Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Hartnäckiger Text-Enhancer

Hartnäckiger Text-Enhancer


Log-Analyse und Auswertung: Hartnäckiger Text-Enhancer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 10.09.2013, 11:43   #1
Rüttelpirat
 
Hartnäckiger Text-Enhancer - Standard

Hartnäckiger Text-Enhancer


Ahoihoi!

Ich habe ein Problem mit Werbeverlinkungen auf Wörtern. Sie sind sowohl doppelt grün unterstrichen (und laden endlos), als auch einfach blau (hierüber gelange ich zu hxxp://text-enhance.com/ aber dort wird kein Add-On erkannt und ich kann es nicht deaktivieren).
Das Windows-Sicherheitscenter jammert, es wäre deaktiviert und es gäbe ein wichtiges Problem zu lösen, möchte ich das aber tun kommt einfach nur die Meldung "Windows-Sicherheitsdienst kann nicht gestartet werden".

Mit Google kam ich unter anderem zu diesem Board (was schon reines Glück ist, da ich bei vielen Google-Suchergebnissen nicht auf z.B. chip.de weitergeleitet werde, sondern irgendeine andere Seite), doch leider konnte ich auch mithilfe zweier Threads mein Problem nicht lösen.

Es findet sich kein jüngst installiertes Add-On (ich nutze Firefox, doch auch mein nie benutztes Chrome und ein frisch installiertes Opera werden von diesen Werbelinks heimgesucht) und auch in der Liste der installierten Programme taucht nichts auf (hatte ein ähnliches Problem schon mal, da tauchte aber ein "HD Watch" in den Programmen auf und nach Deinstallation war alles wieder gut).

CCleaner und Spybot brachten nichts und auch mit dem AdwCleaner lässt es sich nicht einfach beheben.


Ich hoffe, schrauber ist nicht müde geworden, sich durch die immer gleichen Probleme zu kauen

Ich habe mal was vorbereitet und Farbar's Recovery Scan Tool genutzt, um FRST und Addition auszulesen:

Code:
ATTFilter
FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by Rocko (administrator) on RODRIGUEZ on 10-09-2013 12:24:10
Running from C:\Users\Rocko\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Vtune\TBPANEL.exe
(T-Com Bereich Endgeräte) C:\Program Files (x86)\OnlineControl\ocontrol.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Michel Krämer) C:\Programme\Spamihilator\spamihilator.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(The Author of QIP) C:\Program Files\QIP\qip.exe
(Mozilla Corporation) C:\Program Files\Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] ()
HKLM\...\Run: [ISW] - [x]
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [TBPanel] - C:\Program Files (x86)\Vtune\TBPanel.exe [2158592 2010-09-02] ()
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2171904 2009-06-05] (VIA)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs:   C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32:   C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlineControl.lnk
ShortcutTarget: OnlineControl.lnk -> C:\Program Files (x86)\OnlineControl\ocontrol.exe (T-Com Bereich Endgeräte)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Rocko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk
ShortcutTarget: Spamihilator.lnk -> C:\Programme\Spamihilator\spamihilator.exe (Michel Krämer)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programme\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} 
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found ()
Winsock: Catalog9-x64 02 mswsock.dll File Not found ()
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Rocko\AppData\Roaming\Mozilla\Firefox\Profiles\o2i0dduh.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Rocko\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Rocko\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Firefox\firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Rocko\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Rocko\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rocko\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files\Firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files\Firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files\Firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files\Firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files\Firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files\Firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files\Firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Rocko\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\Rocko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Rocko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Rocko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Rocko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Rocko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

S3 BITCOMET_HELPER_SERVICE; C:\Programme\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [827520 2012-04-30] (Check Point Software Technologies)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-12-26] ()
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2446392 2012-06-01] (Check Point Software Technologies LTD)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] ()
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{51c4e2b5-3f13-f3c5-9cd4-167a95da1735}\   \...\???\{51c4e2b5-3f13-f3c5-9cd4-167a95da1735}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-09-03] ()
R3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
R3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2011-10-18] (DT Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33672 2012-04-30] (Check Point Software Technologies)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2012-01-09] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [485680 2012-01-09] (Kaspersky Lab)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-09-03] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-10-11] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [454232 2011-05-07] (Check Point Software Technologies LTD)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U3 a8vtxpl5; C:\Windows\System32\Drivers\a8vtxpl5.sys [0 ] (Advanced Micro Devices)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 TBPanel; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-10 12:23 - 2013-09-10 12:23 - 00000000 ____D C:\FRST
2013-09-10 12:08 - 2013-09-10 12:08 - 00000392 _____ C:\Windows\setupact.log
2013-09-10 12:08 - 2013-09-10 12:08 - 00000000 _____ C:\Windows\setuperr.log
2013-09-10 11:58 - 2013-09-10 11:58 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-09-09 23:57 - 2013-09-10 11:37 - 00000000 ____D C:\AdwCleaner
2013-09-09 23:57 - 2013-09-09 23:57 - 01037278 _____ C:\Users\Rocko\Downloads\3003-adwcleaner.exe
2013-09-09 23:45 - 2013-09-10 11:41 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-09 23:45 - 2013-09-09 23:45 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\Opera Software
2013-09-09 23:45 - 2013-09-09 23:45 - 00000000 ____D C:\Users\Rocko\AppData\Local\Opera Software
2013-09-09 23:42 - 2013-09-09 23:44 - 32093736 _____ (Opera Software ASA) C:\Users\Rocko\Downloads\Opera_16.0.1196.73_Setup.exe
2013-09-09 18:59 - 2013-09-09 18:59 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-09 15:09 - 2013-09-09 15:10 - 00000000 ____D C:\e5a4b5827c8f65ea316f3b80f7b2
2013-09-09 14:59 - 2013-09-10 11:34 - 00000000 ____D C:\Program Files (x86)\Red Faction Guerrilla
2013-09-06 20:05 - 2013-09-06 20:05 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\XRay Engine
2013-09-04 21:19 - 2013-09-04 21:19 - 00001880 _____ C:\Users\Public\Desktop\Fallout.lnk
2013-09-04 20:52 - 2013-09-04 21:19 - 00000000 ____D C:\Program Files (x86)\Fallout
2013-09-04 20:26 - 2013-09-04 20:52 - 00000000 ____D C:\Users\Rocko\Desktop\GOG
2013-09-04 20:24 - 2013-09-04 23:29 - 00000000 ____D C:\Users\Rocko\AppData\Local\GOG.com
2013-09-04 20:24 - 2013-09-04 20:24 - 00000000 ____D C:\Program Files (x86)\GOG.com
2013-09-03 23:25 - 2013-09-06 19:45 - 00006592 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx
2013-09-03 23:23 - 2013-09-03 23:30 - 00000000 ____D C:\Users\Public\Documents\s.t.a.l.k.e.r. - call of pripyat
2013-09-01 21:38 - 2013-09-01 21:46 - 00000000 ____D C:\Users\Public\Documents\stalker-stcs
2013-09-01 13:55 - 2013-09-01 14:15 - 00053248 _____ (Interplay Productions) C:\Windows\ipuninst.exe
2013-09-01 13:55 - 2013-09-01 13:55 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black Isle
2013-08-30 20:06 - 2013-08-30 20:06 - 00000000 ____D C:\Users\Rocko\Documents\Ubisoft
2013-08-26 19:26 - 2013-09-09 22:34 - 00000000 ____D C:\Users\Rocko\Desktop\Ghost Recon Advanced Warfighter 2
2013-08-20 15:37 - 2013-08-20 18:49 - 00000000 ____D C:\Users\Rocko\Desktop\Metro DLC
2013-08-18 21:08 - 2013-08-21 17:57 - 00000000 ____D C:\Users\Rocko\Desktop\SKYRIM DLC
2013-08-17 15:23 - 2013-08-17 15:44 - 00000000 ____D C:\Program Files\Firefox
2013-08-14 18:22 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 18:22 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 18:22 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 18:22 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 18:22 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 18:22 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 18:22 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 18:22 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 18:22 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 18:22 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 18:22 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 18:22 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 18:22 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 18:22 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 18:22 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 18:22 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 18:22 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 18:22 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 18:22 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 18:22 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 18:22 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 18:22 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-14 18:22 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-14 18:22 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 18:22 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 18:22 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 18:22 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 18:22 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-14 18:22 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-14 18:22 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 18:22 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 18:22 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-14 15:47 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 15:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 15:47 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 15:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 15:47 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 15:47 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 15:47 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 15:47 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 15:47 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 15:47 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 15:47 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 15:47 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 15:47 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 15:47 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 15:47 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 15:47 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 15:47 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 15:47 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 15:47 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 15:47 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 15:47 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 15:47 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 15:47 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 15:47 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 15:47 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 15:47 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 15:47 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-12 16:24 - 2013-08-12 17:11 - 00000000 __SHD C:\Users\Rocko\AppData\Roaming\.#

==================== One Month Modified Files and Folders =======

2013-09-10 12:23 - 2013-09-10 12:23 - 01949196 _____ (Farbar) C:\Users\Rocko\Desktop\FRST64.exe
2013-09-10 12:23 - 2013-09-10 12:23 - 00000000 ____D C:\FRST
2013-09-10 12:15 - 2009-07-14 06:45 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 12:15 - 2009-07-14 06:45 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-10 12:09 - 2011-10-11 21:07 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\Spamihilator
2013-09-10 12:08 - 2013-09-10 12:08 - 00000392 _____ C:\Windows\setupact.log
2013-09-10 12:08 - 2013-09-10 12:08 - 00000000 _____ C:\Windows\setuperr.log
2013-09-10 12:08 - 2011-10-11 17:36 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-10 12:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-10 12:04 - 2013-06-06 21:44 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413079893-2748142594-2118063921-1000UA.job
2013-09-10 12:04 - 2013-03-06 16:12 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\Winamp
2013-09-10 12:04 - 2011-10-13 14:14 - 00000000 ____D C:\Users\Rocko\AppData\Local\MediaMonkey
2013-09-10 12:04 - 2011-10-11 23:42 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-10 12:04 - 2011-10-11 20:09 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\DAEMON Tools Pro
2013-09-10 11:58 - 2013-09-10 11:58 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-09-10 11:58 - 2013-06-06 18:26 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-10 11:41 - 2013-09-09 23:45 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-10 11:37 - 2013-09-09 23:57 - 00000000 ____D C:\AdwCleaner
2013-09-10 11:34 - 2013-09-09 14:59 - 00000000 ____D C:\Program Files (x86)\Red Faction Guerrilla
2013-09-10 01:09 - 2011-10-30 21:14 - 00000000 ____D C:\Users\Rocko\Documents\My Games
2013-09-10 01:09 - 2011-10-11 17:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-10 00:01 - 2012-06-17 15:22 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\CheckPoint
2013-09-09 23:57 - 2013-09-09 23:57 - 01037278 _____ C:\Users\Rocko\Downloads\3003-adwcleaner.exe
2013-09-09 23:45 - 2013-09-09 23:45 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\Opera Software
2013-09-09 23:45 - 2013-09-09 23:45 - 00000000 ____D C:\Users\Rocko\AppData\Local\Opera Software
2013-09-09 23:44 - 2013-09-09 23:42 - 32093736 _____ (Opera Software ASA) C:\Users\Rocko\Downloads\Opera_16.0.1196.73_Setup.exe
2013-09-09 23:22 - 2012-02-26 00:30 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-09 23:22 - 2011-11-27 21:42 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\FreeArc
2013-09-09 23:22 - 2011-10-11 20:59 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-09 23:22 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-09 23:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-09 22:39 - 2013-06-24 19:59 - 00009088 _____ C:\Windows\wininit.ini
2013-09-09 22:34 - 2013-08-26 19:26 - 00000000 ____D C:\Users\Rocko\Desktop\Ghost Recon Advanced Warfighter 2
2013-09-09 18:59 - 2013-09-09 18:59 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-09 18:59 - 2013-06-06 21:44 - 00000000 ____D C:\Users\Rocko\AppData\Local\Google
2013-09-09 16:46 - 2013-06-25 18:08 - 00000000 ____D C:\Users\Rocko\Desktop\Game ISOs
2013-09-09 15:10 - 2013-09-09 15:09 - 00000000 ____D C:\e5a4b5827c8f65ea316f3b80f7b2
2013-09-09 14:04 - 2013-06-06 21:44 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413079893-2748142594-2118063921-1000Core.job
2013-09-08 21:27 - 2011-10-11 20:29 - 00000000 ____D C:\Users\Rocko\Desktop\Stuff
2013-09-08 20:01 - 2011-10-11 18:13 - 00000000 ____D C:\Filme
2013-09-08 01:39 - 2012-02-26 00:30 - 00002026 _____ C:\Windows\epplauncher.mif
2013-09-06 20:05 - 2013-09-06 20:05 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\XRay Engine
2013-09-06 19:45 - 2013-09-03 23:25 - 00006592 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx
2013-09-05 16:05 - 2011-10-11 17:44 - 00078912 _____ C:\Users\Rocko\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-05 16:04 - 2009-07-14 06:45 - 00327704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-04 23:29 - 2013-09-04 20:24 - 00000000 ____D C:\Users\Rocko\AppData\Local\GOG.com
2013-09-04 21:19 - 2013-09-04 21:19 - 00001880 _____ C:\Users\Public\Desktop\Fallout.lnk
2013-09-04 21:19 - 2013-09-04 20:52 - 00000000 ____D C:\Program Files (x86)\Fallout
2013-09-04 20:52 - 2013-09-04 20:26 - 00000000 ____D C:\Users\Rocko\Desktop\GOG
2013-09-04 20:24 - 2013-09-04 20:24 - 00000000 ____D C:\Program Files (x86)\GOG.com
2013-09-03 23:30 - 2013-09-03 23:23 - 00000000 ____D C:\Users\Public\Documents\s.t.a.l.k.e.r. - call of pripyat
2013-09-03 23:09 - 2013-06-16 18:51 - 00088480 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-09-03 23:09 - 2013-06-16 18:51 - 00046400 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-09-03 15:00 - 2011-10-11 18:17 - 00000000 ____D C:\Musik
2013-09-01 21:46 - 2013-09-01 21:38 - 00000000 ____D C:\Users\Public\Documents\stalker-stcs
2013-09-01 14:18 - 2012-11-20 17:10 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-01 14:15 - 2013-09-01 13:55 - 00053248 _____ (Interplay Productions) C:\Windows\ipuninst.exe
2013-09-01 13:55 - 2013-09-01 13:55 - 00000000 ____D C:\Users\Rocko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black Isle
2013-08-30 20:06 - 2013-08-30 20:06 - 00000000 ____D C:\Users\Rocko\Documents\Ubisoft
2013-08-30 17:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-28 14:47 - 2011-10-11 17:19 - 00000000 ____D C:\Users\Rocko
2013-08-28 14:28 - 2013-05-28 01:31 - 00000000 ____D C:\Users\Rocko\Desktop\DR2-0003_data
2013-08-22 15:52 - 2011-10-28 17:47 - 00000000 ____D C:\Program Files (x86)\LucasArts
2013-08-21 17:57 - 2013-08-18 21:08 - 00000000 ____D C:\Users\Rocko\Desktop\SKYRIM DLC
2013-08-20 19:32 - 2013-05-21 01:01 - 00000000 ____D C:\ProgramData\Steam
2013-08-20 19:31 - 2013-05-21 00:43 - 00000000 ____D C:\Program Files (x86)\Metro Last Light
2013-08-20 18:49 - 2013-08-20 15:37 - 00000000 ____D C:\Users\Rocko\Desktop\Metro DLC
2013-08-18 23:51 - 2012-12-10 19:01 - 00000000 ____D C:\ProgramData\RELOADED
2013-08-18 15:39 - 2012-05-02 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 15:44 - 2013-08-17 15:23 - 00000000 ____D C:\Program Files\Firefox
2013-08-16 03:04 - 2009-07-14 19:58 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-08-16 03:04 - 2009-07-14 19:58 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-08-16 03:04 - 2009-07-14 07:13 - 01633540 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-14 18:26 - 2013-07-13 19:57 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 18:24 - 2012-07-27 14:40 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 17:11 - 2013-08-12 16:24 - 00000000 __SHD C:\Users\Rocko\AppData\Roaming\.#

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

Files to move or delete:
====================
ZeroAccess:
C:\Users\Rocko\AppData\Local\Google\Desktop\Install\{51c4e2b5-3f13-f3c5-9cd4-167a95da1735}
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install\{51c4e2b5-3f13-f3c5-9cd4-167a95da1735}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
C:\Program Files\Microsoft Security Client\MsMpEng.exe => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client


LastRegBack: 2013-09-01 16:27

==================== End Of Log ============================
Code:
ATTFilter
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 01
Ran by Rocko at 2013-09-10 12:25:10
Running from C:\Users\Rocko\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Aliens Colonial Marines All in One DLC-Pack 1.0 (x32 Version: 1.0)
Aliens versus Predator Classic 2000 (x32)
Aliens: Colonial Marines (x32)
Anomaly Warzone Earth (x32)
Assassin's Creed (x32 Version: 1.00)
Audacity 2.0.3 (x32 Version: 2.0.3)
Audiograbber 1.83 SE  (x32 Version: 1.83 SE )
Audiograbber MP3-Plugin (x32 Version: 1.0)
Batman Arkham City version 1.0 (x32 Version: 1.0)
be Flash Player 11 ActiveX 64-bit (Version: 11.0.1.152)
BioShock (x32 Version: 2.5.0000)
BioShock 2 (x32 Version: 1.00.0000)
BitComet 1.29 64-bit (x32 Version: 1.29)
CCleaner (Version: 4.05)
CDBurnerXP (x32 Version: 4.5.1.4003)
CDisplay 1.8 (x32)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
COMODO Internet Security (Version: 5.12.55693.2551)
Counter-Strike: Source (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Pro (x32 Version: 4.41.0315.0262)
Darkstar One (x32)
Duke Nukem Forever (x32)
Fallout (x32 Version: 2.0.0.14)
Fallout 2 (x32)
Far Cry 3 (x32 Version: 1.01)
FileZilla Client 3.5.1 (x32 Version: 3.5.1)
Free FLV Converter V 7.3.0 (x32 Version: 7.3.0.0)
FreeArc 0.666 (x32 Version: 0.666)
FreePDF (Remove only) (x32)
FTL version 1.03.3 (x32 Version: 1.03.3)
Game Booster 3 (x32 Version: 3.4)
Gears of War (x32 Version: 1.00.0000)
GOG.com Downloader version 3.5.8 (x32 Version: 3.5.8)
Google Chrome (HKCU Version: 29.0.1547.66)
GPL Ghostscript (Version: 9.04)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Hard Reset (x32)
IrfanView (remove only) (x32 Version: 4.32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 7 (64-bit) (Version: 7.0.0)
JDownloader 0.9 (x32 Version: 0.9)
Jurassic Park Operation Genesis (x32 Version: 1.00.0000)
LEGO Insel 2 (x32)
Mass Effect (x32 Version: 1.00)
Media Go (x32 Version: 2.0.317)
Media Go Video Playback Engine 1.84.104.07010 (x32 Version: 1.84.104.07010)
MediaMonkey 3.2 (x32 Version: 3.2)
Metro 2033 (x32)
Metro Last Light Update 8 (v1.0.1.0) Plus limited First Edition DLCs Plus Faction DLC 1.00 (x32)
Metro: Last Light (c) Deep Silver version 1 (x32 Version: 1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE (x32 Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.1.99.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
mIRC (x32 Version: 7.32)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
Mumble 1.2.3 (x32 Version: 1.2.3)
NC Launcher (GameForge) (x32)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Display Control Panel (Version: 6.14.12.5944)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
NWZ-E460 WALKMAN Guide (x32 Version: 2.0.2.04130)
OnlineControl 1.2 (x32 Version: 1.2.23)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Opera Stable 16.0.1196.73 (x32 Version: 16.0.1196.73)
Platform (x32 Version: 1.34)
PlayStation(R)Network Downloader (x32 Version: 2.07.00849)
PlayStation(R)Store (x32 Version: 4.5.16.13625)
Prototype 2 (x32)
PunkBuster Services (x32 Version: 0.993)
QuickTime (x32 Version: 7.0.3)
Rage (x32)
Ralink RT2860 Wireless LAN Card (x32 Version: 1.5.9.0)
Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0005)
RedMon - Redirection Port Monitor
Resonance version 1.0 (x32 Version: 1.0)
Rockstar Games Social Club (x32 Version: 1.1.0.1)
RPG Maker 2003 Deutsch (x32 Version: 1.7.0)
RPG Maker 2003 v1.08 (x32)
Saboteur™ (x32 Version: 1.0.0.0)
Saints Row The Third (x32)
ScummVM 1.5.0 (x32)
Source SDK Base 2007 (x32)
Spamihilator 0.9.9.60 (32-Bit) (x32 Version: 0.9.9.60)
Spamihilator 1.5.0 (64-Bit) (Version: 1.5.0)
SpeechRedist (x32 Version: 1.0.0)
Spybot - Search & Destroy (x32 Version: 2.1.19)
Star Wars - Battlefront II (x32)
Star Wars: The Force Unleashed (x32 Version: 1.0)
Star Wars: The Force Unleashed 2 (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
Stranglehold (x32 Version: 1.00.0000)
SWAT 4 (x32 Version: 1.0.31763)
Syndicate (x32 Version: 1.0)
System Requirements Lab CYRI (x32 Version: 4.4.26.0)
Team Fortress 2 (x32)
TeamSpeak 3 Client (Version: 3.0.9.2)
The Elder Scrolls V Skyrim All in One DLC-Pack Deutsche Version Plus Update 11 (1.8.151.0.7) 1.8.151.0.7 (x32 Version: 1.8.151.0.7)
Tom Clancy's Splinter Cell Conviction (x32 Version: 1.00.000)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Ulead VideoStudio 10 (x32 Version: 10.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Uplay (x32 Version: 2.1)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Vtune 7.13 (x32)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
Wolfenstein (x32 Version: 1.0)
ZoneAlarm Antivirus (x32 Version: 10.2.057.000)
ZoneAlarm Firewall (x32 Version: 10.2.057.000)
ZoneAlarm Free Antivirus + Firewall (x32 Version: 10.2.047.000)
ZoneAlarm Security (x32 Version: 10.2.057.000)

==================== Restore Points  =========================

07-09-2013 23:38:00 Windows Update
09-09-2013 12:59:28 Installiert Red Faction Guerrilla
09-09-2013 21:17:26 Wiederherstellungsvorgang
09-09-2013 23:09:05 Entfernt Red Faction Guerrilla

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-10 00:56 - 00000822 ___RA C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {059D5028-1E4E-4F90-8762-A2632CAF2E6E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {2D816704-AAE6-4908-989F-810C4AE5A4CF} - System32\Tasks\{AF4AF69A-651E-4616-8C55-3C910B35BEF1} => C:\Programme\Steam\Steam.exe
Task: {438CAC4B-7D7A-4581-BAD3-278FC011DC4F} - System32\Tasks\{932673C9-A120-4787-A56F-874C50D4F93D} => C:\Programme\Steam\Steam.exe
Task: {4F219E8B-0A86-4EC2-BA46-ECA85ACE91A8} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2012-04-23] (IObit)
Task: {548527D0-A1FA-4A7E-9377-400ED7A80D18} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {56BAC762-9C35-4513-9A80-0DA5D99F36AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3413079893-2748142594-2118063921-1000Core => C:\Users\Rocko\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {8CC99533-7CB0-4DCA-91F8-09E39F4438D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3413079893-2748142594-2118063921-1000UA => C:\Users\Rocko\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {B9308E4A-06E1-4CA8-98FD-6E423B49D1FE} - System32\Tasks\{3C4FE097-D8AE-4BF3-96D8-326663DA4E66} => C:\Programme\Steam\Steam.exe
Task: {BFDB9007-61D7-497C-8CDD-1D339BEB76E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413079893-2748142594-2118063921-1000Core.job => C:\Users\Rocko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413079893-2748142594-2118063921-1000UA.job => C:\Users\Rocko\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-10 22:23 - 2013-02-10 05:25 - 15275744 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2011-10-16 23:17 - 2010-11-20 15:27 - 00326144 _____ () C:\Windows\system32\MSWSOCK.dll
2011-10-16 23:17 - 2010-11-20 15:27 - 00326144 _____ (Microsoft Corporation) \\?\globalroot\systemroot\system32\mswsock.DLL
2011-10-16 23:17 - 2010-11-20 15:27 - 00326144 _____ () C:\Windows\system32\mswsock.dll
2011-10-16 23:17 - 2010-11-20 15:27 - 00326144 _____ (Microsoft Corporation) \\.\globalroot\systemroot\system32\mswsock.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00085504 _____ (Michel Krämer) C:\Programme\Spamihilator\uclanguage.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00111104 _____ (Michel Krämer) C:\Programme\Spamihilator\spsock.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00855040 _____ (Michel Krämer) C:\Programme\Spamihilator\spssl.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00137728 _____ (Michel Krämer) C:\Programme\Spamihilator\spu.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00141824 _____ (Michel Krämer) C:\Programme\Spamihilator\spu2.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00083456 _____ (Michel Krämer) C:\Programme\Spamihilator\spudb.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00985600 _____ (Michel Krämer) C:\Programme\Spamihilator\splpp.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00073728 _____ () C:\Programme\Spamihilator\zlib1.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00013824 _____ (Michel Krämer) C:\Programme\Spamihilator\crashhandler.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00380928 _____ () C:\Programme\Spamihilator\sqlite3.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00166912 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\attachmentfilter.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00172544 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\dccfilter.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00013824 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\imagefilter.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00118784 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\learningfilter.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00305152 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\linkfilter.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00217600 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\newsletter.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00523776 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\rulefilter.dll
2013-01-07 02:18 - 2013-01-07 02:18 - 00327168 _____ (Michel Krämer) C:\Programme\Spamihilator\plugins3\spamwordfilter.dll
2011-10-11 17:27 - 2009-05-07 10:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2011-10-11 17:27 - 2009-05-07 10:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-10-11 17:27 - 2008-01-18 08:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2011-10-11 17:27 - 2009-06-05 08:18 - 47581696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2011-10-11 17:27 - 2009-06-02 10:50 - 00995840 ____R (VIA Technologies, Inc.) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAPropPageExt.dll
2011-10-11 17:32 - 1998-10-31 04:55 - 00005120 _____ () C:\Program Files (x86)\Vtune\TBManage.dll
2011-10-16 23:17 - 2010-11-20 14:19 - 00232448 _____ (Microsoft Corporation) \\?\globalroot\systemroot\syswow64\mswsock.DLL
2011-10-11 17:55 - 2010-07-28 18:58 - 00999424 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2011-10-11 17:54 - 2010-07-01 17:29 - 02399584 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2011-10-11 17:55 - 2010-06-26 20:32 - 00483328 _____ (Ralink Technology, Inc.) C:\Program Files (x86)\Ralink\Common\ICSDHCP.dll
2011-10-11 20:29 - 2006-09-10 13:37 - 00061440 _____ () C:\Program Files\QIP\Plugins\docking.dll
2011-10-11 20:06 - 2011-10-11 20:06 - 08627360 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash11c.ocx
2013-08-17 15:23 - 2013-08-17 15:23 - 03551640 _____ () C:\Program Files\Firefox\mozjs.dll
2011-10-16 23:17 - 2010-11-20 14:19 - 00232448 _____ (Microsoft Corporation) \\.\globalroot\systemroot\syswow64\mswsock.dll
2013-07-27 23:30 - 2013-07-27 23:30 - 16166280 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2013 00:04:08 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3413079893-2748142594-2118063921-1000}/">.

Error: (09/10/2013 11:39:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c66
ID des fehlerhaften Prozesses: 0xab0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (09/09/2013 11:25:04 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Installiert Red Faction Guerrilla). Zusätzliche Informationen: 0x80070005.

Error: (09/08/2013 09:58:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/08/2013 01:39:10 AM) (Source: Microsoft Security Client Setup) (User: Rodriguez)
Description: HRESULT:0x8004FF0A
Description:Upgrade installation canceled. To upgrade later, run the Security Essentials Upgrade Wizard again. Error code:0x8004FF0A.

Error: (09/07/2013 09:05:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/07/2013 07:23:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/06/2013 08:04:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: xrEngine.exe, Version: 1.6.0.2, Zeitstempel: 0x4b275197
Name des fehlerhaften Moduls: xrCore.dll, Version: 1.6.0.2, Zeitstempel: 0x4b25fc61
Ausnahmecode: 0x80000003
Fehleroffset: 0x0001e12e
ID des fehlerhaften Prozesses: 0x994
Startzeit der fehlerhaften Anwendung: 0xxrEngine.exe0
Pfad der fehlerhaften Anwendung: xrEngine.exe1
Pfad des fehlerhaften Moduls: xrEngine.exe2
Berichtskennung: xrEngine.exe3

Error: (09/06/2013 03:32:11 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/05/2013 06:33:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (09/10/2013 00:10:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/10/2013 00:10:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/10/2013 00:09:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (09/10/2013 00:09:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (09/10/2013 00:08:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (09/10/2013 00:08:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (09/10/2013 00:08:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (09/10/2013 00:05:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/10/2013 00:05:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1352

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/10/2013 00:05:55 PM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}


Microsoft Office Sessions:
=========================
Error: (09/10/2013 00:04:08 PM) (Source: Windows Search Service)(User: )
Description: 300x80040d07iehistory://{S-1-5-21-3413079893-2748142594-2118063921-1000}/

Error: (09/10/2013 11:39:57 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc00000050000000000011c66ab001ceae08a785de0fC:\Windows\Explorer.EXEC:\Windows\system32\SHLWAPI.dllf3cfe474-19fc-11e3-9164-e0cb4edda731

Error: (09/09/2013 11:25:04 PM) (Source: System Restore)(User: )
Description: Installiert Red Faction Guerrilla0x80070005

Error: (09/08/2013 09:58:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\activision\wolfenstein\MP\serverlauncher.exe

Error: (09/08/2013 01:39:10 AM) (Source: Microsoft Security Client Setup)(User: Rodriguez)
Description: HRESULT:0x8004FF0A
Description:Upgrade installation canceled. To upgrade later, run the Security Essentials Upgrade Wizard again. Error code:0x8004FF0A.

Error: (09/07/2013 09:05:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\activision\wolfenstein\MP\serverlauncher.exe

Error: (09/07/2013 07:23:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\activision\wolfenstein\MP\serverlauncher.exe

Error: (09/06/2013 08:04:54 PM) (Source: Application Error)(User: )
Description: xrEngine.exe1.6.0.24b275197xrCore.dll1.6.0.24b25fc61800000030001e12e99401ceab2aeac8a5edC:\Program Files (x86)\S.T.A.L.K.E.R. Call of Pripyat\bin\xrEngine.exeC:\Program Files (x86)\S.T.A.L.K.E.R. Call of Pripyat\bin\xrCore.dlld480736c-171e-11e3-8334-e0cb4edda731

Error: (09/06/2013 03:32:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\activision\wolfenstein\MP\serverlauncher.exe

Error: (09/05/2013 06:33:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\activision\wolfenstein\MP\serverlauncher.exe


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 4095.18 MB
Available physical RAM: 2091.95 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 6006.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:34.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C195A3C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Themen zu Hartnäckiger Text-Enhancer
.dll, chip.de, defender, farbar, farbar recovery scan tool, firewall, genesis, helper, plug-in, problem, pup.optional.browsefox.a, pup.optional.bsdownloader, richtlinie, security, services.exe, system, werbeverlinkungen, win32/agent.lhetyin, win32/kryptik.bkav, win32/packed.vmprotect.aaa, win32/packed.vmprotect.aah, win32/packed.vmprotect.aam, win32/sirefef.ez, win32/sirefef.fv, win64/conedex.b, win64/conedex.c, win64/conedex.i, win64/sirefef.aw, win64/sirefef.az, win64/sirefef.g, winlogon.exe


« Windows 7: PC ist sehr langsam und hängt unregelmäßig einige Sekunden | Eingefangene SoftwareUpdate.ui.exe »


Ähnliche Themen: Hartnäckiger Text-Enhancer


  1. Avira meldet TR/Trash.Gen Wajam Internet Enhancer
    Plagegeister aller Art und deren Bekämpfung - 06.03.2015 (23)
  2. Hartnäckiger Keim
    Log-Analyse und Auswertung - 27.02.2014 (11)
  3. Hartnäckiger Trojaner
    Log-Analyse und Auswertung - 15.08.2012 (1)
  4. Hartnäckiger Trojaner
    Log-Analyse und Auswertung - 29.03.2010 (13)
  5. hartnäckiger Schädling
    Plagegeister aller Art und deren Bekämpfung - 22.06.2009 (1)
  6. hartnäckiger Trojaner
    Log-Analyse und Auswertung - 04.03.2009 (4)
  7. Hartnäckiger Trojaner
    Log-Analyse und Auswertung - 12.01.2009 (5)
  8. Hartnäckiger Virus
    Mülltonne - 06.11.2007 (0)
  9. Hartnäckiger Virus
    Plagegeister aller Art und deren Bekämpfung - 31.05.2007 (2)
  10. Hartnäckiger Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.11.2006 (1)
  11. Hartnäckiger Virus!!!
    Plagegeister aller Art und deren Bekämpfung - 10.12.2005 (1)
  12. Hartnäckiger Hijacker
    Log-Analyse und Auswertung - 19.05.2005 (0)
  13. Ein ganz hartnäckiger !
    Plagegeister aller Art und deren Bekämpfung - 14.05.2005 (1)
  14. Text-Links im IE
    Plagegeister aller Art und deren Bekämpfung - 06.02.2005 (2)
  15. HILFE! Hartnäckiger hijacker, hartnäckiger Trojaner!
    Log-Analyse und Auswertung - 07.09.2004 (3)
  16. MSN : hartnäckiger Hijacker
    Plagegeister aller Art und deren Bekämpfung - 04.06.2004 (7)
  17. CSS: Text
    Alles rund um Windows - 27.06.2003 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hartnäckiger Text-Enhancer - Ahoihoi! Ich habe ein Problem mit Werbeverlinkungen auf Wörtern. Sie sind sowohl doppelt grün unterstrichen (und laden endlos), als auch einfach blau (hierüber gelange ich zu hxxp://text-enhance.com/ aber dort wird - Hartnäckiger Text-Enhancer...
Archiv
Du betrachtest: Hartnäckiger Text-Enhancer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19