22 - 2013-09-01 12:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 21:53 - 2013-08-31 21:53 - 878264836 _____ C:\Windows\MEMORY.DMP
2013-08-31 21:53 - 2013-08-31 21:53 - 00293192 _____ C:\Windows\Minidump\083113-10358-01.dmp
2013-08-31 21:53 - 2013-08-31 21:53 - 00000000 ____D C:\Windows\Minidump
2013-08-31 21:52 - 2013-08-31 21:52 - 00002020 _____ C:\Users\Marvin\Desktop\Gmer.txt
2013-08-31 21:39 - 2013-08-31 21:39 - 00377856 _____ C:\Users\Marvin\Desktop\gmer_2.1.19163.exe
2013-08-31 21:34 - 2013-08-31 21:36 - 00031856 _____ C:\Users\Marvin\Desktop\Addition.txt
2013-08-31 21:34 - 2013-08-31 21:34 - 00000000 ____D C:\FRST
2013-08-31 21:13 - 2013-08-31 21:14 - 00994642 _____ C:\Users\Marvin\Desktop\adwcleaner.exe
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-30 18:21 - 2013-08-31 20:58 - 00000000 ____D C:\Users\matt
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-22 19:31 - 2013-08-22 19:35 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:29 - 2013-09-01 12:36 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-22 19:29 - 2013-08-31 20:40 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-18 21:58 - 2013-09-01 12:54 - 00005086 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kucharek-PC-Marvin Kucharek-PC
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 20:53 - 2013-08-18 22:04 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:31 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 18:31 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 18:31 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-08-18 18:31 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-08-18 18:31 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:44 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2013-08-18 11:44 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-08-18 11:44 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:37 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-08-18 11:37 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-08-18 11:37 - 2003-06-05 13:57 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-08-18 11:37 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:28 - 2013-08-18 11:29 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 10:59 - 2013-08-18 11:13 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:08 - 2013-08-18 11:35 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 10:08 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 11:39 - 2013-08-17 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 19:54 - 2013-08-18 12:43 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 17:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 17:15 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 17:15 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 17:15 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 17:15 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 17:15 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 17:15 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 17:15 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 17:13 - 2013-07-24 15:40 - 12295680 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 09065472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 06036480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 01231872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 13:43 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 17:13 - 2013-07-24 13:23 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 17:13 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
2013-08-03 23:10 - 2013-08-22 19:32 - 00000985 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-03 22:27 - 2013-08-03 22:27 - 00715038 _____ C:\Windows\unins000.exe
2013-08-03 22:27 - 2013-08-03 22:27 - 00001994 _____ C:\Windows\unins000.dat
2013-08-03 22:27 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2013-08-03 22:27 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-08-03 16:15 - 2013-08-03 16:27 - 00017610 _____ C:\Users\Marvin\Documents\TombRaider.log
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Dxtory Software
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Program Files (x86)\ExKode
2013-08-03 13:59 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2013-08-03 13:59 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll
2013-08-03 11:22 - 2013-08-03 11:22 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western_Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\ProgramData\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-08-03 09:42 - 2013-08-03 09:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western Digital
==================== One Month Modified Files and Folders =======
2013-09-01 20:12 - 2013-07-27 22:42 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\TS3Client
2013-09-01 20:01 - 2013-07-27 17:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 19:57 - 2013-07-24 22:31 - 01465912 _____ C:\Windows\WindowsUpdate.log
2013-09-01 16:32 - 2013-09-01 16:32 - 00891115 _____ C:\Users\Marvin\Desktop\SecurityCheck.exe
2013-09-01 16:31 - 2013-09-01 16:31 - 02347384 _____ (ESET) C:\Users\Marvin\Downloads\esetsmartinstaller_enu.exe
2013-09-01 16:30 - 2013-09-01 16:30 - 01009369 _____ C:\Users\Marvin\Downloads\VuhDo_3.42.zip
2013-09-01 14:54 - 2013-09-01 14:54 - 00009196 _____ C:\Users\Marvin\Downloads\Masque_CleanIcons_v1.2.zip
2013-09-01 14:50 - 2013-09-01 14:50 - 00201405 _____ C:\Users\Marvin\Downloads\Masque-v5.3.394.zip
2013-09-01 14:17 - 2013-09-01 14:07 - 00000000 ____D C:\Users\Marvin\Downloads\LeilaUI343a-1609
2013-09-01 13:46 - 2013-07-27 22:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-01 12:54 - 2013-08-18 21:58 - 00005086 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kucharek-PC-Marvin Kucharek-PC
2013-09-01 12:49 - 2011-04-12 09:43 - 00700296 _____ C:\Windows\system32\perfh007.dat
2013-09-01 12:49 - 2011-04-12 09:43 - 00149036 _____ C:\Windows\system32\perfc007.dat
2013-09-01 12:49 - 2009-07-14 07:13 - 01640718 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-01 12:41 - 2013-09-01 12:41 - 01590206 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2013-09-01 12:40 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 12:40 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 12:39 - 2013-09-01 12:39 - 00001710 _____ C:\Users\Marvin\Desktop\JRT.txt
2013-09-01 12:36 - 2013-08-22 19:29 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-09-01 12:35 - 2013-09-01 12:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 12:33 - 2013-07-24 22:41 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-01 12:33 - 2010-11-21 05:47 - 00013694 _____ C:\Windows\PFRO.log
2013-09-01 12:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 12:33 - 2009-07-14 06:51 - 00011381 _____ C:\Windows\setupact.log
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-01 12:24 - 2013-09-01 12:23 - 01027511 _____ (Thisisu) C:\Users\Marvin\Desktop\JRT.exe
2013-09-01 12:22 - 2013-09-01 12:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 21:53 - 2013-08-31 21:53 - 878264836 _____ C:\Windows\MEMORY.DMP
2013-08-31 21:53 - 2013-08-31 21:53 - 00293192 _____ C:\Windows\Minidump\083113-10358-01.dmp
2013-08-31 21:53 - 2013-08-31 21:53 - 00000000 ____D C:\Windows\Minidump
2013-08-31 21:52 - 2013-08-31 21:52 - 00002020 _____ C:\Users\Marvin\Desktop\Gmer.txt
2013-08-31 21:39 - 2013-08-31 21:39 - 00377856 _____ C:\Users\Marvin\Desktop\gmer_2.1.19163.exe
2013-08-31 21:36 - 2013-08-31 21:34 - 00031856 _____ C:\Users\Marvin\Desktop\Addition.txt
2013-08-31 21:34 - 2013-08-31 21:34 - 00000000 ____D C:\FRST
2013-08-31 21:14 - 2013-08-31 21:13 - 00994642 _____ C:\Users\Marvin\Desktop\adwcleaner.exe
2013-08-31 20:58 - 2013-08-30 18:21 - 00000000 ____D C:\Users\matt
2013-08-31 20:48 - 2013-07-24 22:31 - 00000000 ____D C:\Users\Marvin
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:40 - 2013-08-22 19:29 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-30 18:21 - 2013-07-28 14:13 - 00027962 _____ C:\Windows\DirectX.log
2013-08-30 17:25 - 2013-07-28 19:22 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\.minecraft
2013-08-22 19:35 - 2013-08-22 19:31 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:32 - 2013-08-03 23:10 - 00000985 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-22 19:32 - 2013-07-24 22:31 - 00001168 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-18 22:04 - 2013-08-18 20:53 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:16 - 2013-07-27 11:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 13:47 - 2013-07-27 23:37 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\vlc
2013-08-18 12:43 - 2013-08-16 19:54 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 12:09 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:35 - 2013-08-18 10:08 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 11:29 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 11:13 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:09 - 2013-08-18 10:08 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 13:09 - 2013-07-27 18:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-17 11:40 - 2013-08-17 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 11:36 - 2013-07-28 13:42 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-16 18:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 23:04 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-15 22:49 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-15 17:07 - 2013-07-27 21:31 - 00143356 _____ C:\Windows\DPINST.LOG
2013-08-12 21:52 - 2013-07-28 20:39 - 01589442 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-05 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-08-05 22:12 - 2013-07-27 20:10 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Skype
2013-08-04 20:19 - 2013-07-29 20:55 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-04 20:19 - 2013-07-28 14:14 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-04 20:19 - 2013-07-28 14:14 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
2013-08-04 11:29 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-08-03 23:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-03 22:27 - 2013-08-03 22:27 - 00715038 _____ C:\Windows\unins000.exe
2013-08-03 22:27 - 2013-08-03 22:27 - 00001994 _____ C:\Windows\unins000.dat
2013-08-03 21:14 - 2013-07-28 13:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Origin
2013-08-03 21:14 - 2013-07-28 13:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Origin
2013-08-03 16:27 - 2013-08-03 16:15 - 00017610 _____ C:\Users\Marvin\Documents\TombRaider.log
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Dxtory Software
2013-08-03 13:59 - 2013-08-03 13:59 - 00000000 ____D C:\Program Files (x86)\ExKode
2013-08-03 11:22 - 2013-08-03 11:22 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western_Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\ProgramData\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files\Western Digital
2013-08-03 09:43 - 2013-08-03 09:43 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-08-03 09:42 - 2013-08-03 09:42 - 00000000 ____D C:\Users\Marvin\AppData\Local\Western Digital
Files to move or delete:
====================
C:\Users\Marvin\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Marvin\AppData\Local\Temp\installerdll7751549.dll
C:\Users\Marvin\AppData\Local\Temp\installerdll7766478.dll
C:\Users\Marvin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Marvin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marvin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Marvin\AppData\Local\Temp\nvStInst.exe
C:\Users\Marvin\AppData\Local\Temp\Quarantine.exe
C:\Users\Marvin\AppData\Local\Temp\rootsupd.exe
C:\Users\Marvin\AppData\Local\Temp\Setup.exe
C:\Users\Marvin\AppData\Local\Temp\SHSetup.exe
C:\Users\Marvin\AppData\Local\Temp\sonarinst.exe
C:\Users\Marvin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Marvin\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marvin\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Marvin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Marvin\AppData\Local\Temp\_is22AC.exe
C:\Users\Marvin\AppData\Local\Temp\{BD736320-B23C-4B47-9BD3-8F2C23D6FF3E}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{92748AFA-78DB-4AE6-BEF6-605B162DF93C}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{89CD0288-9AD5-441F-B6FF-E9A1A72F8B9B}\ISSetup.dll
C:\Users\Marvin\AppData\Local\Temp\{89CD0288-9AD5-441F-B6FF-E9A1A72F8B9B}\_Setup.dll
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEW64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEWI64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISBEWX64.exe
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\ISRT.dll
C:\Users\Marvin\AppData\Local\Temp\{4943CA5A-5B62-411F-9D83-1330049E0181}\_isres_0x0409.dll
C:\Users\Marvin\AppData\Local\Temp\{48F87537-3125-4447-A45F-E2AE107DC759}\{08FA496D-B19A-42f4-ABE8-0463EF768B1B}\dotNetFx40_Full_setup.exe
C:\Users\Marvin\AppData\Local\Temp\WDEDB32.tmp\CddbLangDE.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\Ionic.Zip.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\log4net.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzCommon.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzStorage.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzUpdateManager.exe
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\RzUpdateManagerUI.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CN\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\zh-CHT\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ru-RU\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\pt-BR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ko-KR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\ja-JP\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\fr-FR\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\es-ES\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzSynapse.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzSynapseLoginUI.resources.dll
C:\Users\Marvin\AppData\Local\Temp\RzUpdater\de-DE\RzUpdateManager.resources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86_x64de.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\Marvin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Marvin\AppData\Local\Temp\isp284B.tmp\_Setup.dll
C:\Users\Marvin\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\Marvin\AppData\Local\Temp\Blizzard Installer Temporary Data - 418da2e2\vcredist_x86.exe
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\CbsProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\CompatProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismCore.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismCorePS.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismHost.exe
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DismProv.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\DmiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\FolderProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\IntlProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\LogProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\MsiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\OSProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\SmiProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\TransmogProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\UnattendProvider.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\wdscore.dll
C:\Users\Marvin\AppData\Local\Temp\3C3DE6B0-E290-4078-ACF4-ADB35740D1D9\WimProvider.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 18:58
==================== End Of Log ============================
|
|
02.09.2013, 07:41
| #6 |
| /// the machine /// TB-Ausbilder | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Chrome deinstallieren, keine Daten behalten, neu installieren. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Noch Probleme?
__________________ --> [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen |
|
03.09.2013, 11:36
| #7 |
| | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernenCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2013 01
Ran by Marvin at 2013-09-03 12:33:57 Run:1
Running from C:\Users\Marvin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD1002FAEX-00Y9A0_WD-WCAW3097820178201&ts=1377192581
*****************
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
==== End of Fixlog ====
Jedoch hat sich bei einem der beiden das Programm Winzipper mitinstalliert und ich bekomme es nicht weg. Es besteht kein Startmenü-Eintrag und in der Softwareliste unter Systemsteuerung taucht es auch nicht auf. Lediglich auf der Festplatte\Programme ist der Ordner zufinden, jedoch ohne eine Uninstall.exe oder sonstiges. Gruß Rudeltier |
|
03.09.2013, 12:11
| #8 |
| /// the machine /// TB-Ausbilder | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Poste mal ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.09.2013, 14:24
| #9 |
| | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by Marvin (administrator) on KUCHAREK-PC on 03-09-2013 15:23:06
Running from C:\Users\Marvin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Blizzard Entertainment) F:\World of Warcraft\Wow-64.exe
(Blizzard Entertainment) F:\World of Warcraft\Utils\WowBrowserProxy.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
MountPoints2: {168ab4a5-f69c-11e2-a7db-f46d041a2533} - G:\pushinst.exe
MountPoints2: {c94c2f19-f6ca-11e2-93e6-f46d041a2533} - "G:\WD SmartWare.exe" autoplay=true
MountPoints2: {da345204-f49e-11e2-8dfc-806e6f6e6963} - E:\Bin\assetup.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [606040 2013-08-15] (Razer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\ev5lfqg9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39096 2013-08-20] (Razer Inc)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-03 12:33 - 2013-09-03 12:33 - 01950474 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2013-09-03 12:28 - 2013-09-03 12:28 - 00448512 _____ (OldTimer Tools) C:\Users\Marvin\Desktop\TFC.exe
2013-09-02 13:42 - 2013-09-02 13:42 - 02301877 _____ C:\Users\Marvin\Downloads\elvui-6.33.zip
2013-09-02 11:50 - 2013-09-02 11:50 - 00002947 _____ C:\Users\Marvin\Downloads\qAimedProc v1.0a.rar
2013-09-02 11:45 - 2013-09-02 11:45 - 00002672 _____ C:\Users\Marvin\Downloads\bMinimap 2.0 .zip
2013-09-02 11:39 - 2013-09-02 11:39 - 00013384 _____ C:\Users\Marvin\Downloads\rThreat.50200.02a.zip
2013-09-02 11:37 - 2013-09-02 11:37 - 00150879 _____ C:\Users\Marvin\Downloads\bUnitFrames.zip
2013-09-02 11:34 - 2013-09-02 11:34 - 00016088 _____ C:\Users\Marvin\Downloads\rNamePlates2.50300.03.zip
2013-09-02 11:33 - 2013-09-02 11:33 - 00943455 _____ C:\Users\Marvin\Downloads\PitBull4-v4.0.0-beta46.zip
2013-09-02 11:24 - 2013-09-02 11:24 - 00037707 _____ C:\Users\Marvin\Downloads\buttons.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 01093111 _____ C:\Users\Marvin\Downloads\BigWigs-r11057-release.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 00893533 _____ C:\Users\Marvin\Downloads\Skada-1.4-12.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 00267140 _____ C:\Users\Marvin\Downloads\Kui_Nameplates-216.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 00041389 _____ C:\Users\Marvin\Downloads\dRecMap_r6b.zip
2013-09-01 16:32 - 2013-09-01 16:32 - 00891115 _____ C:\Users\Marvin\Desktop\SecurityCheck.exe
2013-09-01 16:31 - 2013-09-01 16:31 - 02347384 _____ (ESET) C:\Users\Marvin\Downloads\esetsmartinstaller_enu.exe
2013-09-01 16:30 - 2013-09-01 16:30 - 01009369 _____ C:\Users\Marvin\Downloads\VuhDo_3.42.zip
2013-09-01 14:54 - 2013-09-01 14:54 - 00009196 _____ C:\Users\Marvin\Downloads\Masque_CleanIcons_v1.2.zip
2013-09-01 14:50 - 2013-09-01 14:50 - 00201405 _____ C:\Users\Marvin\Downloads\Masque-v5.3.394.zip
2013-09-01 14:07 - 2013-09-01 14:17 - 00000000 ____D C:\Users\Marvin\Downloads\LeilaUI343a-1609
2013-09-01 12:39 - 2013-09-01 12:39 - 00001710 _____ C:\Users\Marvin\Desktop\JRT.txt
2013-09-01 12:35 - 2013-09-01 12:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-01 12:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-01 12:23 - 2013-09-01 12:24 - 01027511 _____ (Thisisu) C:\Users\Marvin\Desktop\JRT.exe
2013-09-01 12:22 - 2013-09-01 12:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 21:53 - 2013-08-31 21:53 - 878264836 _____ C:\Windows\MEMORY.DMP
2013-08-31 21:53 - 2013-08-31 21:53 - 00293192 _____ C:\Windows\Minidump\083113-10358-01.dmp
2013-08-31 21:53 - 2013-08-31 21:53 - 00000000 ____D C:\Windows\Minidump
2013-08-31 21:52 - 2013-08-31 21:52 - 00002020 _____ C:\Users\Marvin\Desktop\Gmer.txt
2013-08-31 21:39 - 2013-08-31 21:39 - 00377856 _____ C:\Users\Marvin\Desktop\gmer_2.1.19163.exe
2013-08-31 21:34 - 2013-08-31 21:36 - 00031856 _____ C:\Users\Marvin\Desktop\Addition.txt
2013-08-31 21:34 - 2013-08-31 21:34 - 00000000 ____D C:\FRST
2013-08-31 21:13 - 2013-08-31 21:14 - 00994642 _____ C:\Users\Marvin\Desktop\adwcleaner.exe
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-30 18:21 - 2013-08-31 20:58 - 00000000 ____D C:\Users\matt
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-29 06:29 - 2013-08-29 06:29 - 00796672 _____ (Razer Inc) C:\Windows\SysWOW64\rzdevicedll.dll
2013-08-22 19:31 - 2013-08-22 19:35 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:29 - 2013-09-03 12:34 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-22 19:29 - 2013-08-31 20:40 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-21 09:34 - 2013-08-21 09:34 - 00141496 _____ (Razer Inc) C:\Windows\system32\Drivers\rzudd.sys
2013-08-20 10:41 - 2013-08-20 10:41 - 00039096 _____ (Razer Inc) C:\Windows\system32\Drivers\rzendpt.sys
2013-08-20 10:35 - 2013-08-20 10:35 - 00154112 _____ (Razer Inc) C:\Windows\SysWOW64\rztouchdll.dll
2013-08-20 10:35 - 2013-08-20 10:35 - 00057344 _____ (Razer Inc) C:\Windows\SysWOW64\rzdevinfo.dll
2013-08-20 10:34 - 2013-08-20 10:34 - 00296448 _____ (Razer Inc) C:\Windows\SysWOW64\rzaudiodll.dll
2013-08-20 10:34 - 2013-08-20 10:34 - 00117248 _____ (Razer Inc) C:\Windows\SysWOW64\rzdisplaydll.dll
2013-08-18 21:58 - 2013-09-03 12:42 - 00005088 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kucharek-PC-Marvin Kucharek-PC
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:31 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 18:31 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 18:31 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 18:31 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-08-18 18:31 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-08-18 18:31 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:44 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2013-08-18 11:44 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-08-18 11:44 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-08-18 11:44 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:37 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-08-18 11:37 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-08-18 11:37 - 2003-06-05 13:57 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-08-18 11:37 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:28 - 2013-08-18 11:29 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 10:59 - 2013-08-18 12:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 10:59 - 2013-08-18 11:13 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:08 - 2013-08-18 11:35 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 10:08 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 11:39 - 2013-08-17 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 19:54 - 2013-08-18 12:43 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 17:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 17:15 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 17:15 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 17:15 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 17:15 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 17:15 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 17:15 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 17:15 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 17:15 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 17:15 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 17:15 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 17:15 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 17:15 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 17:15 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 17:13 - 2013-07-24 15:40 - 12295680 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 09065472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 06036480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 01231872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 17:13 - 2013-07-24 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 17:13 - 2013-07-24 13:43 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 17:13 - 2013-07-24 13:23 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 17:13 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
==================== One Month Modified Files and Folders =======
2013-09-03 15:01 - 2013-07-27 17:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 12:42 - 2013-08-18 21:58 - 00005088 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kucharek-PC-Marvin Kucharek-PC
2013-09-03 12:38 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-03 12:38 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 12:35 - 2011-04-12 09:43 - 00700296 _____ C:\Windows\system32\perfh007.dat
2013-09-03 12:35 - 2011-04-12 09:43 - 00149036 _____ C:\Windows\system32\perfc007.dat
2013-09-03 12:35 - 2009-07-14 07:13 - 01621444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-03 12:34 - 2013-08-22 19:29 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-09-03 12:34 - 2013-07-24 22:31 - 01730545 _____ C:\Windows\WindowsUpdate.log
2013-09-03 12:33 - 2013-09-03 12:33 - 01950474 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2013-09-03 12:31 - 2013-07-24 22:41 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-03 12:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-03 12:31 - 2009-07-14 06:51 - 00013471 _____ C:\Windows\setupact.log
2013-09-03 12:28 - 2013-09-03 12:28 - 00448512 _____ (OldTimer Tools) C:\Users\Marvin\Desktop\TFC.exe
2013-09-03 11:10 - 2013-07-27 21:31 - 00207016 _____ C:\Windows\DPINST.LOG
2013-09-02 19:43 - 2013-07-27 22:42 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\TS3Client
2013-09-02 19:43 - 2013-07-27 22:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-02 13:42 - 2013-09-02 13:42 - 02301877 _____ C:\Users\Marvin\Downloads\elvui-6.33.zip
2013-09-02 11:50 - 2013-09-02 11:50 - 00002947 _____ C:\Users\Marvin\Downloads\qAimedProc v1.0a.rar
2013-09-02 11:45 - 2013-09-02 11:45 - 00002672 _____ C:\Users\Marvin\Downloads\bMinimap 2.0 .zip
2013-09-02 11:39 - 2013-09-02 11:39 - 00013384 _____ C:\Users\Marvin\Downloads\rThreat.50200.02a.zip
2013-09-02 11:37 - 2013-09-02 11:37 - 00150879 _____ C:\Users\Marvin\Downloads\bUnitFrames.zip
2013-09-02 11:34 - 2013-09-02 11:34 - 00016088 _____ C:\Users\Marvin\Downloads\rNamePlates2.50300.03.zip
2013-09-02 11:33 - 2013-09-02 11:33 - 00943455 _____ C:\Users\Marvin\Downloads\PitBull4-v4.0.0-beta46.zip
2013-09-02 11:24 - 2013-09-02 11:24 - 00037707 _____ C:\Users\Marvin\Downloads\buttons.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 01093111 _____ C:\Users\Marvin\Downloads\BigWigs-r11057-release.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 00893533 _____ C:\Users\Marvin\Downloads\Skada-1.4-12.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 00267140 _____ C:\Users\Marvin\Downloads\Kui_Nameplates-216.zip
2013-09-02 11:16 - 2013-09-02 11:16 - 00041389 _____ C:\Users\Marvin\Downloads\dRecMap_r6b.zip
2013-09-02 11:06 - 2010-11-21 05:47 - 00014512 _____ C:\Windows\PFRO.log
2013-09-01 22:30 - 2013-07-27 20:10 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Skype
2013-09-01 16:32 - 2013-09-01 16:32 - 00891115 _____ C:\Users\Marvin\Desktop\SecurityCheck.exe
2013-09-01 16:31 - 2013-09-01 16:31 - 02347384 _____ (ESET) C:\Users\Marvin\Downloads\esetsmartinstaller_enu.exe
2013-09-01 16:30 - 2013-09-01 16:30 - 01009369 _____ C:\Users\Marvin\Downloads\VuhDo_3.42.zip
2013-09-01 14:54 - 2013-09-01 14:54 - 00009196 _____ C:\Users\Marvin\Downloads\Masque_CleanIcons_v1.2.zip
2013-09-01 14:50 - 2013-09-01 14:50 - 00201405 _____ C:\Users\Marvin\Downloads\Masque-v5.3.394.zip
2013-09-01 14:17 - 2013-09-01 14:07 - 00000000 ____D C:\Users\Marvin\Downloads\LeilaUI343a-1609
2013-09-01 12:39 - 2013-09-01 12:39 - 00001710 _____ C:\Users\Marvin\Desktop\JRT.txt
2013-09-01 12:35 - 2013-09-01 12:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 12:25 - 2013-09-01 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-01 12:24 - 2013-09-01 12:23 - 01027511 _____ (Thisisu) C:\Users\Marvin\Desktop\JRT.exe
2013-09-01 12:22 - 2013-09-01 12:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 21:53 - 2013-08-31 21:53 - 878264836 _____ C:\Windows\MEMORY.DMP
2013-08-31 21:53 - 2013-08-31 21:53 - 00293192 _____ C:\Windows\Minidump\083113-10358-01.dmp
2013-08-31 21:53 - 2013-08-31 21:53 - 00000000 ____D C:\Windows\Minidump
2013-08-31 21:52 - 2013-08-31 21:52 - 00002020 _____ C:\Users\Marvin\Desktop\Gmer.txt
2013-08-31 21:39 - 2013-08-31 21:39 - 00377856 _____ C:\Users\Marvin\Desktop\gmer_2.1.19163.exe
2013-08-31 21:36 - 2013-08-31 21:34 - 00031856 _____ C:\Users\Marvin\Desktop\Addition.txt
2013-08-31 21:34 - 2013-08-31 21:34 - 00000000 ____D C:\FRST
2013-08-31 21:14 - 2013-08-31 21:13 - 00994642 _____ C:\Users\Marvin\Desktop\adwcleaner.exe
2013-08-31 20:58 - 2013-08-30 18:21 - 00000000 ____D C:\Users\matt
2013-08-31 20:48 - 2013-07-24 22:31 - 00000000 ____D C:\Users\Marvin
2013-08-31 20:47 - 2013-08-31 20:47 - 00000000 ____D C:\Users\Marvin\Documents\Add-in Express
2013-08-31 20:40 - 2013-08-22 19:29 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-31 20:39 - 2013-08-31 20:39 - 00274996 _____ C:\Users\Marvin\Downloads\Gladius.rar
2013-08-31 20:36 - 2013-08-31 20:36 - 00003213 _____ C:\Users\Marvin\Downloads\CControl.zip
2013-08-31 20:35 - 2013-08-31 20:35 - 00095524 _____ C:\Users\Marvin\Downloads\HideRaidFrame-v1.2.zip
2013-08-31 20:22 - 2013-08-31 20:22 - 00023513 _____ C:\Users\Marvin\Downloads\dMinimap_r5.zip
2013-08-30 18:21 - 2013-08-30 18:21 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Empty Clip Studios
2013-08-30 18:21 - 2013-07-28 14:13 - 00027962 _____ C:\Windows\DirectX.log
2013-08-30 17:25 - 2013-07-28 19:22 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\.minecraft
2013-08-29 06:29 - 2013-08-29 06:29 - 00796672 _____ (Razer Inc) C:\Windows\SysWOW64\rzdevicedll.dll
2013-08-22 19:35 - 2013-08-22 19:31 - 00000000 ____D C:\AdwCleaner
2013-08-22 19:32 - 2013-08-03 23:10 - 00000985 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-22 19:32 - 2013-07-24 22:31 - 00001168 _____ C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-21 09:34 - 2013-08-21 09:34 - 00141496 _____ (Razer Inc) C:\Windows\system32\Drivers\rzudd.sys
2013-08-20 10:41 - 2013-08-20 10:41 - 00039096 _____ (Razer Inc) C:\Windows\system32\Drivers\rzendpt.sys
2013-08-20 10:35 - 2013-08-20 10:35 - 00154112 _____ (Razer Inc) C:\Windows\SysWOW64\rztouchdll.dll
2013-08-20 10:35 - 2013-08-20 10:35 - 00057344 _____ (Razer Inc) C:\Windows\SysWOW64\rzdevinfo.dll
2013-08-20 10:34 - 2013-08-20 10:34 - 00296448 _____ (Razer Inc) C:\Windows\SysWOW64\rzaudiodll.dll
2013-08-20 10:34 - 2013-08-20 10:34 - 00117248 _____ (Razer Inc) C:\Windows\SysWOW64\rzdisplaydll.dll
2013-08-18 21:18 - 2013-08-18 21:18 - 00001085 _____ C:\AdwCleaner[R2].txt
2013-08-18 21:16 - 2013-07-27 11:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 21:14 - 2013-08-18 21:14 - 00007735 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00006274 _____ C:\AdwCleaner[S1].txt
2013-08-18 21:14 - 2013-08-18 21:14 - 00000088 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 _____ C:\autoexec.bat
2013-08-18 18:33 - 2013-08-18 18:33 - 00000000 ____D C:\Users\Marvin\AppData\Local\NVIDIA
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-18 18:32 - 2013-07-24 22:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-18 18:31 - 2013-08-18 18:31 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-18 18:30 - 2013-08-18 18:30 - 00000000 ____D C:\NVIDIA
2013-08-18 13:47 - 2013-07-27 23:37 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\vlc
2013-08-18 12:43 - 2013-08-16 19:54 - 00000961 _____ C:\Users\Marvin\Downloads\Neues Textdokument.txt
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 12:26 - 2013-08-18 10:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-18 12:09 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-18 11:44 - 2013-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-18 11:37 - 2013-08-18 11:37 - 00000000 ____D C:\Users\Marvin\Documents\eRightSoft
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Google
2013-08-18 11:36 - 2013-08-18 11:36 - 00000000 ____D C:\User Data
2013-08-18 11:35 - 2013-08-18 10:08 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Winamp
2013-08-18 11:29 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\Documents\Any Video Converter Professional
2013-08-18 11:28 - 2013-08-18 11:28 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AnvSoft
2013-08-18 11:13 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple
2013-08-18 10:59 - 2013-08-18 10:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-18 10:58 - 2013-08-18 10:58 - 00000000 ____D C:\ProgramData\Apple
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-08-18 10:09 - 2013-08-18 10:09 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-08-18 10:09 - 2013-08-18 10:08 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-08-17 13:09 - 2013-07-27 18:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-17 11:40 - 2013-08-17 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 11:36 - 2013-07-28 13:42 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-16 18:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 17:06 - 2013-08-16 17:06 - 00000000 ____D C:\Windows\pss
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\DVDVideoSoft
2013-08-16 07:49 - 2013-08-16 07:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 23:04 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-15 22:49 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-12 21:52 - 2013-07-28 20:39 - 01589442 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-06 19:27 - 2013-08-06 19:27 - 14486775 _____ C:\Users\Marvin\Downloads\LeilaUI343a-1609.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00014336 _____ C:\Users\Marvin\Downloads\rBuffFrameStyler.50200.01.zip
2013-08-06 19:27 - 2013-08-06 19:27 - 00006146 _____ C:\Users\Marvin\Downloads\Raven_Filter_Leila_74.zip
2013-08-06 19:16 - 2013-08-06 19:16 - 00045544 _____ C:\Users\Marvin\Downloads\dNameplates_r17.zip
2013-08-05 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-08-04 20:19 - 2013-07-29 20:55 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-04 20:19 - 2013-07-28 14:14 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-04 20:19 - 2013-07-28 14:14 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-04 13:57 - 2013-08-04 13:57 - 00508713 _____ C:\Users\Marvin\Downloads\StellarUF-5.3.001.zip
2013-08-04 11:29 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
Files to move or delete:
====================
C:\Users\Marvin\AppData\Local\Temp\WDE696C.tmp\CddbLangDE.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-02 15:24
==================== End Of Log ============================
Hier bitte sehr. Gruß rudeltier |
|
03.09.2013, 20:21
| #10 |
| /// the machine /// TB-Ausbilder | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall, Leftovers Uninstaller damit versuchen Winzipper zu deinstallieren, Reste entfernen lassen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
C:\Program Files (x86)\WinZipper
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
2013-08-22 19:29 - 2013-09-03 12:34 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-22 19:29 - 2013-08-31 20:40 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.09.2013, 12:19
| #11 |
| | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernenCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2013 03
Ran by Marvin at 2013-09-04 13:18:06 Run:2
Running from C:\Users\Marvin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
C:\Program Files (x86)\WinZipper
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
2013-08-22 19:29 - 2013-09-03 12:34 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-22 19:29 - 2013-08-31 20:40 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinZipper
2013-08-18 20:54 - 2013-08-18 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
*****************
winzipersvc => Service deleted successfully.
C:\Program Files (x86)\WinZipper => Moved successfully.
esgiguard => Service deleted successfully.
"C:\Program Files (x86)\WinZipper" => File/Directory not found.
C:\Users\Marvin\AppData\Roaming\WinZipper => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
The system needs a manual reboot.
==== End of Fixlog ====
Vielen Dank. gruß rudeltier |
|
04.09.2013, 16:08
| #12 |
| /// the machine /// TB-Ausbilder | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2013, 14:26
| #13 |
| | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Alles erledigt. Vielen Dank! gruß rudeltier |
|
05.09.2013, 19:37
| #14 |
| /// the machine /// TB-Ausbilder | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.08.2015, 23:18
| #15 |
| | [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen Hallo, tut mir Leid für die Themen-Nekromantie, aber ich finde leider keinen "Post editieren"-Button (?!). Aus privaten/beruflichen Gründen bitte ich einmal darum die von mir geposteten Logs zu löschen. Gruß Rudeltier |
|
| Themen zu [WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen |
| askbar, browser, converter, entfernen, farbar, farbar recovery scan tool, fehler, firefox, firefox 23.0.1, flash player, iexplore.exe, internet browser, object, office 2013, outlook 2013, plug-in, problem, programm, pup.optional.amonetize, realtek, registrierungsdatenbank, registry, security, spyhunter, spyhunter entfernen, super, svchost.exe, tarma, teamspeak, vcredist, windows xp, word 2013 |
![[WIN7] Problem Qvo6 / deltatoolbar komplett zu entfernen](iconimages/log-analyse-auswertung/win7-problem-qvo6-deltatoolbar-komplett-entfernen_ltr.gif)
Linear-Darstellung
