|
Log-Analyse und Auswertung: Tuvaro eingefangen!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.09.2013, 20:23 | #1 |
| Tuvaro eingefangen! Hallo bzw. guten Abend, habe mir Malware eingefangen, ich glaube, dass es Tuvaro ist. Brauch dringend Hilfe. Danke vorab... |
20.09.2013, 20:36 | #2 |
/// the machine /// TB-Ausbilder | Tuvaro eingefangen! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
20.09.2013, 20:48 | #3 |
| Tuvaro eingefangen! So hier die Logs.
__________________ |
21.09.2013, 10:48 | #4 |
/// the machine /// TB-Ausbilder | Tuvaro eingefangen! Logs bitte immer in den Thread posten, zur Not aufteilen und mehrere Posts nutzen So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.09.2013, 15:00 | #5 |
| Tuvaro eingefangen! FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01 Ran by Bonnstar007 (administrator) on BONNSTAR007-PC on 20-09-2013 21:46:55 Running from D:\04_Download Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Spotify Ltd) C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\EKAG20NT.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [VIRTU MVP] - C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3006240 2012-03-12] () HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [ASRockXTU] - [x] HKCU\...\Run: [zASRockInstantBoot] - [x] HKCU\...\Run: [FLV Player] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [AppsHat] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [Spotify Web Helper] - C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-11] (Spotify Ltd) MountPoints2: {9bf4294d-337b-11e2-b6ff-806e6f6e6963} - E:\ASRSetup.exe MountPoints2: {abc04c1c-3415-11e2-9e2e-bc5ff4623056} - G:\autorun.exe HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.) AppInit_DLLs: C:\Windows\system32\appinit_dll.dll,C:\Windows\system32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\appinit_dll.dll c:\windows\syswow64\nvinit.dll,c:\windows\syswow64\nvinit.dll c:\progra~2\sshelp~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll [1044480 2013-01-24] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x392A0578BC24CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.oversearch.info/?pid=821&r=2013/09/20&hid=2597536211888817495&lg=EN&cc=DE&unqvl=36 SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.oversearch.info/?l=1&q={searchTerms}&pid=821&r=2013/09/20&hid=2597536211888817495&lg=EN&cc=DE&unqvl=36 SearchScopes: HKCU - DefaultScope {AF43307F-D6D0-4AB5-9FD3-23E55142CECD} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279453&CUI=UN37765624431796412&UM=2 SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {AF43307F-D6D0-4AB5-9FD3-23E55142CECD} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279453&CUI=UN37765624431796412&UM=2 SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.oversearch.info/?l=1&q={searchTerms}&pid=821&r=2013/09/20&hid=2597536211888817495&lg=EN&cc=DE&unqvl=36 BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll (Plus HD) BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (Plus HD) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR Extension: (Google Docs) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Black & white theme) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi\3_0 CHR Extension: (AdBlock) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0 CHR Extension: (DVDVideoSoft) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (DVDvideoSoft 2.0) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolkekjjhnaeaahibbnfebmogackofpf\10.14.370.24_0 CHR Extension: (Gmail) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [oolkekjjhnaeaahibbnfebmogackofpf] - C:\Users\Bonnstar007\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-29] () R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2868544 2013-08-07] (Iminent) ==================== Drivers (Whitelisted) ==================== R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-20] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:35 - 2013-09-20 21:35 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:14 - 2013-09-20 21:37 - 00001914 _____ C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job 2013-09-20 21:14 - 2013-09-20 21:37 - 00001838 _____ C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job 2013-09-20 21:14 - 2013-09-20 21:37 - 00001302 _____ C:\Windows\Tasks\Plus-HD-1.6-updater.job 2013-09-20 21:14 - 2013-09-20 21:37 - 00001206 _____ C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job 2013-09-20 21:14 - 2013-09-20 21:37 - 00001106 _____ C:\Windows\Tasks\Plus-HD-1.6-enabler.job 2013-09-20 21:14 - 2013-09-20 21:15 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00004332 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-updater 2013-09-20 21:14 - 2013-09-20 21:14 - 00004236 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-codedownloader 2013-09-20 21:14 - 2013-09-20 21:14 - 00004136 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-enabler 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:14 - 2013-09-20 21:14 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 21:06 - 2013-09-20 21:24 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:00 - 2013-09-20 21:24 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:54 - 2013-09-20 20:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnstar007\Downloads\SpyHunter-Installer.exe 2013-09-20 20:48 - 2013-09-20 21:37 - 00000000 ____D C:\ProgramData\saavensshare! 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SearchNewTab 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\Program Files (x86)\WebSearch 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-20 20:47 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 21:10 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-19 21:10 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-19 21:10 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-09-19 21:10 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:17 - 2013-09-18 19:33 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-12 08:24 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-12 08:24 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-12 08:24 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-12 07:42 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 07:42 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-12 07:42 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 07:42 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 07:42 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 07:42 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-02 21:32 - 2013-09-20 21:11 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-02 21:30 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2013-09-02 21:30 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2013-09-02 21:30 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:20 - 2013-09-03 07:42 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll 2013-09-02 21:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2013-08-21 00:08 - 2013-08-23 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird ==================== One Month Modified Files and Folders ======= 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:45 - 2012-12-08 00:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-20 21:44 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-20 21:44 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-20 21:41 - 2011-04-12 09:43 - 00696848 _____ C:\Windows\system32\perfh007.dat 2013-09-20 21:41 - 2011-04-12 09:43 - 00148144 _____ C:\Windows\system32\perfc007.dat 2013-09-20 21:41 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-20 21:40 - 2012-11-21 21:39 - 01436853 _____ C:\Windows\WindowsUpdate.log 2013-09-20 21:37 - 2013-09-20 21:14 - 00001914 _____ C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job 2013-09-20 21:37 - 2013-09-20 21:14 - 00001838 _____ C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job 2013-09-20 21:37 - 2013-09-20 21:14 - 00001302 _____ C:\Windows\Tasks\Plus-HD-1.6-updater.job 2013-09-20 21:37 - 2013-09-20 21:14 - 00001206 _____ C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job 2013-09-20 21:37 - 2013-09-20 21:14 - 00001106 _____ C:\Windows\Tasks\Plus-HD-1.6-enabler.job 2013-09-20 21:37 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\saavensshare! 2013-09-20 21:37 - 2013-08-15 07:46 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-20 21:37 - 2012-12-29 12:04 - 00036548 _____ C:\Windows\setupact.log 2013-09-20 21:37 - 2012-12-29 12:03 - 00162400 _____ C:\Windows\PFRO.log 2013-09-20 21:37 - 2012-12-08 00:40 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-20 21:37 - 2012-11-21 21:56 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-20 21:37 - 2012-11-21 21:45 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2013-09-20 21:37 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-20 21:35 - 2013-09-20 21:35 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-20 21:35 - 2012-11-21 21:53 - 00000000 ____D C:\Program Files (x86)\Google 2013-09-20 21:34 - 2013-06-10 00:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:24 - 2013-09-20 21:06 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:24 - 2013-09-20 21:00 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 21:24 - 2012-11-21 22:29 - 00000000 ____D C:\Windows\system32\appmgmt 2013-09-20 21:23 - 2012-11-21 21:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-20 21:15 - 2013-09-20 21:14 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00004332 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-updater 2013-09-20 21:14 - 2013-09-20 21:14 - 00004236 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-codedownloader 2013-09-20 21:14 - 2013-09-20 21:14 - 00004136 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-enabler 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:14 - 2013-09-20 21:14 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6 2013-09-20 21:11 - 2013-09-02 21:32 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:54 - 2013-09-20 20:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnstar007\Downloads\SpyHunter-Installer.exe 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SearchNewTab 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\Program Files (x86)\WebSearch 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-20 20:48 - 2013-09-20 20:47 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2013-06-06 17:17 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-09-20 20:13 - 2012-11-21 22:35 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Apple Computer 2013-09-20 20:12 - 2012-11-21 22:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:12 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:29 - 2012-11-21 22:14 - 00000000 ____D C:\Users\Bonnstar007\Documents\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\ProgramData\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\Program Files (x86)\KONAMI 2013-09-19 17:08 - 2012-11-21 22:16 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\CrashDumps 2013-09-19 07:30 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Spotify 2013-09-18 19:33 - 2013-09-19 18:17 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-13 22:56 - 2012-11-21 22:30 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-13 17:55 - 2013-08-16 21:08 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-13 09:23 - 2012-11-21 21:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-13 09:23 - 2012-11-21 21:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-13 09:23 - 2012-11-21 21:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-12 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-12 20:17 - 2009-07-14 06:45 - 00418408 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 10:58 - 2013-09-19 21:10 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-12 10:58 - 2013-09-19 21:10 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-12 10:58 - 2012-11-21 21:55 - 00022814 _____ C:\Windows\system32\nvinfo.pb 2013-09-12 09:25 - 2012-11-21 21:56 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-09-12 09:25 - 2012-11-21 21:56 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-09-12 08:24 - 2013-08-15 00:51 - 00000000 ____D C:\Windows\system32\MRT 2013-09-12 08:24 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini 2013-09-12 08:23 - 2012-08-31 23:36 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-12 07:43 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\Spotify 2013-09-12 07:43 - 2012-11-21 22:30 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-12 00:06 - 2012-11-21 21:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin 2013-09-03 07:42 - 2013-09-02 21:20 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:30 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-09-02 21:29 - 2012-12-11 21:49 - 00000000 ____D C:\Users\Bonnstar007\Desktop\IPHONE 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:21 - 2012-11-21 21:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2013-08-31 12:24 - 2013-08-17 02:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\WebPlayer 2013-08-30 19:17 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-30 09:48 - 2013-04-21 12:23 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 09:48 - 2013-04-21 12:23 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 09:47 - 2012-11-21 22:30 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 09:47 - 2012-11-21 22:30 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-08-29 06:59 - 2013-07-22 21:38 - 00000000 ____D C:\Users\Bonnstar007\Documents\Steuerfälle 2013-08-24 08:57 - 2012-11-22 00:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-23 19:01 - 2013-08-21 00:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird Some content of TEMP: ==================== C:\Users\Bonnstar007\AppData\Local\Temp\7z920.exe C:\Users\Bonnstar007\AppData\Local\Temp\appshat-distribution.exe C:\Users\Bonnstar007\AppData\Local\Temp\BabylonTB.exe C:\Users\Bonnstar007\AppData\Local\Temp\BundleSweetIMSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\FLVPlayerSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\nseEDA1.exe C:\Users\Bonnstar007\AppData\Local\Temp\nskEEFA.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsq329D.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuC6FF.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuD6D8.exe C:\Users\Bonnstar007\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Bonnstar007\AppData\Local\Temp\nvStInst.exe C:\Users\Bonnstar007\AppData\Local\Temp\run.exe C:\Users\Bonnstar007\AppData\Local\Temp\sfamcc00001.dll C:\Users\Bonnstar007\AppData\Local\Temp\SHSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\SPStub.exe C:\Users\Bonnstar007\AppData\Local\Temp\tbDVD2.dll C:\Users\Bonnstar007\AppData\Local\Temp\uninst1.exe C:\Users\Bonnstar007\AppData\Local\Temp\UpdateCheckerSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-11 08:02 ==================== End Of Log ============================ --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2013 01 Ran by Bonnstar007 at 2013-09-20 21:47:18 Running from D:\04_Download Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 4500_G510gm_Help_Web (x32 Version: 000.0.440.000) 4500G510gm_Software_Min (x32 Version: 000.0.423.000) 4500G510gm_web (x32 Version: 000.0.425.000) 64 Bit HP CIO Components Installer (Version: 6.2.1) AAVUpdateManager (x32 Version: 18.00.0000) Acrobat.com (x32 Version: 0.0.0) Acrobat.com (x32 Version: 1.1.377) Adobe AIR (x32 Version: 1.0.4990) Adobe AIR (x32 Version: 1.0.8.4990) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) AppsHat Mobile Apps (HKCU Version: 1.0.0.0) ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.248 (x32) ASRock InstantBoot v1.29 (x32) ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 avast! Free Antivirus (x32 Version: 8.0.1497.0) Bonjour (Version: 3.0.0.10) BufferChm (x32 Version: 130.0.331.000) Bundled software uninstaller (x32) CCleaner (Version: 3.25) Dota 2 (x32) DVDFab 9.0.4.0 (15/05/2013) FilesFrog Update Checker (x32) FLV Player (HKCU Version: 1.0) Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610) GeForce Experience NvStream Client Components (Version: 0.1.87) Google Chrome (x32 Version: 29.0.1547.76) Google Drive (x32 Version: 1.11.4865.2530) Google Earth Plug-in (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) HP Officejet 4500 G510g-m (Version: 13.0) iCloud (Version: 3.0.2.163) Iminent (x32 Version: 6.37.21.0) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Management Engine Components (x32 Version: 8.0.3.1427) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 8.15.10.2761) Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006) Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) iTunes (Version: 11.1.0.126) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.5) JDownloader 2 (x32 Version: 2) K-Lite Codec Pack 9.6.0 (64-bit) (Version: 9.6.0) MagicDisc 2.7.106 (x32) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NBA 2K13 (x32 Version: 1.0.0) Network64 (Version: 130.0.550.000) NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01) NVIDIA 3D Vision Treiber 327.23 (Version: 327.23) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Grafiktreiber 327.23 (Version: 327.23) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Systemsteuerung 327.23 (Version: 327.23) NVIDIA Update 8.3.14 (Version: 8.3.14) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) PDF24 Creator 5.2.0 (x32) PhotoSlim (x32) Plus-HD-1.6 (x32 Version: 1.28.153.1) Pro Evolution Soccer 2013 (x32 Version: 1.02.0000) Pro Evolution Soccer 2013 Patch 1.02 (x32) Pro Evolution Soccer 2013 Patch 1.04 (x32) Pro Evolution Soccer 2014 (x32 Version: 1.01.0000) PunkBuster Services (x32 Version: 0.991) Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482) Scan (x32 Version: 13.0.0.0) Search Assistant WebSearch 1.74 (x32) SearchNewTab (x32 Version: 4.3.0.1667) SHIELD Streaming (Version: 1.05.28) SpeedFan (remove only) (x32) Spotify (HKCU Version: 0.9.1.57.ge7405149) ss helper 1.74 (x32) Steam (x32 Version: 1.0.0.0) Steuer-Spar-Erklärung 2013 (x32 Version: 18.09) TeamViewer 8 (x32 Version: 8.0.20935) THX TruStudio (x32 Version: 1.00.01) Toolbox (x32 Version: 130.0.648.000) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Uplay (x32 Version: 2.0) VIRTU MVP 2.1.111 (Version: 2.1.111) VoiceOver Kit (x32 Version: 1.42.128.0) WebReg (x32 Version: 130.0.132.017) Win7codecs (x32 Version: 3.9.2) WinRAR 4.20 (64-Bit) (Version: 4.20.0) World of Tanks (x32) x64 Components v3.9.2 (Version: 3.9.2) XCOM: Enemy Unknown (x32) ==================== Restore Points ========================= 12-09-2013 05:41:05 Windows Update 12-09-2013 06:22:06 Windows Update 12-09-2013 20:33:51 Windows Update 13-09-2013 07:55:38 Windows Update 13-09-2013 16:32:19 Windows Update 13-09-2013 21:43:07 Windows Update 17-09-2013 18:00:00 Windows Update 19-09-2013 19:11:30 Removed Microsoft Fix it Center 20-09-2013 18:16:46 Removed iTunes 20-09-2013 18:17:29 Removed QuickTime 20-09-2013 18:18:52 Installed iTunes 20-09-2013 18:56:23 Installed SpyHunter 20-09-2013 19:24:15 Removed SpyHunter ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-01-31 14:58 - 00000853 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {077DA723-5CAB-4B98-A5A1-9EC0C84B1845} - System32\Tasks\Plus-HD-1.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe [2013-09-20] (Plus HD) Task: {37FA2A90-F6E6-43A4-9600-CB27F6C9A56B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {3E837A6D-DD53-49B7-A1DF-DA02E71065B2} - System32\Tasks\Plus-HD-1.6-updater => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe [2013-09-20] (Plus HD) Task: {4BBADF2C-2A68-4EE4-BB0E-3073B86E2A71} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe Task: {4D432CD6-6D2E-4752-A331-E1AA658E0A1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated) Task: {5B33438F-80B4-4389-9E76-E68ECF79B8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {5FFEF504-87D1-4763-A095-FC35BEC34A46} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {647CA04E-2D85-4741-BE90-6640E078B3F9} - System32\Tasks\Plus-HD-1.6-chromeinstaller => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe [2013-09-20] (Plus HD) Task: {7DEA7B1F-5249-415D-993F-737ED39C2593} - System32\Tasks\Plus-HD-1.6-codedownloader => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe [2013-09-20] (Plus HD) Task: {9B39E8FF-0210-41C2-A8B6-04CDB539757D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {A3D2B064-FD02-452B-9569-7129F54CE7A4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {B94B2976-EDEB-4017-8E01-4F53ED792151} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd) Task: {E233F05C-8880-46BD-8BD3-0D364811B5EF} - System32\Tasks\Plus-HD-1.6-enabler => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe [2013-09-20] (Plus HD) Task: {E357C690-4822-4089-9DA7-BBE9D4845545} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E38352AE-DF54-4F41-A59D-62EE1D15399D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe Task: C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe Task: C:\Windows\Tasks\Plus-HD-1.6-enabler.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe Task: C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe Task: C:\Windows\Tasks\Plus-HD-1.6-updater.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-21 21:55 - 2013-09-12 10:58 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-11-21 21:40 - 2012-05-21 04:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-11-21 21:40 - 2012-05-21 04:44 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-11-21 21:46 - 2012-03-12 12:14 - 00138528 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GuiCommon.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00279328 _____ (Lucidlogix Inc.) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GpuEnumerator.Dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00047904 _____ (Test) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekasrv.dll 2012-11-21 21:46 - 2012-03-12 11:52 - 00291328 _____ (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekc6420.dll 2012-11-21 21:47 - 2011-05-19 10:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2013-02-26 00:32 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) c:\windows\syswow64\nvinit.dll 2013-09-13 09:23 - 2013-09-13 09:23 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_174.ocx 2012-11-21 21:47 - 2011-05-04 17:32 - 00094208 ____N () C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\de-DE\THXAudNB.resources.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 00362336 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll 2013-05-10 20:21 - 2013-09-12 10:22 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00489984 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\812063380a132051c054f5ca865f322e\IAStorUtil.ni.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e218ecb21700f8ba41ec9d7415567388\IAStorCommon.ni.dll 2013-01-24 13:16 - 2013-01-24 13:16 - 01050112 _____ () C:\Program Files (x86)\ss helper\sprotector.dll 2013-01-24 13:25 - 2013-01-24 13:25 - 01044480 _____ () C:\Program Files (x86)\WebSearch\sprotector.dll 2013-09-20 21:35 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll 2013-09-20 21:35 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll 2013-09-20 21:35 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll 2013-09-20 21:35 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll 2013-09-20 21:35 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll 2013-09-20 21:35 - 2013-09-17 05:21 - 13611984 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/20/2013 09:39:01 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/20/2013 09:37:09 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/20/2013 09:17:24 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/20/2013 09:15:32 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/20/2013 09:15:05 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/20/2013 08:17:43 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/20/2013 08:16:49 PM) (Source: Bonjour Service) (User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second Error: (09/20/2013 08:16:48 PM) (Source: Bonjour Service) (User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second Error: (09/20/2013 08:16:47 PM) (Source: Bonjour Service) (User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second Error: (09/20/2013 08:16:45 PM) (Source: Bonjour Service) (User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second System errors: ============= Error: (09/20/2013 09:15:10 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%109 Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Dienst "WajamUpdater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/20/2013 09:15:00 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= Error: (09/20/2013 09:39:01 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/20/2013 09:37:09 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/20/2013 09:17:24 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/20/2013 09:15:32 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/20/2013 09:15:05 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/20/2013 08:17:43 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/20/2013 08:16:49 PM) (Source: Bonjour Service)(User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second Error: (09/20/2013 08:16:48 PM) (Source: Bonjour Service)(User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second Error: (09/20/2013 08:16:47 PM) (Source: Bonjour Service)(User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second Error: (09/20/2013 08:16:45 PM) (Source: Bonjour Service)(User: ) Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second CodeIntegrity Errors: =================================== Date: 2012-09-01 08:22:19.032 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:58.055 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.977 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.914 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.805 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 07:52:31.774 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:18:38.709 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:12:10.453 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:08:14.294 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:01:42.723 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8087.01 MB Available physical RAM: 5938.36 MB Total Pagefile: 16172.2 MB Available Pagefile: 13588.42 MB Total Virtual: 8192 MB Available Virtual: 8191.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:103.44 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:760.18 GB) NTFS Drive g: (PES2014_R2) (CDROM) (Total:5.79 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: FE2717B0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FE2717CB) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
21.09.2013, 20:53 | #6 |
/// the machine /// TB-Ausbilder | Tuvaro eingefangen! Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Tuvaro eingefangen! |
22.09.2013, 17:25 | #7 |
| Tuvaro eingefangen!Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.22.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 Bonnstar007 :: BONNSTAR007-PC [Administrator] Schutz: Aktiviert 22.09.2013 09:05:51 mbam-log-2013-09-22 (09-05-51).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 225495 Laufzeit: 1 Minute(n), 34 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (PUP.Optional.Iminent) -> 2952 -> Löschen bei Neustart. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 26 HKLM\SYSTEM\CurrentControlSet\Services\SProtection (PUP.Optional.Iminent) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{11111111-1111-1111-1111-110311201102} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{44444444-4444-4444-4444-440344204402} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{55555555-5555-5555-5555-550355205502} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0032002.BHO.1 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201102} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311201102} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201102} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} (PUP.Optional.MiniBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AF8DC35-46A0-C3D6-C7DC-8F23980722FE} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0032002.BHO (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0032002.Sandbox (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0032002.Sandbox.1 (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Iminent.Mediator.Communication.DataContracts.TestContentCommand (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\priam_bho.DLL (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\SOMOTO\SDP (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Plus-HD-1.6 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\UMBRELLA (PUP.Optional.Umbrella.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.6 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 3 HKCU\Software\Somoto\SDP|affid (PUP.Optional.Somoto.A) -> Daten: network_smb_inamsoftwares -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Umbrella|MUpdBlock (PUP.Optional.Umbrella.A) -> Daten: { "MASSUPDATE" : { "CHROME_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 }, "FIREFOX_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 } } } -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CurrentControlSet\Services\SProtection|ImagePath (PUP.Optional.Iminent.A) -> Daten: C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 2 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bösartig: (c:\progra~2\sshelp~1\sprote~1.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bösartig: (c:\progra~2\websea~1\sprote~1.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 3 C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 59 C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (PUP.Optional.Iminent) -> Löschen bei Neustart. C:\Program Files (x86)\ss helper\sprotector.dll (PUP.Optional.SProtect.A) -> Löschen bei Neustart. C:\Program Files (x86)\WebSearch\sprotector.dll (PUP.Optional.SProtect.A) -> Löschen bei Neustart. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{DC4102AD-2F31-48A7-AA4C-671307A2205B}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{DC4102AD-2F31-48A7-AA4C-671307A2205B}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\SearchNewTab\O3z27Ccmv.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\BabylonTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\BundleSweetIMSetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\run.exe (PUP.Optional.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\00294823\DvIQc_yi.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\18be6784\O3z27Ccmv.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\27427BB1-BAB0-7891-8D73-056EAE084F01\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\27427BB1-BAB0-7891-8D73-056EAE084F01\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\27427BB1-BAB0-7891-8D73-056EAE084F01\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\27427BB1-BAB0-7891-8D73-056EAE084F01\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\27427BB1-BAB0-7891-8D73-056EAE084F01\Latest\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\27427BB1-BAB0-7891-8D73-056EAE084F01\Latest\Setup.exe (PUP.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ct3279453\chLogic.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ct3279453\ieLogic.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ct3279453\spch.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ct3279453\statisticsStub.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ins2535\IminentSetup_2905-512c3791.exe (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ins2535\ins2535.exe (PUP.Optional.Firseria) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ins2535\plushd_0209_DE-f102d607.exe (Adware.Packed.Ranver) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\Temp\ins2535\wajam_2207-6c14163c.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Local\AppsHat Mobile Apps\Uninstall.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Installer\254d53.msi (PUP.Optional.Iminent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-1.6-enabler.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-1.6-updater.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\SearchNewTab\O3z27Ccmv.dat (PUP.Optional.SearchNewTab) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\32002.crx (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\32002.xpi (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\background.html (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Installer.log (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bg.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-helper.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6.ico (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\Uninstall.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-1.6\utils.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) hier ist das nächste Log: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.004 - Bericht erstellt am 22/09/2013 um 09:12:24 # Updated 15/09/2013 von Xplode # Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits) # Benutzername : Bonnstar007 - BONNSTAR007-PC # Gestartet von : D:\04_Download\adwcleaner004.exe # Option : Löschen ***** [ Dienste ] ***** Dienst Gelöscht : SProtection ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\DeviceVM Ordner Gelöscht : C:\ProgramData\saavensshare! Ordner Gelöscht : C:\Program Files (x86)\FilesFrog Update Checker Ordner Gelöscht : C:\Program Files (x86)\WebSearch Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella Ordner Gelöscht : C:\Users\Bonnstar007\AppData\Local\cre Ordner Gelöscht : C:\Users\Bonnstar007\AppData\Roaming\DeviceVM Ordner Gelöscht : C:\Users\Bonnstar007\AppData\Roaming\dvdvideosoftiehelpers Ordner Gelöscht : C:\Users\Bonnstar007\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh Ordner Gelöscht : C:\Users\Bonnstar007\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolkekjjhnaeaahibbnfebmogackofpf ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\oolkekjjhnaeaahibbnfebmogackofpf Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\oolkekjjhnaeaahibbnfebmogackofpf Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f Schlüssel Gelöscht : HKLM\SOFTWARE\580db8be63fe814 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\BabSolution Schlüssel Gelöscht : HKCU\Software\BI Schlüssel Gelöscht : HKCU\Software\Iminent Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions Schlüssel Gelöscht : HKCU\Software\Somoto Schlüssel Gelöscht : HKCU\Software\Webplayer Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-1.6 Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gelöscht : HKLM\Software\SP Global Schlüssel Gelöscht : HKLM\Software\SProtector Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\sshelp~1\sprote~1.dll ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16686 Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] -\\ Google Chrome v29.0.1547.76 [ Datei : C:\Users\Bonnstar007\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [5661 octets] - [22/09/2013 09:12:00] AdwCleaner[S0].txt - [4934 octets] - [22/09/2013 09:12:24] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4994 octets] ########## [/CODE] Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.1 (09.15.2013:1) OS: Windows 7 Ultimate x64 Ran by Bonnstar007 on 22.09.2013 at 9:15:31,56 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3911765222-1906347156-3636716613-1000\Software\SweetIM Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322202202} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366206602} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322202202} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366206602} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366206602} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366206602} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AF43307F-D6D0-4AB5-9FD3-23E55142CECD} ~~~ Files ~~~ Folders ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy] Successfully deleted: [Folder] C:\Users\Bonnstar007\appdata\local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 22.09.2013 at 9:20:45,29 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013 Ran by Bonnstar007 (administrator) on BONNSTAR007-PC on 22-09-2013 09:24:43 Running from D:\04_Download Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe (Spotify Ltd) C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\EKAG20NT.EXE (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) D:\04_Download\FRST64 (1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [VIRTU MVP] - C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3006240 2012-03-12] () HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [ASRockXTU] - [x] HKCU\...\Run: [zASRockInstantBoot] - [x] HKCU\...\Run: [FLV Player] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [AppsHat] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [Spotify Web Helper] - C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-11] (Spotify Ltd) MountPoints2: {9bf4294d-337b-11e2-b6ff-806e6f6e6963} - E:\ASRSetup.exe MountPoints2: {abc04c1c-3415-11e2-9e2e-bc5ff4623056} - G:\autorun.exe HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.) AppInit_DLLs: C:\Windows\system32\appinit_dll.dll,C:\Windows\system32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x392A0578BC24CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll No File BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR RestoreOnStartup: "https://www.google.de/webhp?source=search_app&gws_rd=cr&ei=CqQ8UvabG8Su4ASYs4D4Bw" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Docs) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Black & white theme) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi\3_0 CHR Extension: (AdBlock) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0 CHR Extension: (DVDVideoSoft) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-29] () ==================== Drivers (Whitelisted) ==================== R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-22] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-22 09:20 - 2013-09-22 09:20 - 00002084 _____ C:\Users\Bonnstar007\Desktop\JRT.txt 2013-09-22 09:15 - 2013-09-22 09:15 - 00000000 ____D C:\Windows\ERUNT 2013-09-22 09:11 - 2013-09-22 09:12 - 00000000 ____D C:\AdwCleaner 2013-09-22 09:03 - 2013-09-22 09:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-22 09:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-21 21:20 - 2013-09-21 21:20 - 00003334 _____ C:\Windows\System32\Tasks\{B631C0F0-E6D3-49A9-9B79-65A7F926B717} 2013-09-20 21:47 - 2013-09-20 21:47 - 00053137 _____ C:\Users\Bonnstar007\Desktop\FRST.txt 2013-09-20 21:47 - 2013-09-20 21:47 - 00024848 _____ C:\Users\Bonnstar007\Desktop\Addition.txt 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:35 - 2013-09-20 21:35 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:14 - 2013-09-20 21:15 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 21:06 - 2013-09-20 21:24 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:00 - 2013-09-20 21:24 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:54 - 2013-09-20 20:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnstar007\Downloads\SpyHunter-Installer.exe 2013-09-20 20:48 - 2013-09-22 09:12 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:47 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 21:10 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-19 21:10 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-19 21:10 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-09-19 21:10 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:17 - 2013-09-18 19:33 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-12 08:24 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-12 08:24 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-12 08:24 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-12 07:42 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 07:42 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-12 07:42 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 07:42 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 07:42 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 07:42 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-02 21:32 - 2013-09-20 21:11 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-02 21:30 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2013-09-02 21:30 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2013-09-02 21:30 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:20 - 2013-09-03 07:42 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll 2013-09-02 21:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player ==================== One Month Modified Files and Folders ======= 2013-09-22 09:23 - 2012-11-21 21:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-22 09:20 - 2013-09-22 09:20 - 00002084 _____ C:\Users\Bonnstar007\Desktop\JRT.txt 2013-09-22 09:20 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-22 09:20 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-22 09:19 - 2011-04-12 09:43 - 00696848 _____ C:\Windows\system32\perfh007.dat 2013-09-22 09:19 - 2011-04-12 09:43 - 00148144 _____ C:\Windows\system32\perfc007.dat 2013-09-22 09:19 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-22 09:16 - 2012-11-21 21:39 - 01564872 _____ C:\Windows\WindowsUpdate.log 2013-09-22 09:15 - 2013-09-22 09:15 - 00000000 ____D C:\Windows\ERUNT 2013-09-22 09:13 - 2012-12-08 00:40 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-22 09:12 - 2013-09-22 09:11 - 00000000 ____D C:\AdwCleaner 2013-09-22 09:12 - 2013-09-20 20:48 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-22 09:12 - 2013-08-15 07:46 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-22 09:12 - 2012-12-29 12:04 - 00037220 _____ C:\Windows\setupact.log 2013-09-22 09:12 - 2012-12-29 12:03 - 00179872 _____ C:\Windows\PFRO.log 2013-09-22 09:12 - 2012-11-21 21:56 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-22 09:12 - 2012-11-21 21:45 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2013-09-22 09:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-22 09:03 - 2013-09-22 09:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-21 21:20 - 2013-09-21 21:20 - 00003334 _____ C:\Windows\System32\Tasks\{B631C0F0-E6D3-49A9-9B79-65A7F926B717} 2013-09-21 20:45 - 2012-12-08 00:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-21 15:57 - 2012-11-21 22:16 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\CrashDumps 2013-09-21 14:30 - 2012-11-21 22:30 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-20 22:23 - 2012-11-21 21:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 22:23 - 2012-11-21 21:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-20 22:23 - 2012-11-21 21:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 21:47 - 2013-09-20 21:47 - 00053137 _____ C:\Users\Bonnstar007\Desktop\FRST.txt 2013-09-20 21:47 - 2013-09-20 21:47 - 00024848 _____ C:\Users\Bonnstar007\Desktop\Addition.txt 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:35 - 2013-09-20 21:35 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-20 21:35 - 2012-11-21 21:53 - 00000000 ____D C:\Program Files (x86)\Google 2013-09-20 21:34 - 2013-06-10 00:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:24 - 2013-09-20 21:06 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:24 - 2013-09-20 21:00 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 21:24 - 2012-11-21 22:29 - 00000000 ____D C:\Windows\system32\appmgmt 2013-09-20 21:15 - 2013-09-20 21:14 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:11 - 2013-09-02 21:32 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:54 - 2013-09-20 20:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnstar007\Downloads\SpyHunter-Installer.exe 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:48 - 2013-09-20 20:47 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2013-06-06 17:17 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-09-20 20:13 - 2012-11-21 22:35 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Apple Computer 2013-09-20 20:12 - 2012-11-21 22:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:12 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:29 - 2012-11-21 22:14 - 00000000 ____D C:\Users\Bonnstar007\Documents\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\ProgramData\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\Program Files (x86)\KONAMI 2013-09-19 07:30 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Spotify 2013-09-18 19:33 - 2013-09-19 18:17 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-13 17:55 - 2013-08-16 21:08 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-12 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-12 20:17 - 2009-07-14 06:45 - 00418408 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 10:58 - 2013-09-19 21:10 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-12 10:58 - 2013-09-19 21:10 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-12 10:58 - 2012-11-21 21:55 - 00022814 _____ C:\Windows\system32\nvinfo.pb 2013-09-12 09:25 - 2012-11-21 21:56 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-09-12 09:25 - 2012-11-21 21:56 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-09-12 08:24 - 2013-08-15 00:51 - 00000000 ____D C:\Windows\system32\MRT 2013-09-12 08:24 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini 2013-09-12 08:23 - 2012-08-31 23:36 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-12 07:43 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\Spotify 2013-09-12 07:43 - 2012-11-21 22:30 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-12 00:06 - 2012-11-21 21:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin 2013-09-03 07:42 - 2013-09-02 21:20 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:30 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-09-02 21:29 - 2012-12-11 21:49 - 00000000 ____D C:\Users\Bonnstar007\Desktop\IPHONE 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:21 - 2012-11-21 21:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2013-08-31 12:24 - 2013-08-17 02:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\WebPlayer 2013-08-30 19:17 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-30 09:48 - 2013-04-21 12:23 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 09:48 - 2013-04-21 12:23 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 09:47 - 2012-11-21 22:30 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 09:47 - 2012-11-21 22:30 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-08-29 06:59 - 2013-07-22 21:38 - 00000000 ____D C:\Users\Bonnstar007\Documents\Steuerfälle 2013-08-24 08:57 - 2012-11-22 00:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-23 19:01 - 2013-08-21 00:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird Some content of TEMP: ==================== C:\Users\Bonnstar007\AppData\Local\Temp\7z920.exe C:\Users\Bonnstar007\AppData\Local\Temp\FLVPlayerSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\nseEDA1.exe C:\Users\Bonnstar007\AppData\Local\Temp\nskEEFA.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsq329D.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuC6FF.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuD6D8.exe C:\Users\Bonnstar007\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Bonnstar007\AppData\Local\Temp\nvStInst.exe C:\Users\Bonnstar007\AppData\Local\Temp\Quarantine.exe C:\Users\Bonnstar007\AppData\Local\Temp\sfamcc00001.dll C:\Users\Bonnstar007\AppData\Local\Temp\SHSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\tbDVD2.dll C:\Users\Bonnstar007\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-21 15:13 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013 Ran by Bonnstar007 at 2013-09-22 09:25:03 Running from D:\04_Download Boot Mode: Normal ========================================================== ==================== Installed Programs ====================== 4500_G510gm_Help_Web (x32 Version: 000.0.440.000) 4500G510gm_Software_Min (x32 Version: 000.0.423.000) 4500G510gm_web (x32 Version: 000.0.425.000) 64 Bit HP CIO Components Installer (Version: 6.2.1) AAVUpdateManager (x32 Version: 18.00.0000) Acrobat.com (x32 Version: 0.0.0) Acrobat.com (x32 Version: 1.1.377) Adobe AIR (x32 Version: 1.0.4990) Adobe AIR (x32 Version: 1.0.8.4990) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.248 (x32) ASRock InstantBoot v1.29 (x32) ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 avast! Free Antivirus (x32 Version: 8.0.1497.0) Bonjour (Version: 3.0.0.10) BufferChm (x32 Version: 130.0.331.000) CCleaner (Version: 3.25) Dota 2 (x32) DVDFab 9.0.4.0 (15/05/2013) FLV Player (HKCU Version: 1.0) Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610) GeForce Experience NvStream Client Components (Version: 0.1.87) Google Chrome (x32 Version: 29.0.1547.76) Google Drive (x32 Version: 1.11.4865.2530) Google Earth Plug-in (x32 Version: 7.1.1.1888) HP Officejet 4500 G510g-m (Version: 13.0) iCloud (Version: 3.0.2.163) Iminent (x32 Version: 6.37.21.0) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Management Engine Components (x32 Version: 8.0.3.1427) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 8.15.10.2761) Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006) Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) iTunes (Version: 11.1.0.126) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.5) JDownloader 2 (x32 Version: 2) K-Lite Codec Pack 9.6.0 (64-bit) (Version: 9.6.0) MagicDisc 2.7.106 (x32) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NBA 2K13 (x32 Version: 1.0.0) Network64 (Version: 130.0.550.000) NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01) NVIDIA 3D Vision Treiber 327.23 (Version: 327.23) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Grafiktreiber 327.23 (Version: 327.23) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Systemsteuerung 327.23 (Version: 327.23) NVIDIA Update 8.3.14 (Version: 8.3.14) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) PDF24 Creator 5.2.0 (x32) PhotoSlim (x32) Pro Evolution Soccer 2013 (x32 Version: 1.02.0000) Pro Evolution Soccer 2013 Patch 1.02 (x32) Pro Evolution Soccer 2013 Patch 1.04 (x32) Pro Evolution Soccer 2014 (x32 Version: 1.01.0000) PunkBuster Services (x32 Version: 0.991) Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482) Scan (x32 Version: 13.0.0.0) SHIELD Streaming (Version: 1.05.28) SpeedFan (remove only) (x32) Spotify (HKCU Version: 0.9.1.57.ge7405149) Steam (x32 Version: 1.0.0.0) Steuer-Spar-Erklärung 2013 (x32 Version: 18.09) TeamViewer 8 (x32 Version: 8.0.20935) THX TruStudio (x32 Version: 1.00.01) Toolbox (x32 Version: 130.0.648.000) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Uplay (x32 Version: 2.0) VIRTU MVP 2.1.111 (Version: 2.1.111) VoiceOver Kit (x32 Version: 1.42.128.0) WebReg (x32 Version: 130.0.132.017) Win7codecs (x32 Version: 3.9.2) WinRAR 4.20 (64-Bit) (Version: 4.20.0) World of Tanks (x32) x64 Components v3.9.2 (Version: 3.9.2) XCOM: Enemy Unknown (x32) ==================== Restore Points ========================= 12-09-2013 05:41:05 Windows Update 12-09-2013 06:22:06 Windows Update 12-09-2013 20:33:51 Windows Update 13-09-2013 07:55:38 Windows Update 13-09-2013 16:32:19 Windows Update 13-09-2013 21:43:07 Windows Update 17-09-2013 18:00:00 Windows Update 19-09-2013 19:11:30 Removed Microsoft Fix it Center 20-09-2013 18:16:46 Removed iTunes 20-09-2013 18:17:29 Removed QuickTime 20-09-2013 18:18:52 Installed iTunes 20-09-2013 18:56:23 Installed SpyHunter 20-09-2013 19:24:15 Removed SpyHunter ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-01-31 14:58 - 00000853 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {37FA2A90-F6E6-43A4-9600-CB27F6C9A56B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {4BBADF2C-2A68-4EE4-BB0E-3073B86E2A71} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe Task: {4D432CD6-6D2E-4752-A331-E1AA658E0A1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {5B33438F-80B4-4389-9E76-E68ECF79B8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {5FFEF504-87D1-4763-A095-FC35BEC34A46} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {9B39E8FF-0210-41C2-A8B6-04CDB539757D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {A3D2B064-FD02-452B-9569-7129F54CE7A4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {B94B2976-EDEB-4017-8E01-4F53ED792151} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd) Task: {C0512662-1995-4589-B2A0-698027A6E6F5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {E357C690-4822-4089-9DA7-BBE9D4845545} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-21 21:55 - 2013-09-12 10:58 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-11-21 21:40 - 2012-05-21 04:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-11-21 21:40 - 2012-05-21 04:44 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-11-21 21:46 - 2012-03-12 12:14 - 00138528 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GuiCommon.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00279328 _____ (Lucidlogix Inc.) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GpuEnumerator.Dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00047904 _____ (Test) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekasrv.dll 2012-11-21 21:46 - 2012-03-12 11:52 - 00291328 _____ (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekc6420.dll 2012-11-22 23:57 - 2012-06-09 20:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00454944 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\VirtuContextMenuHandler.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00172320 _____ (Lucidlogix Inc.) C:\Windows\system32\appinit_dll.dll 2013-02-26 00:32 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) c:\windows\syswow64\nvinit.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 00362336 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll 2013-05-10 20:21 - 2013-09-12 10:22 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll 2013-09-20 22:23 - 2013-09-20 22:23 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_175.ocx 2012-11-21 21:47 - 2011-05-04 17:32 - 00094208 ____N () C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\de-DE\THXAudNB.resources.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00489984 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\812063380a132051c054f5ca865f322e\IAStorUtil.ni.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e218ecb21700f8ba41ec9d7415567388\IAStorCommon.ni.dll 2013-09-20 21:35 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll 2013-09-20 21:35 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll 2013-09-20 21:35 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll 2013-09-20 21:35 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll 2013-09-20 21:35 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ====== ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2012-09-01 08:22:19.032 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:58.055 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.977 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.914 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.805 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 07:52:31.774 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:18:38.709 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:12:10.453 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:08:14.294 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:01:42.723 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8087.01 MB Available physical RAM: 5932.91 MB Total Pagefile: 16172.2 MB Available Pagefile: 13745.05 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:101.16 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:756.11 GB) NTFS Drive g: (PES2014_R2) (CDROM) (Total:5.79 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: FE2717B0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FE2717CB) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ wenn ich auf web.de zum Beispiel gehe, werden Links wie "mehr" rot unterlegt und beim Mouse-Over wird Private-Treff.com angezeigt. Bei www.comunio.de auch. Ich glaube, dass es NAV-Links ist... |
22.09.2013, 19:28 | #8 |
/// the machine /// TB-Ausbilder | Tuvaro eingefangen! In welchem Browser? Oder in allen? ESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
22.09.2013, 20:59 | #9 |
| Tuvaro eingefangen! also bis jetzt im Chrome, habe auch den IE gestartet, da habe ich es noch nicht gesehen. Scan gerade noch. Log folgen. Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=0ba14114e1864f45835143bc34dca448 # engine=15222 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-09-22 07:48:16 # local_time=2013-09-22 09:48:16 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=774 16777213 85 91 32045 156589168 0 0 # compatibility_mode=5893 16776573 100 94 188741 131509146 0 0 # scanned=206198 # found=10 # cleaned=0 # scan_time=3403 sh=A32AA942597786B380ABDA361918B5E6BF4F26D1 ft=1 fh=e10233d53431d7f2 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\rld.dll" sh=E592559E1339D7C4621C1261ACCA3ADD94074AF6 ft=1 fh=df6d1106df9b0f04 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\rld_100.dll" sh=26A4D8D46950F6A36CE4C678DC1BA36F63980EAB ft=1 fh=5b1a47320b91d0bf vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2014\rld.dll" sh=C31C333A795FDA9F1F74E8B084446E293DBBD797 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Bonnstar007\AppData\Local\Temp\00294823\bnlcglmgilnpfbfngmbealiadjdnaeho\jYmyysS3.js" sh=C417E7499E2CD126A3D7B6DA62FB89650583589E ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Bonnstar007\AppData\Local\Temp\18be6784\oghoohlomhchioiagfadnfikomccelkb\c_uMBU3vj.js" sh=8BF312CB0DA9DC826C5D9C96023758E97346CD86 ft=1 fh=c11b1948c85ed768 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\04_Download\PESEdit.com 2014 Patch 0.1\Installer.exe" sh=8BF312CB0DA9DC826C5D9C96023758E97346CD86 ft=1 fh=c11b1948c85ed768 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\04_Download\PESEdit.com 2014 Patch 0.1\PESEdit.com 2014 Patch 0.1\Installer.exe" sh=4F76871A0DC0D25B3674C1938DB89BF8C4D121B0 ft=1 fh=12a6fa502c87b0e7 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\04_Download\PESEdit.com_2013_Patch_5.0\Installer.exe" sh=252D7EF258661C3EFF7B44521309AAD461E3EF18 ft=1 fh=12a6fa502d1428d8 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\04_Download\PESEdit.com_2013_Patch_6.0\Installer.exe" sh=26A4D8D46950F6A36CE4C678DC1BA36F63980EAB ft=1 fh=5b1a47320b91d0bf vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\04_Download\rld-pes14101\rld.dll" Code:
ATTFilter Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 25 Adobe Reader XI Mozilla Thunderbird (17.0.8) Google Chrome 29.0.1547.76 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013 Ran by Bonnstar007 (administrator) on BONNSTAR007-PC on 22-09-2013 21:55:26 Running from D:\04_Download Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Spotify Ltd) C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\EKAG20NT.EXE (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Farbar) D:\04_Download\FRST64 (1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [VIRTU MVP] - C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3006240 2012-03-12] () HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [ASRockXTU] - [x] HKCU\...\Run: [zASRockInstantBoot] - [x] HKCU\...\Run: [FLV Player] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [AppsHat] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [Spotify Web Helper] - C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-11] (Spotify Ltd) MountPoints2: {9bf4294d-337b-11e2-b6ff-806e6f6e6963} - E:\ASRSetup.exe MountPoints2: {abc04c1c-3415-11e2-9e2e-bc5ff4623056} - G:\autorun.exe HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.) AppInit_DLLs: C:\Windows\system32\appinit_dll.dll,C:\Windows\system32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x392A0578BC24CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll No File BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR RestoreOnStartup: "https://www.google.de/webhp?source=search_app&gws_rd=cr&ei=CqQ8UvabG8Su4ASYs4D4Bw" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Docs) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Black & white theme) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi\3_0 CHR Extension: (AdBlock) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0 CHR Extension: (Plus-HD-1.6) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh\1.24.81_0 CHR Extension: (DVDVideoSoft) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-29] () ==================== Drivers (Whitelisted) ==================== R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-22] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-22 09:15 - 2013-09-22 09:15 - 00000000 ____D C:\Windows\ERUNT 2013-09-22 09:11 - 2013-09-22 09:12 - 00000000 ____D C:\AdwCleaner 2013-09-22 09:03 - 2013-09-22 09:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-22 09:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-21 21:20 - 2013-09-21 21:20 - 00003334 _____ C:\Windows\System32\Tasks\{B631C0F0-E6D3-49A9-9B79-65A7F926B717} 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:35 - 2013-09-20 21:35 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:14 - 2013-09-20 21:15 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 21:06 - 2013-09-20 21:24 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:00 - 2013-09-20 21:24 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:48 - 2013-09-22 09:12 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:47 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 21:10 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-19 21:10 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-19 21:10 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-09-19 21:10 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:17 - 2013-09-18 19:33 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-12 08:24 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-12 08:24 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-12 08:24 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-12 07:42 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 07:42 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-12 07:42 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 07:42 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 07:42 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 07:42 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-02 21:32 - 2013-09-20 21:11 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-02 21:30 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2013-09-02 21:30 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2013-09-02 21:30 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:20 - 2013-09-03 07:42 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll 2013-09-02 21:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player ==================== One Month Modified Files and Folders ======= 2013-09-22 21:45 - 2012-12-08 00:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-22 21:23 - 2012-11-21 21:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-22 20:54 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-22 20:54 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-22 20:49 - 2011-04-12 09:43 - 00696848 _____ C:\Windows\system32\perfh007.dat 2013-09-22 20:49 - 2011-04-12 09:43 - 00148144 _____ C:\Windows\system32\perfc007.dat 2013-09-22 20:49 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-22 20:46 - 2012-11-21 21:39 - 01617749 _____ C:\Windows\WindowsUpdate.log 2013-09-22 20:43 - 2013-08-15 07:46 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-22 20:43 - 2012-12-29 12:04 - 00037556 _____ C:\Windows\setupact.log 2013-09-22 20:43 - 2012-12-29 12:03 - 00180540 _____ C:\Windows\PFRO.log 2013-09-22 20:43 - 2012-12-08 00:40 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-22 20:43 - 2012-11-21 21:56 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-22 20:43 - 2012-11-21 21:45 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2013-09-22 20:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-22 12:54 - 2012-11-21 22:30 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-22 12:54 - 2012-11-21 22:30 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-22 09:15 - 2013-09-22 09:15 - 00000000 ____D C:\Windows\ERUNT 2013-09-22 09:12 - 2013-09-22 09:11 - 00000000 ____D C:\AdwCleaner 2013-09-22 09:12 - 2013-09-20 20:48 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-22 09:03 - 2013-09-22 09:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-21 21:20 - 2013-09-21 21:20 - 00003334 _____ C:\Windows\System32\Tasks\{B631C0F0-E6D3-49A9-9B79-65A7F926B717} 2013-09-21 15:57 - 2012-11-21 22:16 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\CrashDumps 2013-09-20 22:23 - 2012-11-21 21:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 22:23 - 2012-11-21 21:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-20 22:23 - 2012-11-21 21:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:35 - 2013-09-20 21:35 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-20 21:35 - 2012-11-21 21:53 - 00000000 ____D C:\Program Files (x86)\Google 2013-09-20 21:34 - 2013-06-10 00:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:24 - 2013-09-20 21:06 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:24 - 2013-09-20 21:00 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 21:24 - 2012-11-21 22:29 - 00000000 ____D C:\Windows\system32\appmgmt 2013-09-20 21:15 - 2013-09-20 21:14 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:11 - 2013-09-02 21:32 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:48 - 2013-09-20 20:47 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2013-06-06 17:17 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-09-20 20:13 - 2012-11-21 22:35 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Apple Computer 2013-09-20 20:12 - 2012-11-21 22:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:12 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:29 - 2012-11-21 22:14 - 00000000 ____D C:\Users\Bonnstar007\Documents\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\ProgramData\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\Program Files (x86)\KONAMI 2013-09-19 07:30 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Spotify 2013-09-18 19:33 - 2013-09-19 18:17 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-13 17:55 - 2013-08-16 21:08 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-12 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-12 20:17 - 2009-07-14 06:45 - 00418408 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 10:58 - 2013-09-19 21:10 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-12 10:58 - 2013-09-19 21:10 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-12 10:58 - 2012-11-21 21:55 - 00022814 _____ C:\Windows\system32\nvinfo.pb 2013-09-12 09:25 - 2012-11-21 21:56 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-09-12 09:25 - 2012-11-21 21:56 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-09-12 08:24 - 2013-08-15 00:51 - 00000000 ____D C:\Windows\system32\MRT 2013-09-12 08:24 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini 2013-09-12 08:23 - 2012-08-31 23:36 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-12 07:43 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\Spotify 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-12 00:06 - 2012-11-21 21:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin 2013-09-03 07:42 - 2013-09-02 21:20 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:30 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-09-02 21:29 - 2012-12-11 21:49 - 00000000 ____D C:\Users\Bonnstar007\Desktop\IPHONE 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:21 - 2012-11-21 21:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2013-08-31 12:24 - 2013-08-17 02:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\WebPlayer 2013-08-30 19:17 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-30 09:48 - 2013-04-21 12:23 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 09:48 - 2013-04-21 12:23 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 09:47 - 2012-11-21 22:30 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 09:47 - 2012-11-21 22:30 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-08-29 06:59 - 2013-07-22 21:38 - 00000000 ____D C:\Users\Bonnstar007\Documents\Steuerfälle 2013-08-24 08:57 - 2012-11-22 00:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-23 19:01 - 2013-08-21 00:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird Some content of TEMP: ==================== C:\Users\Bonnstar007\AppData\Local\Temp\7z920.exe C:\Users\Bonnstar007\AppData\Local\Temp\FLVPlayerSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\nseEDA1.exe C:\Users\Bonnstar007\AppData\Local\Temp\nskEEFA.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsq329D.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuC6FF.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuD6D8.exe C:\Users\Bonnstar007\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Bonnstar007\AppData\Local\Temp\nvStInst.exe C:\Users\Bonnstar007\AppData\Local\Temp\Quarantine.exe C:\Users\Bonnstar007\AppData\Local\Temp\sfamcc00001.dll C:\Users\Bonnstar007\AppData\Local\Temp\SHSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\tbDVD2.dll C:\Users\Bonnstar007\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-21 15:13 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013 Ran by Bonnstar007 at 2013-09-22 21:55:44 Running from D:\04_Download Boot Mode: Normal ========================================================== ==================== Installed Programs ====================== 4500_G510gm_Help_Web (x32 Version: 000.0.440.000) 4500G510gm_Software_Min (x32 Version: 000.0.423.000) 4500G510gm_web (x32 Version: 000.0.425.000) 64 Bit HP CIO Components Installer (Version: 6.2.1) AAVUpdateManager (x32 Version: 18.00.0000) Acrobat.com (x32 Version: 0.0.0) Acrobat.com (x32 Version: 1.1.377) Adobe AIR (x32 Version: 1.0.4990) Adobe AIR (x32 Version: 1.0.8.4990) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.248 (x32) ASRock InstantBoot v1.29 (x32) ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 avast! Free Antivirus (x32 Version: 8.0.1497.0) Bonjour (Version: 3.0.0.10) BufferChm (x32 Version: 130.0.331.000) CCleaner (Version: 3.25) Dota 2 (x32) DVDFab 9.0.4.0 (15/05/2013) ESET Online Scanner v3 (x32) FLV Player (HKCU Version: 1.0) Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610) GeForce Experience NvStream Client Components (Version: 0.1.87) Google Chrome (x32 Version: 29.0.1547.76) Google Drive (x32 Version: 1.11.4865.2530) Google Earth Plug-in (x32 Version: 7.1.1.1888) HP Officejet 4500 G510g-m (Version: 13.0) iCloud (Version: 3.0.2.163) Iminent (x32 Version: 6.37.21.0) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Management Engine Components (x32 Version: 8.0.3.1427) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 8.15.10.2761) Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006) Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) iTunes (Version: 11.1.0.126) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.5) JDownloader 2 (x32 Version: 2) K-Lite Codec Pack 9.6.0 (64-bit) (Version: 9.6.0) MagicDisc 2.7.106 (x32) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NBA 2K13 (x32 Version: 1.0.0) Network64 (Version: 130.0.550.000) NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01) NVIDIA 3D Vision Treiber 327.23 (Version: 327.23) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Grafiktreiber 327.23 (Version: 327.23) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Systemsteuerung 327.23 (Version: 327.23) NVIDIA Update 8.3.14 (Version: 8.3.14) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) PDF24 Creator 5.2.0 (x32) PhotoSlim (x32) Pro Evolution Soccer 2013 (x32 Version: 1.02.0000) Pro Evolution Soccer 2013 Patch 1.02 (x32) Pro Evolution Soccer 2013 Patch 1.04 (x32) Pro Evolution Soccer 2014 (x32 Version: 1.01.0000) PunkBuster Services (x32 Version: 0.991) Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482) Scan (x32 Version: 13.0.0.0) SHIELD Streaming (Version: 1.05.28) SpeedFan (remove only) (x32) Spotify (HKCU Version: 0.9.1.57.ge7405149) Steam (x32 Version: 1.0.0.0) Steuer-Spar-Erklärung 2013 (x32 Version: 18.09) TeamViewer 8 (x32 Version: 8.0.20935) THX TruStudio (x32 Version: 1.00.01) Toolbox (x32 Version: 130.0.648.000) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Uplay (x32 Version: 2.0) VIRTU MVP 2.1.111 (Version: 2.1.111) VoiceOver Kit (x32 Version: 1.42.128.0) WebReg (x32 Version: 130.0.132.017) Win7codecs (x32 Version: 3.9.2) WinRAR 4.20 (64-Bit) (Version: 4.20.0) World of Tanks (x32) x64 Components v3.9.2 (Version: 3.9.2) XCOM: Enemy Unknown (x32) ==================== Restore Points ========================= 12-09-2013 05:41:05 Windows Update 12-09-2013 06:22:06 Windows Update 12-09-2013 20:33:51 Windows Update 13-09-2013 07:55:38 Windows Update 13-09-2013 16:32:19 Windows Update 13-09-2013 21:43:07 Windows Update 17-09-2013 18:00:00 Windows Update 19-09-2013 19:11:30 Removed Microsoft Fix it Center 20-09-2013 18:16:46 Removed iTunes 20-09-2013 18:17:29 Removed QuickTime 20-09-2013 18:18:52 Installed iTunes 20-09-2013 18:56:23 Installed SpyHunter 20-09-2013 19:24:15 Removed SpyHunter ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-01-31 14:58 - 00000853 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {19E85149-196F-4ECF-A99E-63B6CA2DD412} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {37FA2A90-F6E6-43A4-9600-CB27F6C9A56B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {4BBADF2C-2A68-4EE4-BB0E-3073B86E2A71} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe Task: {4D432CD6-6D2E-4752-A331-E1AA658E0A1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {5B33438F-80B4-4389-9E76-E68ECF79B8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {5FFEF504-87D1-4763-A095-FC35BEC34A46} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {A3D2B064-FD02-452B-9569-7129F54CE7A4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {B94B2976-EDEB-4017-8E01-4F53ED792151} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd) Task: {E357C690-4822-4089-9DA7-BBE9D4845545} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EEA81B56-FB3C-4DC2-8E42-E11FDD1F933B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-21 21:55 - 2013-09-12 10:58 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-11-21 21:40 - 2012-05-21 04:44 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-11-22 23:57 - 2012-06-09 20:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00454944 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\VirtuContextMenuHandler.dll 2012-11-21 21:40 - 2012-05-21 04:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00138528 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GuiCommon.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00279328 _____ (Lucidlogix Inc.) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GpuEnumerator.Dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00047904 _____ (Test) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekasrv.dll 2012-11-21 21:46 - 2012-03-12 11:52 - 00291328 _____ (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekc6420.dll 2012-11-21 21:47 - 2011-05-19 10:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2013-09-20 22:23 - 2013-09-20 22:23 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_175.ocx 2012-11-21 21:47 - 2011-05-04 17:32 - 00094208 ____N () C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\de-DE\THXAudNB.resources.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 00362336 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll 2013-05-10 20:21 - 2013-09-12 10:22 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00489984 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\812063380a132051c054f5ca865f322e\IAStorUtil.ni.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e218ecb21700f8ba41ec9d7415567388\IAStorCommon.ni.dll ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/22/2013 09:51:50 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 09:50:22 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 08:49:02 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 08:48:59 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 08:45:18 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 08:43:27 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 00:55:28 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 00:53:36 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 10:25:00 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. System errors: ============= Microsoft Office Sessions: ========================= Error: (09/22/2013 09:51:50 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe Error: (09/22/2013 09:50:22 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (09/22/2013 08:49:02 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe Error: (09/22/2013 08:48:59 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe Error: (09/22/2013 08:45:18 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 08:43:27 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 00:55:28 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 00:53:36 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 10:25:00 AM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 CodeIntegrity Errors: =================================== Date: 2012-09-01 08:22:19.032 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:58.055 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.977 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.914 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.805 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 07:52:31.774 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:18:38.709 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:12:10.453 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:08:14.294 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:01:42.723 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 23% Total physical RAM: 8087.01 MB Available physical RAM: 6203.96 MB Total Pagefile: 16172.2 MB Available Pagefile: 14227.13 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:99.86 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:770.37 GB) NTFS Drive g: (PES2014_R2) (CDROM) (Total:5.79 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: FE2717B0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FE2717CB) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013 Ran by Bonnstar007 at 2013-09-22 21:55:44 Running from D:\04_Download Boot Mode: Normal ========================================================== ==================== Installed Programs ====================== 4500_G510gm_Help_Web (x32 Version: 000.0.440.000) 4500G510gm_Software_Min (x32 Version: 000.0.423.000) 4500G510gm_web (x32 Version: 000.0.425.000) 64 Bit HP CIO Components Installer (Version: 6.2.1) AAVUpdateManager (x32 Version: 18.00.0000) Acrobat.com (x32 Version: 0.0.0) Acrobat.com (x32 Version: 1.1.377) Adobe AIR (x32 Version: 1.0.4990) Adobe AIR (x32 Version: 1.0.8.4990) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.248 (x32) ASRock InstantBoot v1.29 (x32) ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 avast! Free Antivirus (x32 Version: 8.0.1497.0) Bonjour (Version: 3.0.0.10) BufferChm (x32 Version: 130.0.331.000) CCleaner (Version: 3.25) Dota 2 (x32) DVDFab 9.0.4.0 (15/05/2013) ESET Online Scanner v3 (x32) FLV Player (HKCU Version: 1.0) Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610) GeForce Experience NvStream Client Components (Version: 0.1.87) Google Chrome (x32 Version: 29.0.1547.76) Google Drive (x32 Version: 1.11.4865.2530) Google Earth Plug-in (x32 Version: 7.1.1.1888) HP Officejet 4500 G510g-m (Version: 13.0) iCloud (Version: 3.0.2.163) Iminent (x32 Version: 6.37.21.0) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Management Engine Components (x32 Version: 8.0.3.1427) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 8.15.10.2761) Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006) Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) iTunes (Version: 11.1.0.126) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.5) JDownloader 2 (x32 Version: 2) K-Lite Codec Pack 9.6.0 (64-bit) (Version: 9.6.0) MagicDisc 2.7.106 (x32) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NBA 2K13 (x32 Version: 1.0.0) Network64 (Version: 130.0.550.000) NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01) NVIDIA 3D Vision Treiber 327.23 (Version: 327.23) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Grafiktreiber 327.23 (Version: 327.23) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Systemsteuerung 327.23 (Version: 327.23) NVIDIA Update 8.3.14 (Version: 8.3.14) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) PDF24 Creator 5.2.0 (x32) PhotoSlim (x32) Pro Evolution Soccer 2013 (x32 Version: 1.02.0000) Pro Evolution Soccer 2013 Patch 1.02 (x32) Pro Evolution Soccer 2013 Patch 1.04 (x32) Pro Evolution Soccer 2014 (x32 Version: 1.01.0000) PunkBuster Services (x32 Version: 0.991) Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482) Scan (x32 Version: 13.0.0.0) SHIELD Streaming (Version: 1.05.28) SpeedFan (remove only) (x32) Spotify (HKCU Version: 0.9.1.57.ge7405149) Steam (x32 Version: 1.0.0.0) Steuer-Spar-Erklärung 2013 (x32 Version: 18.09) TeamViewer 8 (x32 Version: 8.0.20935) THX TruStudio (x32 Version: 1.00.01) Toolbox (x32 Version: 130.0.648.000) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Uplay (x32 Version: 2.0) VIRTU MVP 2.1.111 (Version: 2.1.111) VoiceOver Kit (x32 Version: 1.42.128.0) WebReg (x32 Version: 130.0.132.017) Win7codecs (x32 Version: 3.9.2) WinRAR 4.20 (64-Bit) (Version: 4.20.0) World of Tanks (x32) x64 Components v3.9.2 (Version: 3.9.2) XCOM: Enemy Unknown (x32) ==================== Restore Points ========================= 12-09-2013 05:41:05 Windows Update 12-09-2013 06:22:06 Windows Update 12-09-2013 20:33:51 Windows Update 13-09-2013 07:55:38 Windows Update 13-09-2013 16:32:19 Windows Update 13-09-2013 21:43:07 Windows Update 17-09-2013 18:00:00 Windows Update 19-09-2013 19:11:30 Removed Microsoft Fix it Center 20-09-2013 18:16:46 Removed iTunes 20-09-2013 18:17:29 Removed QuickTime 20-09-2013 18:18:52 Installed iTunes 20-09-2013 18:56:23 Installed SpyHunter 20-09-2013 19:24:15 Removed SpyHunter ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-01-31 14:58 - 00000853 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {19E85149-196F-4ECF-A99E-63B6CA2DD412} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {37FA2A90-F6E6-43A4-9600-CB27F6C9A56B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {4BBADF2C-2A68-4EE4-BB0E-3073B86E2A71} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe Task: {4D432CD6-6D2E-4752-A331-E1AA658E0A1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {5B33438F-80B4-4389-9E76-E68ECF79B8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {5FFEF504-87D1-4763-A095-FC35BEC34A46} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {A3D2B064-FD02-452B-9569-7129F54CE7A4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {B94B2976-EDEB-4017-8E01-4F53ED792151} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd) Task: {E357C690-4822-4089-9DA7-BBE9D4845545} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EEA81B56-FB3C-4DC2-8E42-E11FDD1F933B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-21 21:55 - 2013-09-12 10:58 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-11-21 21:40 - 2012-05-21 04:44 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-11-22 23:57 - 2012-06-09 20:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00454944 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\VirtuContextMenuHandler.dll 2012-11-21 21:40 - 2012-05-21 04:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00138528 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GuiCommon.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00279328 _____ (Lucidlogix Inc.) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GpuEnumerator.Dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00047904 _____ (Test) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekasrv.dll 2012-11-21 21:46 - 2012-03-12 11:52 - 00291328 _____ (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekc6420.dll 2012-11-21 21:47 - 2011-05-19 10:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2013-09-20 22:23 - 2013-09-20 22:23 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_175.ocx 2012-11-21 21:47 - 2011-05-04 17:32 - 00094208 ____N () C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\de-DE\THXAudNB.resources.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 00362336 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll 2013-05-10 20:21 - 2013-09-12 10:22 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00489984 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\812063380a132051c054f5ca865f322e\IAStorUtil.ni.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e218ecb21700f8ba41ec9d7415567388\IAStorCommon.ni.dll ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/22/2013 09:51:50 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 09:50:22 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 08:49:02 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 08:48:59 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 08:45:18 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 08:43:27 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 00:55:28 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 00:53:36 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 10:25:00 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. System errors: ============= Microsoft Office Sessions: ========================= Error: (09/22/2013 09:51:50 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe Error: (09/22/2013 09:50:22 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (09/22/2013 08:49:02 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe Error: (09/22/2013 08:48:59 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe Error: (09/22/2013 08:45:18 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 08:43:27 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 00:55:28 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2013 00:53:36 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 10:25:00 AM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 CodeIntegrity Errors: =================================== Date: 2012-09-01 08:22:19.032 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:58.055 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.977 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.914 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.805 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 07:52:31.774 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:18:38.709 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:12:10.453 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:08:14.294 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:01:42.723 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 23% Total physical RAM: 8087.01 MB Available physical RAM: 6203.96 MB Total Pagefile: 16172.2 MB Available Pagefile: 14227.13 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:99.86 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:770.37 GB) NTFS Drive g: (PES2014_R2) (CDROM) (Total:5.79 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: FE2717B0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FE2717CB) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
23.09.2013, 09:15 | #10 |
/// the machine /// TB-Ausbilder | Tuvaro eingefangen! Chrome deinstallierne, keine Daten behalten, neu installieren. Nochmal testen. Frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
24.09.2013, 06:41 | #11 |
| Tuvaro eingefangen! Hallo Schrauber, habe chrome deinstalliert. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2013 01 Ran by Bonnstar007 (administrator) on BONNSTAR007-PC on 24-09-2013 07:39:48 Running from D:\04_Download Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe () C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Spotify Ltd) C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\EKAG20NT.EXE (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Farbar) D:\04_Download\FRST64 (2).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [VIRTU MVP] - C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3006240 2012-03-12] () HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [ASRockXTU] - [x] HKCU\...\Run: [zASRockInstantBoot] - [x] HKCU\...\Run: [FLV Player] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [AppsHat] - C:\Users\Bonnstar007\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [Spotify Web Helper] - C:\Users\Bonnstar007\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-11] (Spotify Ltd) MountPoints2: {9bf4294d-337b-11e2-b6ff-806e6f6e6963} - E:\ASRSetup.exe MountPoints2: {abc04c1c-3415-11e2-9e2e-bc5ff4623056} - G:\autorun.exe HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.) AppInit_DLLs: C:\Windows\system32\appinit_dll.dll,C:\Windows\system32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x392A0578BC24CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll No File BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Docs) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1 CHR Extension: (YouTube) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1 CHR Extension: (Adblock Plus) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0 CHR Extension: (Google Search) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1 CHR Extension: (Dark Horizon) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjjeokpcnllmmbbipeaagmdpdpiadin\1.0_0 CHR Extension: (DVDVideoSoft) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1 CHR Extension: (Gmail) - C:\Users\BONNST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2 CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-29] () ==================== Drivers (Whitelisted) ==================== R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-24] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-24 07:37 - 2013-09-24 07:37 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-22 09:15 - 2013-09-22 09:15 - 00000000 ____D C:\Windows\ERUNT 2013-09-22 09:11 - 2013-09-22 09:12 - 00000000 ____D C:\AdwCleaner 2013-09-22 09:03 - 2013-09-22 09:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-22 09:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-21 21:20 - 2013-09-21 21:20 - 00003334 _____ C:\Windows\System32\Tasks\{B631C0F0-E6D3-49A9-9B79-65A7F926B717} 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:14 - 2013-09-20 21:15 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 21:06 - 2013-09-20 21:24 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:00 - 2013-09-20 21:24 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:48 - 2013-09-22 09:12 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:47 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 21:10 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-19 21:10 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-19 21:10 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-19 21:10 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-09-19 21:10 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:17 - 2013-09-18 19:33 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-12 08:24 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-12 08:24 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-12 08:24 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-12 08:24 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-12 08:24 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-12 08:24 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-12 08:24 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-12 08:24 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-12 08:24 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-12 07:42 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 07:42 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-12 07:42 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-12 07:42 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 07:42 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 07:42 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 07:42 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 07:42 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 07:42 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 07:42 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 07:42 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 07:42 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 07:42 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 07:42 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 07:42 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 07:42 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-02 21:32 - 2013-09-20 21:11 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-02 21:30 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2013-09-02 21:30 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2013-09-02 21:30 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:20 - 2013-09-03 07:42 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll 2013-09-02 21:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player ==================== One Month Modified Files and Folders ======= 2013-09-24 07:37 - 2013-09-24 07:37 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-24 07:37 - 2012-11-21 21:53 - 00000000 ____D C:\Program Files (x86)\Google 2013-09-24 07:31 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-24 07:31 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-24 07:30 - 2011-04-12 09:43 - 00696848 _____ C:\Windows\system32\perfh007.dat 2013-09-24 07:30 - 2011-04-12 09:43 - 00148144 _____ C:\Windows\system32\perfc007.dat 2013-09-24 07:30 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-24 07:28 - 2012-11-21 21:39 - 01713675 _____ C:\Windows\WindowsUpdate.log 2013-09-24 07:24 - 2013-08-15 07:46 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-24 07:24 - 2012-12-29 12:04 - 00038060 _____ C:\Windows\setupact.log 2013-09-24 07:24 - 2012-12-29 12:03 - 00181530 _____ C:\Windows\PFRO.log 2013-09-24 07:24 - 2012-12-08 00:40 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-24 07:24 - 2012-11-21 21:56 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-24 07:24 - 2012-11-21 21:45 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2013-09-24 07:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-23 22:23 - 2012-11-21 21:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-23 21:45 - 2012-12-08 00:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-22 12:54 - 2012-11-21 22:30 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-22 12:54 - 2012-11-21 22:30 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-22 09:15 - 2013-09-22 09:15 - 00000000 ____D C:\Windows\ERUNT 2013-09-22 09:12 - 2013-09-22 09:11 - 00000000 ____D C:\AdwCleaner 2013-09-22 09:12 - 2013-09-20 20:48 - 00000000 ____D C:\Program Files (x86)\ss helper 2013-09-22 09:03 - 2013-09-22 09:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-22 09:03 - 2013-09-22 09:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-21 21:20 - 2013-09-21 21:20 - 00003334 _____ C:\Windows\System32\Tasks\{B631C0F0-E6D3-49A9-9B79-65A7F926B717} 2013-09-21 15:57 - 2012-11-21 22:16 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\CrashDumps 2013-09-20 22:23 - 2012-11-21 21:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 22:23 - 2012-11-21 21:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-20 22:23 - 2012-11-21 21:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 21:46 - 2013-09-20 21:46 - 00000000 ____D C:\FRST 2013-09-20 21:34 - 2013-06-10 00:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-20 21:32 - 2013-09-20 21:32 - 00000088 _____ C:\Windows\SysWOW64\15286788023581645756.log 2013-09-20 21:24 - 2013-09-20 21:24 - 00003164 _____ C:\Windows\System32\Tasks\{501F9942-FE30-4F53-B2A8-CC788DD1443E} 2013-09-20 21:24 - 2013-09-20 21:06 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-20 21:24 - 2013-09-20 21:00 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2013-09-20 21:24 - 2012-11-21 22:29 - 00000000 ____D C:\Windows\system32\appmgmt 2013-09-20 21:15 - 2013-09-20 21:14 - 00024781 _____ C:\AdwCleaner[S1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00024280 _____ C:\AdwCleaner[R1].txt 2013-09-20 21:14 - 2013-09-20 21:14 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-20 21:11 - 2013-09-02 21:32 - 00000000 ____D C:\Users\Bonnstar007\Desktop\Dokumente_2013 2013-09-20 21:07 - 2013-09-20 21:07 - 00000000 _____ C:\autoexec.bat 2013-09-20 20:56 - 2013-09-20 20:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-20 20:48 - 2013-09-20 20:48 - 00000000 ____D C:\ProgramData\SummerSoft 2013-09-20 20:48 - 2013-09-20 20:47 - 00000000 ____D C:\ProgramData\InstallMate 2013-09-20 20:19 - 2013-09-20 20:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iTunes 2013-09-20 20:19 - 2013-09-20 20:19 - 00000000 ____D C:\Program Files\iPod 2013-09-20 20:19 - 2013-06-06 17:17 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-09-20 20:13 - 2012-11-21 22:35 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Apple Computer 2013-09-20 20:12 - 2012-11-21 22:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-19 21:12 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2013-09-19 21:11 - 2013-09-19 21:11 - 00000000 ____D C:\Windows\system32\NV 2013-09-19 19:46 - 2013-09-19 19:46 - 00001741 _____ C:\Users\Bonnstar007\Desktop\pes2014 - Verknüpfung.lnk 2013-09-19 18:29 - 2012-11-21 22:14 - 00000000 ____D C:\Users\Bonnstar007\Documents\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\ProgramData\KONAMI 2013-09-19 18:25 - 2012-11-21 22:12 - 00000000 ____D C:\Program Files (x86)\KONAMI 2013-09-19 07:30 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Spotify 2013-09-18 19:33 - 2013-09-19 18:17 - 1925900288 _____ C:\Users\Bonnstar007\Desktop\rld-pes14.iso 2013-09-13 17:55 - 2013-08-16 21:08 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-12 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-12 20:17 - 2012-11-21 21:37 - 00000000 ___RD C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-12 20:17 - 2009-07-14 06:45 - 00418408 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 10:58 - 2013-09-19 21:10 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-12 10:58 - 2013-09-19 21:10 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-12 10:58 - 2013-09-19 21:10 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-09-12 10:58 - 2013-04-14 01:33 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-12 10:58 - 2013-02-26 00:32 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-12 10:58 - 2012-11-21 21:55 - 00022814 _____ C:\Windows\system32\nvinfo.pb 2013-09-12 09:25 - 2012-11-21 21:56 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-09-12 09:25 - 2012-11-21 21:56 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-09-12 09:25 - 2012-11-21 21:56 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-09-12 08:24 - 2013-08-15 00:51 - 00000000 ____D C:\Windows\system32\MRT 2013-09-12 08:24 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini 2013-09-12 08:23 - 2012-08-31 23:36 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-12 07:43 - 2012-11-22 00:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\Spotify 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-12 00:06 - 2012-11-21 21:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin 2013-09-03 07:42 - 2013-09-02 21:20 - 01590370 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-02 21:30 - 2012-11-21 21:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-09-02 21:29 - 2012-12-11 21:49 - 00000000 ____D C:\Users\Bonnstar007\Desktop\IPHONE 2013-09-02 21:22 - 2013-09-02 21:22 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\NVIDIA 2013-09-02 21:21 - 2012-11-21 21:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-08-31 12:25 - 2013-08-31 12:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat 2013-08-31 12:24 - 2013-08-31 12:24 - 00000000 ____D C:\Users\Bonnstar007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2013-08-31 12:24 - 2013-08-17 02:25 - 00000000 ____D C:\Users\Bonnstar007\AppData\Local\WebPlayer 2013-08-30 19:17 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-30 09:48 - 2013-04-21 12:23 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 09:48 - 2013-04-21 12:23 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 09:48 - 2012-11-21 22:30 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 09:47 - 2012-11-21 22:30 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 09:47 - 2012-11-21 22:30 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-08-29 06:59 - 2013-07-22 21:38 - 00000000 ____D C:\Users\Bonnstar007\Documents\Steuerfälle Some content of TEMP: ==================== C:\Users\Bonnstar007\AppData\Local\Temp\7z920.exe C:\Users\Bonnstar007\AppData\Local\Temp\FLVPlayerSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Bonnstar007\AppData\Local\Temp\nseEDA1.exe C:\Users\Bonnstar007\AppData\Local\Temp\nskEEFA.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsq329D.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuC6FF.exe C:\Users\Bonnstar007\AppData\Local\Temp\nsuD6D8.exe C:\Users\Bonnstar007\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Bonnstar007\AppData\Local\Temp\nvStInst.exe C:\Users\Bonnstar007\AppData\Local\Temp\Quarantine.exe C:\Users\Bonnstar007\AppData\Local\Temp\sfamcc00001.dll C:\Users\Bonnstar007\AppData\Local\Temp\SHSetup.exe C:\Users\Bonnstar007\AppData\Local\Temp\tbDVD2.dll C:\Users\Bonnstar007\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-21 15:13 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2013 01 Ran by Bonnstar007 at 2013-09-24 07:40:05 Running from D:\04_Download Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 4500_G510gm_Help_Web (x32 Version: 000.0.440.000) 4500G510gm_Software_Min (x32 Version: 000.0.423.000) 4500G510gm_web (x32 Version: 000.0.425.000) 64 Bit HP CIO Components Installer (Version: 6.2.1) AAVUpdateManager (x32 Version: 18.00.0000) Acrobat.com (x32 Version: 0.0.0) Acrobat.com (x32 Version: 1.1.377) Adobe AIR (x32 Version: 1.0.4990) Adobe AIR (x32 Version: 1.0.8.4990) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.248 (x32) ASRock InstantBoot v1.29 (x32) ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 avast! Free Antivirus (x32 Version: 8.0.1497.0) Bonjour (Version: 3.0.0.10) BufferChm (x32 Version: 130.0.331.000) CCleaner (Version: 3.25) Dota 2 (x32) DVDFab 9.0.4.0 (15/05/2013) ESET Online Scanner v3 (x32) FLV Player (HKCU Version: 1.0) Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610) GeForce Experience NvStream Client Components (Version: 0.1.87) Google Chrome (x32 Version: 29.0.1547.76) Google Drive (x32 Version: 1.11.4865.2530) Google Earth Plug-in (x32 Version: 7.1.1.1888) HP Officejet 4500 G510g-m (Version: 13.0) iCloud (Version: 3.0.2.163) Iminent (x32 Version: 6.37.21.0) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Management Engine Components (x32 Version: 8.0.3.1427) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 8.15.10.2761) Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006) Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) iTunes (Version: 11.1.0.126) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.5) JDownloader 2 (x32 Version: 2) K-Lite Codec Pack 9.6.0 (64-bit) (Version: 9.6.0) MagicDisc 2.7.106 (x32) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NBA 2K13 (x32 Version: 1.0.0) Network64 (Version: 130.0.550.000) NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01) NVIDIA 3D Vision Treiber 327.23 (Version: 327.23) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Grafiktreiber 327.23 (Version: 327.23) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Systemsteuerung 327.23 (Version: 327.23) NVIDIA Update 8.3.14 (Version: 8.3.14) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) PDF24 Creator 5.2.0 (x32) PhotoSlim (x32) Pro Evolution Soccer 2013 (x32 Version: 1.02.0000) Pro Evolution Soccer 2013 Patch 1.02 (x32) Pro Evolution Soccer 2013 Patch 1.04 (x32) Pro Evolution Soccer 2014 (x32 Version: 1.01.0000) PunkBuster Services (x32 Version: 0.991) Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482) Scan (x32 Version: 13.0.0.0) SHIELD Streaming (Version: 1.05.28) SpeedFan (remove only) (x32) Spotify (HKCU Version: 0.9.1.57.ge7405149) Steam (x32 Version: 1.0.0.0) Steuer-Spar-Erklärung 2013 (x32 Version: 18.09) TeamViewer 8 (x32 Version: 8.0.20935) THX TruStudio (x32 Version: 1.00.01) Toolbox (x32 Version: 130.0.648.000) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Uplay (x32 Version: 2.0) VIRTU MVP 2.1.111 (Version: 2.1.111) VoiceOver Kit (x32 Version: 1.42.128.0) WebReg (x32 Version: 130.0.132.017) Win7codecs (x32 Version: 3.9.2) WinRAR 4.20 (64-Bit) (Version: 4.20.0) World of Tanks (x32) x64 Components v3.9.2 (Version: 3.9.2) XCOM: Enemy Unknown (x32) ==================== Restore Points ========================= 12-09-2013 05:41:05 Windows Update 12-09-2013 06:22:06 Windows Update 12-09-2013 20:33:51 Windows Update 13-09-2013 07:55:38 Windows Update 13-09-2013 16:32:19 Windows Update 13-09-2013 21:43:07 Windows Update 17-09-2013 18:00:00 Windows Update 19-09-2013 19:11:30 Removed Microsoft Fix it Center 20-09-2013 18:16:46 Removed iTunes 20-09-2013 18:17:29 Removed QuickTime 20-09-2013 18:18:52 Installed iTunes 20-09-2013 18:56:23 Installed SpyHunter 20-09-2013 19:24:15 Removed SpyHunter ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-01-31 14:58 - 00000853 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {37FA2A90-F6E6-43A4-9600-CB27F6C9A56B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {4BBADF2C-2A68-4EE4-BB0E-3073B86E2A71} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe Task: {4D432CD6-6D2E-4752-A331-E1AA658E0A1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {5B33438F-80B4-4389-9E76-E68ECF79B8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.) Task: {5FFEF504-87D1-4763-A095-FC35BEC34A46} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {A3D2B064-FD02-452B-9569-7129F54CE7A4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {B94B2976-EDEB-4017-8E01-4F53ED792151} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd) Task: {E357C690-4822-4089-9DA7-BBE9D4845545} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EEA81B56-FB3C-4DC2-8E42-E11FDD1F933B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-21 21:55 - 2013-09-12 10:58 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-11-21 21:40 - 2012-05-21 04:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-11-21 21:40 - 2012-05-21 04:44 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-11-21 21:46 - 2012-03-12 12:14 - 00138528 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GuiCommon.dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00279328 _____ (Lucidlogix Inc.) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\GpuEnumerator.Dll 2012-11-21 21:46 - 2012-03-12 12:14 - 00047904 _____ (Test) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekasrv.dll 2012-11-21 21:46 - 2012-03-12 11:52 - 00291328 _____ (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekc6420.dll 2012-11-21 21:47 - 2011-05-19 10:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2013-09-20 22:23 - 2013-09-20 22:23 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_175.ocx 2012-11-21 21:47 - 2011-05-04 17:32 - 00094208 ____N () C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\de-DE\THXAudNB.resources.dll 2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm 2009-07-14 02:23 - 2009-07-14 03:38 - 00182272 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm 2012-12-19 00:22 - 2012-07-21 12:54 - 00361472 _____ (fccHandler) C:\Windows\system32\AACACM.acm 2012-12-19 00:22 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm 2012-12-19 00:22 - 2009-08-11 18:22 - 00580096 _____ () C:\Windows\system32\ac3filter.acm 2012-08-27 22:33 - 2012-08-27 22:33 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 00362336 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll 2013-05-10 20:21 - 2013-09-12 10:31 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll 2013-05-10 20:21 - 2013-09-12 10:22 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00489984 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\812063380a132051c054f5ca865f322e\IAStorUtil.ni.dll 2013-09-03 07:26 - 2013-09-03 07:26 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e218ecb21700f8ba41ec9d7415567388\IAStorCommon.ni.dll ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/24/2013 07:26:30 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2013 07:24:38 AM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/23/2013 05:26:03 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2013 05:24:12 PM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/23/2013 08:02:25 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error: (09/23/2013 07:34:20 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2013 07:32:29 AM) (Source: ISCT Agent) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 09:51:50 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 09:50:22 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/22/2013 08:49:02 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Microsoft Office Sessions: ========================= Error: (09/24/2013 07:26:30 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2013 07:24:38 AM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/23/2013 05:26:03 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2013 05:24:12 PM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/23/2013 08:02:25 AM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (09/23/2013 07:34:20 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2013 07:32:29 AM) (Source: ISCT Agent)(User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (09/22/2013 09:51:50 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe Error: (09/22/2013 09:50:22 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (09/22/2013 08:49:02 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\04_Download\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2012-09-01 08:22:19.032 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:58.055 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.977 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.914 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 08:17:57.805 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 07:52:31.774 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:18:38.709 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:12:10.453 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:08:14.294 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-09-01 00:01:42.723 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 22% Total physical RAM: 8087.01 MB Available physical RAM: 6295.05 MB Total Pagefile: 16172.2 MB Available Pagefile: 14251.27 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:99.79 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:770.37 GB) NTFS Drive g: (PES2014_R2) (CDROM) (Total:5.79 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: FE2717B0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FE2717CB) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
24.09.2013, 18:35 | #12 |
/// the machine /// TB-Ausbilder | Tuvaro eingefangen! Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |