| |
| |||||||
Log-Analyse und Auswertung: Ihavenet.com weiterleitungenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.10.2013, 15:34
| #1 |
 |  Ihavenet.com weiterleitungen Hallo, jedesmal werde ich im Firefox (über Google) auf die Seite Ihavenet.com oder fastclickblabla.com weitergeleitet und lässt sich nicht ändern. Avira und Malewarebytes zeigen nichts an. Ich hoffe ihr könnt mir helfen: Hier OTL Logs: Code:
ATTFilter OTL logfile created on: 27.10.2013 15:27:40 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Silenia\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,99 Gb Total Physical Memory | 4,66 Gb Available Physical Memory | 77,84% Memory free 11,98 Gb Paging File | 10,53 Gb Available in Paging File | 87,92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 820,31 Gb Total Space | 569,99 Gb Free Space | 69,48% Space Free | Partition Type: NTFS Drive F: | 111,10 Gb Total Space | 75,44 Gb Free Space | 67,90% Space Free | Partition Type: NTFS Computer Name: SILENIA-PC | User Name: Silenia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.10.27 15:26:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silenia\Desktop\OTL.exe PRC - [2013.10.17 08:08:29 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe PRC - [2013.09.11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.08.27 22:16:03 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe ========== Modules (No Company Name) ========== MOD - [2013.09.11 03:26:52 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.01.10 00:06:47 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.10.23 19:33:37 | 000,484,592 | ---- | M] (BitRaider, LLC) [Disabled | Stopped] -- C:\ProgramData\BitRaider\BRSptSvc.exe -- (BRSptSvc) SRV - [2013.10.15 15:54:02 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.10.09 14:18:57 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.10.09 03:19:14 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.09.18 09:33:07 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.08.27 22:17:43 | 014,997,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV - [2013.08.27 22:16:03 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.02.08 13:31:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.09.19 11:29:44 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2013.08.20 14:33:40 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2013.06.16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2013.01.10 00:06:47 | 000,478,208 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:64bit: - [2013.01.10 00:06:47 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MCfilt64.sys -- (MCfilt) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2013.10.03 18:12:50 | 000,075,048 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRDriver64.sys -- (BRDriver64) DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKLM\..\SearchScopes,DefaultScope = {1D4C7998-23E9-2D4C-628E-7707719D555D} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{1D4C7998-23E9-2D4C-628E-7707719D555D}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.15 13:04:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.15 13:04:30 | 000,000,000 | ---D | M] [2013.10.27 12:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silenia\AppData\Roaming\mozilla\Extensions [2013.10.27 13:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silenia\AppData\Roaming\mozilla\Firefox\Profiles\fsnkgbki.default\extensions [2013.10.27 13:00:48 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Silenia\AppData\Roaming\mozilla\firefox\profiles\fsnkgbki.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.10.27 12:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.10.27 12:59:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2013.10.27 14:18:32 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found. O4 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBFD6777-58EB-402A-9F0F-D08AFC716A1A}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sdnclean64.exe) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.10.27 15:26:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Silenia\Desktop\OTL.exe [2013.10.27 14:59:47 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\GHISLER [2013.10.27 14:48:37 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.10.27 14:48:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.10.27 14:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Fix 2013 [2013.10.27 14:12:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.10.27 13:19:46 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\NPE [2013.10.27 13:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2013.10.27 13:00:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2013.10.27 12:59:30 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Mozilla [2013.10.27 12:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.10.27 12:59:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.10.27 12:48:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup [2013.10.27 12:48:13 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\BonanzaDealsLive [2013.10.27 12:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\BonanzaDealsLive [2013.10.27 12:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BonanzaDealsLive [2013.10.27 12:48:03 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Systweak [2013.10.27 12:48:01 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe [2013.10.27 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\mysearchdial [2013.10.27 12:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BonanzaDeals [2013.10.27 12:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2013.10.27 12:06:29 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\ElevatedDiagnostics [2013.10.23 20:04:48 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\Diagnostics [2013.10.23 18:26:35 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013.10.23 18:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.10.23 18:17:01 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Anvisoft [2013.10.23 18:09:55 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\Anvisoft [2013.10.23 18:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft [2013.10.23 12:47:30 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Malwarebytes [2013.10.22 18:01:28 | 030,344,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013.10.22 18:01:28 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013.10.22 18:01:28 | 022,933,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013.10.22 18:01:28 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013.10.22 18:01:28 | 011,415,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013.10.22 18:01:28 | 011,362,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013.10.22 18:01:28 | 009,516,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013.10.22 18:01:28 | 009,472,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013.10.22 18:01:28 | 003,131,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013.10.22 18:01:28 | 003,124,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013.10.22 18:01:28 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013.10.22 18:01:28 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013.10.22 18:01:28 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll [2013.10.22 18:01:28 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll [2013.10.22 18:01:28 | 001,241,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013.10.22 18:01:28 | 000,696,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013.10.22 18:01:28 | 000,655,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013.10.22 18:01:28 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013.10.22 18:01:28 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013.10.22 18:01:28 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013.10.22 18:01:28 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013.10.22 18:01:28 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013.10.22 18:01:28 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013.10.15 15:54:06 | 000,589,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013.10.13 21:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon's Prophet [2013.10.13 21:02:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon's Prophet [2013.10.11 14:55:05 | 000,000,000 | ---D | C] -- C:\CrashReport [2013.10.10 22:32:27 | 000,000,000 | ---D | C] -- C:\Users\Silenia\Documents\dragoon [2013.10.10 20:52:05 | 000,000,000 | ---D | C] -- C:\Users\Silenia\Desktop\Dragon,prophet [2013.10.10 20:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Solid State Networks [2013.10.09 21:14:10 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.10.09 21:14:09 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.10.09 21:14:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.10.09 21:14:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.10.09 21:14:09 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.10.09 21:14:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.10.09 21:14:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.10.09 21:14:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.10.09 21:14:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.10.09 21:14:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.10.09 21:14:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.10.09 21:14:08 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.10.09 21:14:08 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.10.09 21:14:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.10.09 21:14:07 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.10.09 09:46:17 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2013.10.09 09:46:15 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.10.09 09:46:15 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013.10.09 09:46:15 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013.10.09 09:46:15 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2013.10.09 09:46:15 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013.10.09 09:46:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2013.10.09 09:46:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013.10.09 09:46:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2013.10.09 09:46:14 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2013.10.09 09:46:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2013.10.09 09:46:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2013.10.09 09:46:13 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys [2013.10.09 09:46:05 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [2013.10.09 09:46:05 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll [2013.10.09 09:46:04 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2013.10.09 09:46:04 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.10.27 15:26:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silenia\Desktop\OTL.exe [2013.10.27 15:24:52 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.10.27 15:24:44 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\ugrpfptvte.job [2013.10.27 15:24:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.10.27 15:14:25 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.10.27 15:14:25 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.10.27 15:14:25 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.10.27 15:14:25 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.10.27 15:14:25 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.10.27 14:59:49 | 000,000,632 | ---- | M] () -- C:\Users\Silenia\Desktop\Total Commander.lnk [2013.10.27 14:45:29 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.10.27 14:45:29 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.10.27 14:18:32 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.10.27 14:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.10.27 14:13:02 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.10.27 13:29:20 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013.10.27 12:59:19 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.10.27 12:47:58 | 000,351,112 | ---- | M] () -- C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx [2013.10.23 12:40:24 | 000,208,384 | RHS- | M] () -- C:\Windows\SysWow64\proquotah.dll [2013.10.16 01:48:05 | 030,344,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013.10.16 01:48:05 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013.10.16 01:48:05 | 022,933,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013.10.16 01:48:05 | 018,290,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013.10.16 01:48:05 | 018,243,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013.10.16 01:48:05 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013.10.16 01:48:05 | 015,858,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013.10.16 01:48:05 | 015,244,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013.10.16 01:48:05 | 011,415,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013.10.16 01:48:05 | 011,362,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013.10.16 01:48:05 | 009,516,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013.10.16 01:48:05 | 009,472,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013.10.16 01:48:05 | 003,131,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013.10.16 01:48:05 | 003,124,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013.10.16 01:48:05 | 003,067,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013.10.16 01:48:05 | 002,946,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013.10.16 01:48:05 | 002,747,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013.10.16 01:48:05 | 002,694,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013.10.16 01:48:05 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll [2013.10.16 01:48:05 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll [2013.10.16 01:48:05 | 001,435,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013.10.16 01:48:05 | 001,241,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013.10.16 01:48:05 | 000,696,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013.10.16 01:48:05 | 000,655,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013.10.16 01:48:05 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013.10.16 01:48:05 | 000,560,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013.10.16 01:48:05 | 000,317,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013.10.16 01:48:05 | 000,266,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013.10.16 01:48:05 | 000,168,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013.10.16 01:48:05 | 000,141,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013.10.16 01:48:05 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.10.16 01:48:05 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.10.16 01:48:05 | 000,023,287 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013.10.15 22:47:39 | 006,665,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013.10.15 22:47:39 | 003,489,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013.10.15 22:47:36 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013.10.15 22:47:36 | 000,219,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013.10.15 22:47:36 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013.10.15 15:54:06 | 000,589,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013.10.13 21:10:37 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Dragon's Prophet.lnk [2013.10.10 10:16:12 | 002,343,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.10.09 21:13:42 | 001,590,298 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.10.09 14:18:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.10.09 14:18:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.10.08 20:14:15 | 003,398,914 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.10.27 14:59:49 | 000,000,632 | ---- | C] () -- C:\Users\Silenia\Desktop\Total Commander.lnk [2013.10.27 13:29:20 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013.10.27 12:59:19 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.10.27 12:59:19 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.10.27 12:47:59 | 000,351,112 | ---- | C] () -- C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx [2013.10.23 12:40:24 | 000,208,384 | RHS- | C] () -- C:\Windows\SysWow64\proquotah.dll [2013.10.23 12:40:24 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\ugrpfptvte.job [2013.10.13 21:10:37 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Dragon's Prophet.lnk [2013.10.12 16:51:53 | 000,675,988 | ---- | C] () -- C:\Users\Silenia\Desktop\Minecraft.exe [2013.10.09 09:46:14 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.09.14 13:53:49 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.08.25 20:14:21 | 000,039,874 | ---- | C] () -- C:\Windows\DIIUnin.dat [2013.06.28 16:47:19 | 000,040,960 | R--- | C] () -- C:\Windows\SysWow64\psfind.dll [2013.01.10 17:24:51 | 000,007,611 | ---- | C] () -- C:\Users\Silenia\AppData\Local\Resmon.ResmonCfg [2013.01.10 00:06:58 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2013.01.09 23:31:56 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.01.09 23:31:56 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.12.18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.12.18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.12.18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.10.13 14:05:11 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\.minecraft [2013.10.23 18:28:55 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Anvisoft [2013.04.26 18:49:17 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\ftblauncher [2013.05.09 18:17:02 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\GetRightToGo [2013.10.27 15:25:36 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\GHISLER [2013.10.27 12:48:02 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\mysearchdial [2013.09.05 22:26:59 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Origin [2013.06.15 12:13:44 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\RIFT [2013.10.27 12:57:35 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Samsung [2013.10.27 12:54:48 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Systweak [2013.04.26 19:47:20 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\TERA [2013.01.10 00:19:08 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Thunderbird [2013.10.27 14:25:23 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\TS3Client [2013.01.17 00:37:41 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\TuneUp Software ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 27.10.2013 15:27:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Silenia\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,99 Gb Total Physical Memory | 4,66 Gb Available Physical Memory | 77,84% Memory free
11,98 Gb Paging File | 10,53 Gb Available in Paging File | 87,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 820,31 Gb Total Space | 569,99 Gb Free Space | 69,48% Space Free | Partition Type: NTFS
Drive F: | 111,10 Gb Total Space | 75,44 Gb Free Space | 67,90% Space Free | Partition Type: NTFS
Computer Name: SILENIA-PC | User Name: Silenia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C0E382-9FEA-4C33-830A-E2471DAC6597}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{07E0AC19-2715-4247-B62B-2B4037C0683E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{07FAD35C-7436-443D-BD25-5A4821657A62}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{08795592-E215-4102-A7F1-744EFFFC5602}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{108C5904-BA14-4B4B-848E-19BE5260DA79}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16890A8C-DC50-41AB-9C4F-AFB688931868}" = lport=138 | protocol=17 | dir=in | app=system |
"{193F3429-B302-420C-8751-025BCE3DA767}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DE7BF52-1EB0-4C3B-97A2-0CBA0363C71F}" = rport=138 | protocol=17 | dir=out | app=system |
"{24A34666-2B79-4F7C-AF58-8AE89F506928}" = lport=2869 | protocol=6 | dir=in | app=system |
"{463F9728-E1A7-4014-8F8D-13FC3F082B93}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{53E611FD-2138-4492-BD8D-C494840FD080}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{555BD095-B187-4853-869D-F1193B22C51A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{59D5764F-B939-4451-967F-4FA4A6784505}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5CE02984-27DD-4CD7-93EC-815B596DB2A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{659B487D-66B2-432F-9E8A-59D59239C1C6}" = rport=139 | protocol=6 | dir=out | app=system |
"{7AEA62A9-38A2-46CC-9A0F-5DD5DBD8FF55}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{83AF6823-5F3B-48D5-B49B-DA2565085932}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88B628EC-4020-4308-A6A6-5503D47B41DB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8953B8D7-E9F6-4D27-A51D-D8D90A50FFDE}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{8AAEE3DE-184B-48E4-BE58-254F367D4801}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8DC38D75-D593-45FC-80FE-559EACE141CD}" = rport=137 | protocol=17 | dir=out | app=system |
"{9098A4D4-2DE7-4270-A503-52CF37823FAD}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{95AD3E99-0D7C-40FD-9B7D-D6E3F60D9D39}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9ADA85D6-D822-4188-88DA-BD930571B173}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A96F9750-2ECE-4CCE-93E9-1895FC396FF0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AE6D561C-6EE3-4026-BE23-62B9FBA23F24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8DB5C06-5894-4195-87E2-5B5CFE7E7E85}" = lport=445 | protocol=6 | dir=in | app=system |
"{C12EB78C-6670-49F3-A4E4-7E35B1C7AE77}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C288BE73-C6F0-4E43-9BE9-ADA6333E6C81}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C81BE1F8-AEB3-43A8-AD36-70D0D4008603}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C8EAE21F-64E3-4D9D-92DE-EE9B634B5039}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C99E3AA4-5DCC-417B-9FC7-6720FB40CD12}" = rport=445 | protocol=6 | dir=out | app=system |
"{CB27A5AC-98A2-4604-AE93-D83669641BCA}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{CECFB405-ADBA-4B8D-96BF-6A4320D3ED8C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC723150-06B4-40C7-B4A6-75723D43B280}" = lport=137 | protocol=17 | dir=in | app=system |
"{E518DE6F-ACE9-4BAA-9966-2D06BA0BABB9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{E595ACFC-D70D-4C94-9B7C-2ABA9FA6D46C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F29273A0-FD6F-4600-AFA3-1A7EF214C35D}" = lport=139 | protocol=6 | dir=in | app=system |
"{FD69FE19-F774-43A3-95C9-24C5C85FE05F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ECAC529-B006-4E97-B01F-22925D13FD4D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22AFD0BB-0868-4788-83C2-286E35E7AA6A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{29152DAD-957C-4CD0-BAB9-FA771A935050}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D7CB14C-1E1E-47AE-B303-25BF39381A94}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3054AF1F-53EC-47BE-A759-EC1FF5D047EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{30619D5E-31E0-478A-BD3D-6CFBE7908285}" = dir=out | app=c:\program files (x86)\dragon's prophet\dp_x64.exe |
"{3147B0D5-3069-408C-9C0A-6157C8BCF04B}" = dir=out | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"{34F0867E-E94E-476E-A5B9-FD5045007785}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3522EFAD-DC5E-4A1C-900F-DD8C094901C6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{39C259B1-9858-4D36-8DC3-1D32CA732EB9}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{4894DBA6-4D06-4EDD-8596-2F18ACC03B07}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{489BD8BF-DC5E-45F7-9F82-1DE9920DD51F}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{50F52B39-3E1F-4433-BE2B-E442B371A0EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5619B1E9-AD53-4ED9-881E-7E105B2BA562}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{5994A883-99E8-4058-8841-CF532F57DA70}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{5FDB7C20-1D99-4128-AF65-CB58D66B9A7E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6091777A-EB34-4345-8E5D-C859FE5B9890}" = protocol=6 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe |
"{60B8CF3E-DC05-4328-A694-D24A7730BC3A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6928A12D-1433-4F60-ABF9-53FDAEAEED22}" = dir=out | app=c:\program files (x86)\dragon's prophet\dp_x86.exe |
"{6E5BF00C-4D1F-4B8D-8BAB-F4E4D384092A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{745342C5-7680-44FB-8F45-0A0789458F51}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7567578A-2081-41E9-9506-B37E341D47B8}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{762359EF-A18B-4831-AA25-9ACB9C71DE45}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{7B4A510D-4191-4A7A-8BC6-10B1513499C8}" = protocol=17 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe |
"{7C181101-5BC0-4FE0-8936-296922DDDDBA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7DB3C7D2-3C35-40B7-BBC3-FB0C3CF1046E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{822DF890-091D-4D1A-9B30-47F3033FCAC5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{83999BEB-68F3-4474-98EE-1AB762E48789}" = protocol=6 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe |
"{88A86E8F-C078-45ED-834B-8379F9C38235}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online.exe |
"{8AC56702-C98C-453F-B139-FEB0C9632067}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing.exe |
"{8BE3006B-8732-49A0-8088-64A1820E0703}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{8BE30CC3-3E6F-49C7-9DB0-E821E37CD828}" = dir=in | app=c:\program files (x86)\dragon's prophet\dp_x86.exe |
"{9228AF95-665F-4E8A-9438-8B3B6C453667}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{9A1144E1-1FC7-45DA-B68C-E096A305E251}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A13FB861-14F3-436D-8B97-7952B9B8FD87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2C6FB99-2C7F-4C09-BB32-E723C1CF6A1E}" = protocol=6 | dir=out | app=system |
"{A4D9638F-475F-49F2-BDD5-909B64F7C078}" = protocol=17 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe |
"{AB4C2B71-ABFD-4800-A438-0C9A187E78FC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B28CF4A3-11F5-4577-94E1-88B9A38DDDB1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B55A8570-F6BA-4909-895D-982CFFAAE18A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B5E56D2F-2191-4112-B419-41EF2EFBDC36}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BB932E14-3D8F-427A-88CD-7E52FBB3C159}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{C5307741-151A-412D-8BFF-EE678C59A526}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C74AAE2F-F943-49D0-BA3A-C8FF9AD1EFA0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C7CB48B2-567B-4008-9D50-3CDC86DD0BEB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CC4A92CD-FECC-4AC4-B1D4-871FF3F118DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD3BBAD7-735B-47BD-BA07-D9138C11C2D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D16568F5-E67F-4C81-BCA8-44707CC4DBF9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D637E70E-721B-4426-8E7B-EBFD2DD04C20}" = dir=in | app=c:\program files (x86)\dragon's prophet\dp_x64.exe |
"{D8C329B3-050E-4D98-B6DE-465D1D5EC654}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing.exe |
"{D9473716-C0C6-452F-BF0E-F16BF8F18BEB}" = dir=in | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"{D9717880-BC39-4985-BD17-71E24F58325B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{F405A91C-938B-4E0F-B2DB-E2759D15E538}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FF770E77-FB92-4774-AAE0-7BBEB5B4D937}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online.exe |
"TCP Query User{33F6036C-CB74-43E9-8860-BC571EB3FA81}C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe |
"TCP Query User{36081A30-7FDC-47FE-8604-F4DD010C259A}C:\program files (x86)\dragon's prophet\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"TCP Query User{45916E02-E494-4E6C-8DC3-1739308B274E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{46DE5ACC-9D12-4715-A942-8BD5318B0042}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |
"TCP Query User{7CDD4FA2-E8F5-4361-A50B-70FE70C6CFB7}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{7F4E99DD-F770-4474-9292-4227F4059E72}C:\program files (x86)\thq\titan quest immortal throne\tqit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\titan quest immortal throne\tqit.exe |
"TCP Query User{A43EEC2D-5F9B-420F-ABD3-91841C31B58C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E585BA35-E317-4135-B50E-72821B7D8707}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{05BBDCDC-6A05-4490-8F84-69F754916AFA}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{2AEC6A6D-1ABB-437F-9394-082DA176E8AB}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{502A271A-1E5C-43C5-BD62-41F4941B4250}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |
"UDP Query User{8344BE64-ED60-407B-85CD-01605F758EB8}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{C38D0482-9BEB-4445-A4E8-F2E80F2AE10B}C:\program files (x86)\dragon's prophet\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"UDP Query User{E3A9B75A-B379-4717-9803-41B872F63879}C:\program files (x86)\thq\titan quest immortal throne\tqit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\titan quest immortal throne\tqit.exe |
"UDP Query User{EC774901-667F-4623-8BE9-1A78CA33127D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{F6FE9F9C-78F4-4BE5-B14B-5F8CC16325E4}C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = Die Sims™ 3 Jahreszeiten
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1" = Game Dev Tycoon Version 1.3.9
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Deutsch
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = Die Sims™ 3 Supernatural
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C31556D7-F2B9-4787-B223-F7A035067E89}_is1" = Dragon's Prophet
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = Die Sims™ 3 Inselparadies
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{EDEE71DB-99FD-4672-8E6A-B314865D0D4C}" = roomeon 3D-Planer
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"BitRaider Web Client" = BitRaider Web Client
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"Mozilla Firefox 24.0 (x86 de)" = Mozilla Firefox 24.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Steam App 215530" = The Incredible Adventures of Van Helsing
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 9900" = Star Trek Online
"swtor_swtor" = Star Wars The Old Republic
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Uplay" = Uplay
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR Archivierer
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2013 16:14:33 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 09.10.2013 16:14:44 | Computer Name = Silenia-PC | Source = VSS | ID = 13
Description =
Error - 09.10.2013 16:14:44 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 09.10.2013 16:14:57 | Computer Name = Silenia-PC | Source = VSS | ID = 13
Description =
Error - 09.10.2013 16:14:57 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 09.10.2013 16:15:10 | Computer Name = Silenia-PC | Source = VSS | ID = 13
Description =
Error - 09.10.2013 16:15:10 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 10.10.2013 17:44:38 | Computer Name = Silenia-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 10.0.9200.16720 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1128 Startzeit: 01cec601cba42749 Endzeit: 0 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Berichts-ID:
Error - 11.10.2013 04:32:15 | Computer Name = Silenia-PC | Source = Application Hang | ID = 1002
Description = Programm dp_x64.exe, Version 1.0.0.42 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: dbc Startzeit:
01cec6561d9adda1 Endzeit: 27 Anwendungspfad: C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
Berichts-ID:
88f938e7-324f-11e3-bf82-00248c263403
Error - 11.10.2013 09:25:57 | Computer Name = Silenia-PC | Source = Application Hang | ID = 1002
Description = Programm dp_x64.exe, Version 1.0.0.42 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c54 Startzeit:
01cec684f6b835f9 Endzeit: 29 Anwendungspfad: C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
Berichts-ID:
a7db15b1-3278-11e3-bf82-00248c263403
[ System Events ]
Error - 24.10.2013 10:40:22 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Spybot-S&D 2 Scanner Service erreicht.
Error - 24.10.2013 10:40:22 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 24.10.2013 10:55:55 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 10:55:55 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 24.10.2013 11:26:24 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 24.10.2013 11:26:30 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 11:26:45 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 11:29:41 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 24.10.2013 11:29:49 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 11:29:57 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
Geändert von Niduin (27.10.2013 um 15:51 Uhr) |
|
27.10.2013, 16:14
| #2 |
| /// Malwareteam   | Ihavenet.com weiterleitungen Mein Name ist Heiko, ich werde dir bei deinem Problem helfen. Die Bereinigung deines Systems ist individuell auf dich zugeschnitten und mitunter mit viel Arbeit für uns beide verbunden.  Bitte Lesen:Regeln für die Bereinigung Eine Bereinigung beinhaltet nebst dem Entfernen von Malware auch das Schließn von Sicherheitslücken und sollte gründlich durchgeführt werden. Sie erfolgt deshalb in mehreren Schritten und bedeutet einigen Aufwand für dich. Beachte: Das Verschwinden der offensichtlichen Symptome bedeutet nicht, dass das System schon sauber ist. Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du mit der abarbeitung der Schritte beginnst.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg. Dann fangen wir mal mit Schritt 1 an: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
27.10.2013, 21:51
| #3 |
| | Ihavenet.com weiterleitungen Nabend Heiko,
__________________danke für deine Hilfe ;-) Dann wollen wir mal... FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2013 01
Ran by Silenia (administrator) on SILENIA-PC on 27-10-2013 21:49:30
Running from C:\Users\Silenia\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2013-01-10] (Analog Devices, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
SearchScopes: HKLM-x32 - DefaultScope {1D4C7998-23E9-2D4C-628E-7707719D555D} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM-x32 - {1D4C7998-23E9-2D4C-628E-7707719D555D} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
==================== Services (Whitelisted) =================
S4 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2013-01-10] (Andrea Electronics Corporation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-10-23] (BitRaider, LLC)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-10-03] (BitRaider)
R3 MCfilt; C:\Windows\System32\drivers\MCfilt64.sys [25600 2013-01-10] (Creative Technology Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST
2013-10-27 21:48 - 2013-10-27 21:48 - 01956442 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe
2013-10-27 15:33 - 2013-10-27 15:40 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt
2013-10-27 15:32 - 2013-10-27 15:39 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt
2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe
2013-10-27 14:59 - 2013-10-27 15:25 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER
2013-10-27 14:56 - 2013-10-27 14:57 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe
2013-10-27 14:27 - 2013-10-27 14:31 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-10-27 14:12 - 2013-10-27 14:22 - 00000000 ____D C:\Windows\erdnt
2013-10-27 13:42 - 2013-10-27 13:43 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe
2013-10-27 13:35 - 2013-10-27 13:37 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe
2013-10-27 13:19 - 2013-10-27 13:34 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE
2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe
2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton
2013-10-27 13:00 - 2013-10-27 14:35 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 12:48 - 2013-10-27 12:54 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Systweak
2013-10-27 12:48 - 2013-10-27 12:53 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-27 12:48 - 2013-10-27 12:53 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-27 12:48 - 2013-10-27 12:48 - 00000000 ____D C:\Users\Silenia\AppData\Local\BonanzaDealsLive
2013-10-27 12:48 - 2013-10-27 12:48 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-27 12:48 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-10-27 12:47 - 2013-10-27 12:51 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-27 12:47 - 2013-10-27 12:48 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\mysearchdial
2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe
2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
2013-10-27 12:29 - 2013-10-27 12:29 - 00000000 ____D C:\ProgramData\APN
2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe
2013-10-26 16:02 - 2013-10-26 16:13 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe
2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe
2013-10-24 15:50 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20131024-165007.backup
2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Downloads\adwcleaner-3.010.exe
2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log
2013-10-23 18:35 - 2013-10-27 15:24 - 00201558 _____ C:\Windows\PFRO.log
2013-10-23 18:35 - 2013-10-27 15:24 - 00002856 _____ C:\Windows\setupact.log
2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 18:26 - 2013-10-24 15:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-23 18:26 - 2009-01-25 12:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-10-23 18:25 - 2013-10-23 18:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-23 18:17 - 2013-10-23 18:28 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft
2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe
2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:16 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe
2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft
2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes
2013-10-23 12:46 - 2013-10-23 12:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-23 12:40 - 2013-10-27 15:24 - 00000316 _____ C:\Windows\Tasks\ugrpfptvte.job
2013-10-23 12:40 - 2013-10-23 12:40 - 00208384 __RSH C:\Windows\SysWOW64\proquotah.dll
2013-10-23 12:40 - 2013-10-23 12:40 - 00002596 _____ C:\Windows\System32\Tasks\ugrpfptvte
2013-10-22 18:01 - 2013-10-16 01:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-22 18:01 - 2013-10-16 01:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-10-13 21:02 - 2013-10-14 12:27 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet
2013-10-12 16:51 - 2013-09-07 22:45 - 00675988 _____ C:\Users\Silenia\Desktop\Minecraft.exe
2013-10-11 14:55 - 2013-10-13 22:20 - 00000000 ____D C:\CrashReport
2013-10-10 22:32 - 2013-10-11 09:56 - 00000000 ____D C:\Users\Silenia\Documents\dragoon
2013-10-10 20:52 - 2013-10-10 22:22 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet
2013-10-10 20:50 - 2013-10-12 13:46 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe
2013-10-09 21:14 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 21:14 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 21:14 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 21:14 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 21:14 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 21:14 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 21:14 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 09:46 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 09:46 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 09:46 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 09:46 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:46 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:46 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 09:46 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 09:46 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 09:46 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 09:46 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 09:46 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 09:46 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 09:46 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 09:46 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 09:46 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 09:46 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 09:46 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 09:46 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 09:46 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 09:46 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 09:46 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 09:46 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-09 09:46 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-10-09 09:46 - 2012-11-28 23:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
==================== One Month Modified Files and Folders =======
2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST
2013-10-27 21:48 - 2013-10-27 21:48 - 01956442 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe
2013-10-27 21:47 - 2013-01-17 00:37 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-27 21:46 - 2013-01-18 18:31 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-10-27 21:46 - 2013-01-17 09:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-27 21:46 - 2013-01-09 23:43 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-27 21:44 - 2013-01-10 12:11 - 00000000 ____D C:\ProgramData\Adobe
2013-10-27 21:44 - 2013-01-09 23:34 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Adobe
2013-10-27 21:18 - 2013-01-09 23:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-27 21:13 - 2013-01-31 20:05 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 19:06 - 2013-01-09 23:21 - 01940876 _____ C:\Windows\WindowsUpdate.log
2013-10-27 16:21 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-27 16:21 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-27 15:40 - 2013-10-27 15:33 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt
2013-10-27 15:39 - 2013-10-27 15:32 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt
2013-10-27 15:30 - 2009-07-14 18:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-10-27 15:30 - 2009-07-14 18:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-10-27 15:30 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe
2013-10-27 15:25 - 2013-10-27 14:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER
2013-10-27 15:24 - 2013-10-23 18:35 - 00201558 _____ C:\Windows\PFRO.log
2013-10-27 15:24 - 2013-10-23 18:35 - 00002856 _____ C:\Windows\setupact.log
2013-10-27 15:24 - 2013-10-23 12:40 - 00000316 _____ C:\Windows\Tasks\ugrpfptvte.job
2013-10-27 15:24 - 2013-01-31 20:05 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-27 15:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-27 14:57 - 2013-10-27 14:56 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe
2013-10-27 14:47 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-10-27 14:35 - 2013-10-27 13:00 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-27 14:31 - 2013-10-27 14:27 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-10-27 14:25 - 2013-01-10 09:44 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\TS3Client
2013-10-27 14:24 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-10-27 14:22 - 2013-10-27 14:12 - 00000000 ____D C:\Windows\erdnt
2013-10-27 13:43 - 2013-10-27 13:42 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe
2013-10-27 13:37 - 2013-10-27 13:35 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe
2013-10-27 13:34 - 2013-10-27 13:19 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE
2013-10-27 13:30 - 2013-01-10 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe
2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton
2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 12:57 - 2013-01-16 18:58 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Samsung
2013-10-27 12:57 - 2013-01-16 18:54 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-27 12:56 - 2013-01-16 18:54 - 00000000 ____D C:\ProgramData\Samsung
2013-10-27 12:56 - 2013-01-10 00:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-27 12:54 - 2013-10-27 12:48 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Systweak
2013-10-27 12:53 - 2013-10-27 12:48 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-27 12:53 - 2013-10-27 12:48 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-27 12:53 - 2013-01-09 23:31 - 00000000 ___RD C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-27 12:51 - 2013-10-27 12:47 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-27 12:48 - 2013-10-27 12:48 - 00000000 ____D C:\Users\Silenia\AppData\Local\BonanzaDealsLive
2013-10-27 12:48 - 2013-10-27 12:48 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-27 12:48 - 2013-10-27 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\mysearchdial
2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe
2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
2013-10-27 12:47 - 2013-01-31 20:05 - 00000000 ____D C:\Users\Silenia\AppData\Local\Google
2013-10-27 12:37 - 2013-05-15 13:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-27 12:29 - 2013-10-27 12:29 - 00000000 ____D C:\ProgramData\APN
2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-26 16:13 - 2013-10-26 16:02 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe
2013-10-26 15:32 - 2013-01-23 17:17 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-24 17:11 - 2013-01-09 23:31 - 00001425 _____ C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe
2013-10-24 16:18 - 2013-01-10 09:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe
2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-24 15:39 - 2013-10-23 18:26 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Downloads\adwcleaner-3.010.exe
2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log
2013-10-23 19:33 - 2013-09-14 21:26 - 00000000 ____D C:\ProgramData\BitRaider
2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 18:28 - 2013-10-23 18:17 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft
2013-10-23 18:26 - 2013-10-23 18:25 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-23 18:16 - 2013-10-23 18:09 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-10-23 18:16 - 2013-01-09 23:18 - 00000000 ____D C:\Windows\Panther
2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe
2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe
2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft
2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes
2013-10-23 12:47 - 2013-10-23 12:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-23 12:40 - 2013-10-23 12:40 - 00208384 __RSH C:\Windows\SysWOW64\proquotah.dll
2013-10-23 12:40 - 2013-10-23 12:40 - 00002596 _____ C:\Windows\System32\Tasks\ugrpfptvte
2013-10-22 18:04 - 2013-01-09 23:42 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-22 18:03 - 2013-01-09 23:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-17 08:08 - 2013-01-31 20:05 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-17 08:08 - 2013-01-31 20:05 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-16 01:48 - 2013-10-22 18:01 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-16 01:48 - 2013-10-22 18:01 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-16 01:48 - 2013-09-14 13:51 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-16 01:48 - 2013-09-14 13:51 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-16 01:48 - 2013-03-21 17:51 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-16 01:48 - 2013-01-09 23:53 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-16 01:48 - 2013-01-09 23:53 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-16 01:48 - 2013-01-09 23:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-10-16 01:48 - 2013-01-09 23:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-10-16 01:48 - 2012-10-10 21:23 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-16 01:48 - 2012-10-10 21:23 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-16 01:48 - 2012-10-10 21:22 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-15 22:47 - 2013-01-09 23:42 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-15 22:47 - 2013-01-09 23:42 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-14 12:27 - 2013-10-13 21:02 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet
2013-10-13 22:20 - 2013-10-11 14:55 - 00000000 ____D C:\CrashReport
2013-10-13 21:11 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-10-13 14:05 - 2013-01-16 19:29 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\.minecraft
2013-10-12 13:46 - 2013-10-10 20:50 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-10-11 18:01 - 2013-01-09 23:30 - 00000000 ____D C:\Users\Silenia
2013-10-11 09:56 - 2013-10-10 22:32 - 00000000 ____D C:\Users\Silenia\Documents\dragoon
2013-10-10 22:22 - 2013-10-10 20:52 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet
2013-10-10 20:54 - 2013-06-14 23:02 - 00000000 ____D C:\Program Files (x86)\RIFT Game
2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe
2013-10-10 10:16 - 2009-07-14 05:45 - 02343336 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 21:13 - 2013-09-14 13:53 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 21:11 - 2013-09-05 23:26 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 14:18 - 2013-01-09 23:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 14:18 - 2013-01-09 23:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 14:18 - 2013-01-09 23:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 20:14 - 2013-01-09 23:42 - 03398914 _____ C:\Windows\system32\nvcoproc.bin
2013-09-29 13:07 - 2013-01-26 16:26 - 00494080 ___SH C:\Users\Silenia\Desktop\Thumbs.db
Some content of TEMP:
====================
C:\Users\Silenia\AppData\Local\Temp\TUUUninstallHelper.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-23 18:57
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2013 01
Ran by Silenia at 2013-10-27 21:49:43
Running from C:\Users\Silenia\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
BitRaider Web Client (x32 Version: 1.1.8.1)
Diablo II (x32)
Diablo III (x32 Version: 1.0.8.16603)
Die Sims™ 3 (x32 Version: 1.63.4)
Die Sims™ 3 Design-Garten-Accessoires (x32 Version: 7.0.55)
Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136)
Die Sims™ 3 Late Night (x32 Version: 6.0.81)
Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152)
Die Sims™ 3 Luxus-Accessoires (x32 Version: 3.0.38)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86)
Die Sims™ 3 Supernatural (x32 Version: 15.0.135)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87)
Dragon's Prophet (x32 Version: 1.2.1161.12)
Game Dev Tycoon Version 1.3.9 (x32 Version: 1.3.9)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6215.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6)
NVIDIA 3D Vision Controller-Treiber 331.58 (Version: 331.58)
NVIDIA 3D Vision Treiber 331.58 (Version: 331.58)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 331.58 (Version: 331.58)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3158)
NVIDIA Systemsteuerung 331.58 (Version: 331.58)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Origin (x32 Version: 9.1.13.85)
RIFT (x32 Version: 1.0.0)
roomeon 3D-Planer (x32 Version: 1.4.2)
Sacred 2 (x32 Version: 2.0.2.0)
SHIELD Streaming (Version: 1.05.28)
SimCity™ (x32 Version: 1.0.0.0)
SoundMAX (x32 Version: 6.10.2.6600)
Star Trek Online (x32)
Star Wars The Old Republic (x32 Version: 7.0.0.7)
Star Wars: The Old Republic (x32 Version: 1.00)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.13.1)
TERA (x32 Version: 19.04.02.03.hf3)
The Elder Scrolls V: Skyrim (x32)
The Incredible Adventures of Van Helsing (x32)
Titan Quest (x32 Version: 1.00.0000)
Titan Quest Immortal Throne (x32 Version: 1.00.0000)
Uplay (x32 Version: 2.1)
VLC media player 2.0.5 (x32 Version: 2.0.5)
WinRAR Archivierer (x32)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-10-27 14:18 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {2B820CE2-37C7-4511-B85A-AA05FF5B0246} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {A702F995-F74F-4EB5-A361-30BC1EAF779A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {C43D2C38-5A79-4046-8BED-88F3114F30A3} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {CAF88964-6CDF-41B8-932E-18C842214F82} - System32\Tasks\ugrpfptvte => C:\Windows\SysWOW64\proquotah.dll [2013-10-23] ()
Task: {DCC9B73E-CC57-46C4-8A91-CFA56268EA9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ugrpfptvte.job => C:\Windows\SysWOW64\proquotah.dll
==================== Loaded Modules (whitelisted) =============
2013-01-10 09:21 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-10-27 12:59 - 2013-09-11 03:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/27/2013 02:41:49 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (10/27/2013 02:41:49 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (10/27/2013 02:34:41 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (10/27/2013 02:34:41 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (10/27/2013 02:12:47 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (10/27/2013 02:12:47 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (10/27/2013 01:58:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/27/2013 01:55:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/27/2013 01:47:15 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 16
Snapshotkontext: 16
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (10/27/2013 01:47:15 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 16
Snapshotkontext: 16
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
System errors:
=============
Error: (10/27/2013 09:46:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/27/2013 03:25:13 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422
Error: (10/27/2013 03:25:08 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422
Error: (10/27/2013 03:25:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/27/2013 03:19:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/27/2013 03:19:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/27/2013 03:19:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/27/2013 03:17:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/27/2013 03:17:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/27/2013 03:17:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-10-27 14:18:14.559
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-27 14:18:14.513
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 6135.12 MB
Available physical RAM: 4242.11 MB
Total Pagefile: 12268.42 MB
Available Pagefile: 10433.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:820.31 GB) (Free:570.81 GB) NTFS
Drive f: (Backup) (Fixed) (Total:111.1 GB) (Free:75.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30E917E0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=820 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
28.10.2013, 07:39
| #4 |
| /// Malwareteam | Ihavenet.com weiterleitungen Der Ihavenet.com ist nicht alles  da sitzt noch mehr ...Dann gehen wir es an: Schritt 1: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
Task: {CAF88964-6CDF-41B8-932E-18C842214F82} - System32\Tasks\ugrpfptvte => C:\Windows\SysWOW64\proquotah.dll [2013-10-23] ()
Task: C:\Windows\Tasks\ugrpfptvte.job => C:\Windows\SysWOW64\proquotah.dll
C:\Windows\SysWOW64\proquotah.dll
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3: erstelle bitte ein neues FRST Logfile. Starte dazu FRST und drücke auf SCAN. Poste das Logfile hier. |
|
28.10.2013, 13:14
| #5 |
| | Ihavenet.com weiterleitungenCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-10-2013
Ran by Silenia at 2013-10-28 13:10:43 Run:1
Running from C:\Users\Silenia\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
Task: {CAF88964-6CDF-41B8-932E-18C842214F82} - System32\Tasks\ugrpfptvte => C:\Windows\SysWOW64\proquotah.dll [2013-10-23] ()
Task: C:\Windows\Tasks\ugrpfptvte.job => C:\Windows\SysWOW64\proquotah.dll
C:\Windows\SysWOW64\proquotah.dll
*****************
esgiguard => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CAF88964-6CDF-41B8-932E-18C842214F82} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAF88964-6CDF-41B8-932E-18C842214F82} => Key deleted successfully.
C:\Windows\System32\Tasks\ugrpfptvte => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ugrpfptvte => Key deleted successfully.
C:\Windows\Tasks\ugrpfptvte.job => Moved successfully.
C:\Windows\SysWOW64\proquotah.dll => Moved successfully.
==== End of Fixlog ====
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013
Ran by Silenia (administrator) on SILENIA-PC on 28-10-2013 13:13:43
Running from C:\Users\Silenia\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2013-01-10] (Analog Devices, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
SearchScopes: HKLM-x32 - {1D4C7998-23E9-2D4C-628E-7707719D555D} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
S4 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2013-01-10] (Andrea Electronics Corporation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-10-23] (BitRaider, LLC)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-10-03] (BitRaider)
R3 MCfilt; C:\Windows\System32\drivers\MCfilt64.sys [25600 2013-01-10] (Creative Technology Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-28 13:13 - 2013-10-28 13:13 - 00002898 _____ C:\Users\Silenia\Desktop\AdwCleaner[S3].txt
2013-10-28 13:11 - 2013-10-28 13:12 - 00000000 ____D C:\AdwCleaner
2013-10-28 13:09 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe
2013-10-28 13:08 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Downloads\FRST64.exe
2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST
2013-10-27 15:33 - 2013-10-27 15:40 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt
2013-10-27 15:32 - 2013-10-27 15:39 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt
2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe
2013-10-27 14:59 - 2013-10-27 15:25 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER
2013-10-27 14:56 - 2013-10-27 14:57 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe
2013-10-27 14:27 - 2013-10-27 14:31 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-10-27 14:12 - 2013-10-27 14:22 - 00000000 ____D C:\Windows\erdnt
2013-10-27 13:42 - 2013-10-27 13:43 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe
2013-10-27 13:35 - 2013-10-27 13:37 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe
2013-10-27 13:19 - 2013-10-27 13:34 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE
2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe
2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton
2013-10-27 13:00 - 2013-10-27 14:35 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe
2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe
2013-10-26 16:02 - 2013-10-26 16:13 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe
2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe
2013-10-24 15:50 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20131024-165007.backup
2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Desktop\adwcleaner-3.010.exe
2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log
2013-10-23 18:35 - 2013-10-28 13:12 - 00003192 _____ C:\Windows\setupact.log
2013-10-23 18:35 - 2013-10-27 15:24 - 00201558 _____ C:\Windows\PFRO.log
2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 18:26 - 2013-10-24 15:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-23 18:26 - 2009-01-25 12:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-10-23 18:25 - 2013-10-23 18:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-23 18:17 - 2013-10-23 18:28 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft
2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe
2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:16 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe
2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft
2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes
2013-10-23 12:46 - 2013-10-23 12:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 18:01 - 2013-10-16 01:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-22 18:01 - 2013-10-16 01:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-10-13 21:02 - 2013-10-14 12:27 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet
2013-10-12 16:51 - 2013-09-07 22:45 - 00675988 _____ C:\Users\Silenia\Desktop\Minecraft.exe
2013-10-11 14:55 - 2013-10-13 22:20 - 00000000 ____D C:\CrashReport
2013-10-10 22:32 - 2013-10-11 09:56 - 00000000 ____D C:\Users\Silenia\Documents\dragoon
2013-10-10 20:52 - 2013-10-10 22:22 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet
2013-10-10 20:50 - 2013-10-12 13:46 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe
2013-10-09 21:14 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 21:14 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 21:14 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 21:14 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 21:14 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 21:14 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 21:14 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 09:46 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 09:46 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 09:46 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 09:46 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:46 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:46 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 09:46 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 09:46 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 09:46 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 09:46 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 09:46 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 09:46 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 09:46 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 09:46 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 09:46 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 09:46 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 09:46 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 09:46 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 09:46 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 09:46 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 09:46 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 09:46 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-09 09:46 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-10-09 09:46 - 2012-11-28 23:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
==================== One Month Modified Files and Folders =======
2013-10-28 13:13 - 2013-10-28 13:13 - 00002898 _____ C:\Users\Silenia\Desktop\AdwCleaner[S3].txt
2013-10-28 13:13 - 2013-01-31 20:05 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-28 13:13 - 2013-01-31 20:05 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-28 13:12 - 2013-10-28 13:11 - 00000000 ____D C:\AdwCleaner
2013-10-28 13:12 - 2013-10-23 18:35 - 00003192 _____ C:\Windows\setupact.log
2013-10-28 13:12 - 2013-01-09 23:43 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-28 13:12 - 2013-01-09 23:21 - 01975598 _____ C:\Windows\WindowsUpdate.log
2013-10-28 13:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-28 13:09 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe
2013-10-28 13:09 - 2013-10-28 13:08 - 01956538 _____ (Farbar) C:\Users\Silenia\Downloads\FRST64.exe
2013-10-28 13:07 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-28 13:07 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-28 13:04 - 2009-07-14 18:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-10-28 13:04 - 2009-07-14 18:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-10-28 13:04 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-27 23:41 - 2013-01-10 09:44 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\TS3Client
2013-10-27 23:18 - 2013-01-09 23:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST
2013-10-27 21:47 - 2013-01-17 00:37 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-27 21:46 - 2013-01-18 18:31 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-10-27 21:46 - 2013-01-17 09:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-27 21:44 - 2013-01-10 12:11 - 00000000 ____D C:\ProgramData\Adobe
2013-10-27 21:44 - 2013-01-09 23:34 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Adobe
2013-10-27 15:40 - 2013-10-27 15:33 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt
2013-10-27 15:39 - 2013-10-27 15:32 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt
2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe
2013-10-27 15:25 - 2013-10-27 14:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER
2013-10-27 15:24 - 2013-10-23 18:35 - 00201558 _____ C:\Windows\PFRO.log
2013-10-27 14:57 - 2013-10-27 14:56 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe
2013-10-27 14:47 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-10-27 14:35 - 2013-10-27 13:00 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-27 14:31 - 2013-10-27 14:27 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-10-27 14:24 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-10-27 14:22 - 2013-10-27 14:12 - 00000000 ____D C:\Windows\erdnt
2013-10-27 13:43 - 2013-10-27 13:42 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe
2013-10-27 13:37 - 2013-10-27 13:35 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe
2013-10-27 13:34 - 2013-10-27 13:19 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE
2013-10-27 13:30 - 2013-01-10 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe
2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton
2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 12:57 - 2013-01-16 18:58 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Samsung
2013-10-27 12:57 - 2013-01-16 18:54 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-27 12:56 - 2013-01-16 18:54 - 00000000 ____D C:\ProgramData\Samsung
2013-10-27 12:56 - 2013-01-10 00:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-27 12:53 - 2013-01-09 23:31 - 00000000 ___RD C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe
2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
2013-10-27 12:47 - 2013-01-31 20:05 - 00000000 ____D C:\Users\Silenia\AppData\Local\Google
2013-10-27 12:37 - 2013-05-15 13:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-26 16:13 - 2013-10-26 16:02 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe
2013-10-26 15:32 - 2013-01-23 17:17 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-24 17:11 - 2013-01-09 23:31 - 00001425 _____ C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe
2013-10-24 16:18 - 2013-01-10 09:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe
2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-24 15:39 - 2013-10-23 18:26 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Desktop\adwcleaner-3.010.exe
2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log
2013-10-23 19:33 - 2013-09-14 21:26 - 00000000 ____D C:\ProgramData\BitRaider
2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 18:28 - 2013-10-23 18:17 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft
2013-10-23 18:26 - 2013-10-23 18:25 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-23 18:16 - 2013-10-23 18:09 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-10-23 18:16 - 2013-01-09 23:18 - 00000000 ____D C:\Windows\Panther
2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe
2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe
2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft
2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes
2013-10-23 12:47 - 2013-10-23 12:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 18:04 - 2013-01-09 23:42 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-22 18:03 - 2013-01-09 23:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-17 08:08 - 2013-01-31 20:05 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-17 08:08 - 2013-01-31 20:05 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-16 01:48 - 2013-10-22 18:01 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-16 01:48 - 2013-10-22 18:01 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-16 01:48 - 2013-09-14 13:51 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-16 01:48 - 2013-09-14 13:51 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-16 01:48 - 2013-03-21 17:51 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-16 01:48 - 2013-01-09 23:53 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-16 01:48 - 2013-01-09 23:53 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-16 01:48 - 2013-01-09 23:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-10-16 01:48 - 2013-01-09 23:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-10-16 01:48 - 2012-10-10 21:23 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-16 01:48 - 2012-10-10 21:23 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-16 01:48 - 2012-10-10 21:22 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-15 22:47 - 2013-01-09 23:42 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-15 22:47 - 2013-01-09 23:42 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-14 12:27 - 2013-10-13 21:02 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet
2013-10-13 22:20 - 2013-10-11 14:55 - 00000000 ____D C:\CrashReport
2013-10-13 21:11 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-10-13 14:05 - 2013-01-16 19:29 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\.minecraft
2013-10-12 13:46 - 2013-10-10 20:50 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-10-11 18:01 - 2013-01-09 23:30 - 00000000 ____D C:\Users\Silenia
2013-10-11 09:56 - 2013-10-10 22:32 - 00000000 ____D C:\Users\Silenia\Documents\dragoon
2013-10-10 22:22 - 2013-10-10 20:52 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet
2013-10-10 20:54 - 2013-06-14 23:02 - 00000000 ____D C:\Program Files (x86)\RIFT Game
2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe
2013-10-10 10:16 - 2009-07-14 05:45 - 02343336 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 21:13 - 2013-09-14 13:53 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 21:11 - 2013-09-05 23:26 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 14:18 - 2013-01-09 23:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 14:18 - 2013-01-09 23:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 14:18 - 2013-01-09 23:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 20:14 - 2013-01-09 23:42 - 03398914 _____ C:\Windows\system32\nvcoproc.bin
2013-09-29 13:07 - 2013-01-26 16:26 - 00494080 ___SH C:\Users\Silenia\Desktop\Thumbs.db
Some content of TEMP:
====================
C:\Users\Silenia\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-23 18:57
==================== End Of Log ============================
|
|
28.10.2013, 13:39
| #6 |
| /// Malwareteam | Ihavenet.com weiterleitungen hi Schritt 2 fehlt mir noch... das FRST logfile muss nach dem ADWCleaner erstellt werden !
__________________ --> Ihavenet.com weiterleitungen |
|
28.10.2013, 14:11
| #7 |
| | Ihavenet.com weiterleitungen Ups - log von ADW vergessen. Hier: die reihenfolge habe ich gemacht wie du gesagt hast - Sprich die FRST log ist nach dem ADW cleaner erstellt worden - habe lediglich die log von ADW vergessen zu posten ;-) Hier ist sie Code:
ATTFilter # AdwCleaner v3.010 - Bericht erstellt am 28/10/2013 um 13:11:59
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Silenia - SILENIA-PC
# Gestartet von : C:\Users\Silenia\Desktop\adwcleaner-3.010.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\BonanzaDealsLive
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDealsLive
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Users\Silenia\AppData\Local\BonanzaDealsLive
Ordner Gelöscht : C:\Users\Silenia\AppData\LocalLow\Mysearchdial
Ordner Gelöscht : C:\Users\Silenia\AppData\Roaming\Mysearchdial
Ordner Gelöscht : C:\Users\Silenia\AppData\Roaming\Systweak
Datei Gelöscht : C:\Windows\System32\roboot64.exe
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Schlüssel Gelöscht : HKCU\Software\BonanzaDealsLive
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\BonanzaDealsLive
Schlüssel Gelöscht : HKLM\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16720
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v24.0 (de)
[ Datei : C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default\prefs.js ]
*************************
AdwCleaner[R3].txt - [3743 octets] - [28/10/2013 13:11:25]
AdwCleaner[S3].txt - [2750 octets] - [28/10/2013 13:11:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2810 octets] ##########
|
|
29.10.2013, 13:54
| #8 |
| /// Malwareteam | Ihavenet.com weiterleitungen Hi so gehts weiter: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
SearchScopes: HKLM-x32 - {1D4C7998-23E9-2D4C-628E-7707719D555D} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3: ESET Online Scanner
Schritt 4: ein frisches FRST logfile erstellen bitte und hier posten. |
|
29.10.2013, 15:36
| #9 |
| | Ihavenet.com weiterleitungen So fertig - hier die Logs: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-10-2013
Ran by Silenia at 2013-10-29 14:03:27 Run:2
Running from C:\Users\Silenia\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKLM - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
SearchScopes: HKLM-x32 - {1D4C7998-23E9-2D4C-628E-7707719D555D} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir=
SearchScopes: HKCU - {348DD59B-638A-B72F-089B-6A5E84F007E2} URL =
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{348DD59B-638A-B72F-089B-6A5E84F007E2} => Key deleted successfully.
HKCR\CLSID\{348DD59B-638A-B72F-089B-6A5E84F007E2} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{1D4C7998-23E9-2D4C-628E-7707719D555D} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1D4C7998-23E9-2D4C-628E-7707719D555D} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{348DD59B-638A-B72F-089B-6A5E84F007E2} => Key deleted successfully.
HKCR\CLSID\{348DD59B-638A-B72F-089B-6A5E84F007E2} => Key not found.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.29.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 Silenia :: SILENIA-PC [Administrator] 29.10.2013 14:07:06 mbam-log-2013-10-29 (14-07-06).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 236290 Laufzeit: 2 Minute(n), 24 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Silenia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=70be8292c778bd49a1f0dc140cbd0db3
# engine=15679
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-29 02:32:54
# local_time=2013-10-29 03:32:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 4601847 134687024 0 0
# scanned=196896
# found=0
# cleaned=0
# scan_time=4755
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013 Ran by Silenia (administrator) on SILENIA-PC on 29-10-2013 15:34:40 Running from C:\Users\Silenia\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2013-01-10] (Analog Devices, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION ==================== Services (Whitelisted) ================= S4 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2013-01-10] (Andrea Electronics Corporation) S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-10-23] (BitRaider, LLC) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) ==================== Drivers (Whitelisted) ==================== S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-10-03] (BitRaider) R3 MCfilt; C:\Windows\System32\drivers\MCfilt64.sys [25600 2013-01-10] (Creative Technology Ltd.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-29 14:12 - 2013-10-29 14:12 - 02347384 _____ (ESET) C:\Users\Silenia\Downloads\esetsmartinstaller_enu.exe 2013-10-29 14:04 - 2013-10-29 14:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(2).exe 2013-10-29 14:04 - 2013-10-29 14:04 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-29 14:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-28 13:13 - 2013-10-28 13:13 - 00002898 _____ C:\Users\Silenia\Desktop\AdwCleaner[S3].txt 2013-10-28 13:11 - 2013-10-28 13:12 - 00000000 ____D C:\AdwCleaner 2013-10-28 13:09 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe 2013-10-28 13:08 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Downloads\FRST64.exe 2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST 2013-10-27 15:33 - 2013-10-27 15:40 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt 2013-10-27 15:32 - 2013-10-27 15:39 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt 2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe 2013-10-27 14:59 - 2013-10-27 15:25 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER 2013-10-27 14:56 - 2013-10-27 14:57 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe 2013-10-27 14:27 - 2013-10-27 14:31 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013 2013-10-27 14:12 - 2013-10-27 14:22 - 00000000 ____D C:\Windows\erdnt 2013-10-27 13:42 - 2013-10-27 13:43 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe 2013-10-27 13:35 - 2013-10-27 13:37 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe 2013-10-27 13:19 - 2013-10-27 13:34 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE 2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe 2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton 2013-10-27 13:00 - 2013-10-27 14:35 - 00000000 ____D C:\Windows\system32\appmgmt 2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla 2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla 2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe 2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe 2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx 2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe 2013-10-26 16:02 - 2013-10-26 16:13 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe 2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe 2013-10-24 15:50 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20131024-165007.backup 2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Desktop\adwcleaner-3.010.exe 2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log 2013-10-23 18:35 - 2013-10-29 14:01 - 00003360 _____ C:\Windows\setupact.log 2013-10-23 18:35 - 2013-10-27 15:24 - 00201558 _____ C:\Windows\PFRO.log 2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log 2013-10-23 18:26 - 2013-10-24 15:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-23 18:26 - 2009-01-25 12:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2013-10-23 18:25 - 2013-10-23 18:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe 2013-10-23 18:17 - 2013-10-23 18:28 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft 2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe 2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft 2013-10-23 18:09 - 2013-10-23 18:16 - 00000000 ____D C:\Program Files (x86)\Anvisoft 2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe 2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft 2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes 2013-10-23 12:46 - 2013-10-23 12:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-22 18:01 - 2013-10-16 01:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-22 18:01 - 2013-10-16 01:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-10-22 18:01 - 2013-10-16 01:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk 2013-10-13 21:02 - 2013-10-14 12:27 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet 2013-10-12 16:51 - 2013-09-07 22:45 - 00675988 _____ C:\Users\Silenia\Desktop\Minecraft.exe 2013-10-11 14:55 - 2013-10-13 22:20 - 00000000 ____D C:\CrashReport 2013-10-10 22:32 - 2013-10-11 09:56 - 00000000 ____D C:\Users\Silenia\Documents\dragoon 2013-10-10 20:52 - 2013-10-10 22:22 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet 2013-10-10 20:50 - 2013-10-12 13:46 - 00000000 ____D C:\ProgramData\Solid State Networks 2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe 2013-10-09 21:14 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-09 21:14 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-09 21:14 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-09 21:14 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-09 21:14 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-09 21:14 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-09 21:14 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-09 21:14 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-09 21:14 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-09 21:14 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-09 21:14 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-09 21:14 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-09 09:46 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 09:46 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 09:46 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 09:46 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 09:46 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-09 09:46 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-09 09:46 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-09 09:46 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 09:46 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 09:46 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 09:46 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 09:46 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 09:46 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 09:46 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 09:46 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 09:46 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 09:46 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 09:46 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-09 09:46 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-09 09:46 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-09 09:46 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 09:46 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-10-09 09:46 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-09 09:46 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-10-09 09:46 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 09:46 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 09:46 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 09:46 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2013-10-09 09:46 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2013-10-09 09:46 - 2012-11-28 23:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf ==================== One Month Modified Files and Folders ======= 2013-10-29 15:18 - 2013-01-09 23:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-29 15:13 - 2013-01-31 20:05 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-29 14:12 - 2013-10-29 14:12 - 02347384 _____ (ESET) C:\Users\Silenia\Downloads\esetsmartinstaller_enu.exe 2013-10-29 14:08 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-29 14:08 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-29 14:06 - 2009-07-14 18:58 - 00696832 _____ C:\Windows\system32\perfh007.dat 2013-10-29 14:06 - 2009-07-14 18:58 - 00148128 _____ C:\Windows\system32\perfc007.dat 2013-10-29 14:06 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-29 14:05 - 2013-01-09 23:21 - 02001419 _____ C:\Windows\WindowsUpdate.log 2013-10-29 14:04 - 2013-10-29 14:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(2).exe 2013-10-29 14:04 - 2013-10-29 14:04 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-29 14:01 - 2013-10-23 18:35 - 00003360 _____ C:\Windows\setupact.log 2013-10-29 14:01 - 2013-01-31 20:05 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-29 14:01 - 2013-01-09 23:43 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-29 14:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-28 22:31 - 2013-01-10 09:44 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\TS3Client 2013-10-28 13:13 - 2013-10-28 13:13 - 00002898 _____ C:\Users\Silenia\Desktop\AdwCleaner[S3].txt 2013-10-28 13:12 - 2013-10-28 13:11 - 00000000 ____D C:\AdwCleaner 2013-10-28 13:09 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe 2013-10-28 13:09 - 2013-10-28 13:08 - 01956538 _____ (Farbar) C:\Users\Silenia\Downloads\FRST64.exe 2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST 2013-10-27 21:47 - 2013-01-17 00:37 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-10-27 21:46 - 2013-01-18 18:31 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2013-10-27 21:46 - 2013-01-17 09:15 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-27 21:44 - 2013-01-10 12:11 - 00000000 ____D C:\ProgramData\Adobe 2013-10-27 21:44 - 2013-01-09 23:34 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Adobe 2013-10-27 15:40 - 2013-10-27 15:33 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt 2013-10-27 15:39 - 2013-10-27 15:32 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt 2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe 2013-10-27 15:25 - 2013-10-27 14:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER 2013-10-27 15:24 - 2013-10-23 18:35 - 00201558 _____ C:\Windows\PFRO.log 2013-10-27 14:57 - 2013-10-27 14:56 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe 2013-10-27 14:47 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini 2013-10-27 14:35 - 2013-10-27 13:00 - 00000000 ____D C:\Windows\system32\appmgmt 2013-10-27 14:31 - 2013-10-27 14:27 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013 2013-10-27 14:24 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default 2013-10-27 14:22 - 2013-10-27 14:12 - 00000000 ____D C:\Windows\erdnt 2013-10-27 13:43 - 2013-10-27 13:42 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe 2013-10-27 13:37 - 2013-10-27 13:35 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe 2013-10-27 13:34 - 2013-10-27 13:19 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE 2013-10-27 13:30 - 2013-01-10 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe 2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton 2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla 2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla 2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe 2013-10-27 12:57 - 2013-01-16 18:58 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Samsung 2013-10-27 12:57 - 2013-01-16 18:54 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-10-27 12:56 - 2013-01-16 18:54 - 00000000 ____D C:\ProgramData\Samsung 2013-10-27 12:56 - 2013-01-10 00:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-27 12:53 - 2013-01-09 23:31 - 00000000 ___RD C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe 2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx 2013-10-27 12:47 - 2013-01-31 20:05 - 00000000 ____D C:\Users\Silenia\AppData\Local\Google 2013-10-27 12:37 - 2013-05-15 13:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-10-26 16:13 - 2013-10-26 16:02 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe 2013-10-26 15:32 - 2013-01-23 17:17 - 00000000 ____D C:\Program Files (x86)\Steam 2013-10-24 17:11 - 2013-01-09 23:31 - 00001425 _____ C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe 2013-10-24 16:18 - 2013-01-10 09:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe 2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-24 15:39 - 2013-10-23 18:26 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Desktop\adwcleaner-3.010.exe 2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log 2013-10-23 19:33 - 2013-09-14 21:26 - 00000000 ____D C:\ProgramData\BitRaider 2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log 2013-10-23 18:28 - 2013-10-23 18:17 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft 2013-10-23 18:26 - 2013-10-23 18:25 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe 2013-10-23 18:16 - 2013-10-23 18:09 - 00000000 ____D C:\Program Files (x86)\Anvisoft 2013-10-23 18:16 - 2013-01-09 23:18 - 00000000 ____D C:\Windows\Panther 2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe 2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft 2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe 2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft 2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes 2013-10-23 12:47 - 2013-10-23 12:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-22 18:04 - 2013-01-09 23:42 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-10-22 18:03 - 2013-01-09 23:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-10-17 08:08 - 2013-01-31 20:05 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-17 08:08 - 2013-01-31 20:05 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-16 01:48 - 2013-10-22 18:01 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-16 01:48 - 2013-10-22 18:01 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-10-16 01:48 - 2013-10-22 18:01 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-10-16 01:48 - 2013-09-14 13:51 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-10-16 01:48 - 2013-09-14 13:51 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-10-16 01:48 - 2013-03-21 17:51 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-10-16 01:48 - 2013-01-09 23:53 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-10-16 01:48 - 2013-01-09 23:53 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-10-16 01:48 - 2013-01-09 23:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-10-16 01:48 - 2013-01-09 23:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-10-16 01:48 - 2012-10-10 21:23 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-10-16 01:48 - 2012-10-10 21:23 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-10-16 01:48 - 2012-10-10 21:22 - 00023287 _____ C:\Windows\system32\nvinfo.pb 2013-10-15 22:47 - 2013-01-09 23:42 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-10-15 22:47 - 2013-01-09 23:42 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-10-15 22:47 - 2013-01-09 23:42 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-10-15 22:47 - 2013-01-09 23:42 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-10-15 22:47 - 2013-01-09 23:42 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-10-15 22:47 - 2013-01-09 23:42 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-10-14 12:27 - 2013-10-13 21:02 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet 2013-10-13 22:20 - 2013-10-11 14:55 - 00000000 ____D C:\CrashReport 2013-10-13 21:11 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk 2013-10-13 14:05 - 2013-01-16 19:29 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\.minecraft 2013-10-12 13:46 - 2013-10-10 20:50 - 00000000 ____D C:\ProgramData\Solid State Networks 2013-10-11 18:01 - 2013-01-09 23:30 - 00000000 ____D C:\Users\Silenia 2013-10-11 09:56 - 2013-10-10 22:32 - 00000000 ____D C:\Users\Silenia\Documents\dragoon 2013-10-10 22:22 - 2013-10-10 20:52 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet 2013-10-10 20:54 - 2013-06-14 23:02 - 00000000 ____D C:\Program Files (x86)\RIFT Game 2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe 2013-10-10 10:16 - 2009-07-14 05:45 - 02343336 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-09 21:13 - 2013-09-14 13:53 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-10-09 21:11 - 2013-09-05 23:26 - 00000000 ____D C:\Windows\system32\MRT 2013-10-09 14:18 - 2013-01-09 23:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-09 14:18 - 2013-01-09 23:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-09 14:18 - 2013-01-09 23:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-08 20:14 - 2013-01-09 23:42 - 03398914 _____ C:\Windows\system32\nvcoproc.bin 2013-09-29 13:07 - 2013-01-26 16:26 - 00494080 ___SH C:\Users\Silenia\Desktop\Thumbs.db Some content of TEMP: ==================== C:\Users\Silenia\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-23 18:57 ==================== End Of Log ============================ |
|
29.10.2013, 15:43
| #10 |
| /// Malwareteam | Ihavenet.com weiterleitungen macht das System noch irgendwelche Probleme? Ihavenet sollte nicht mehr auftreten Schritt 1: Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Schritt 2: Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Schritt 3: Bitte erstelle abschließend ein finales FRST Logfile, sollte dieses ohne Infektionen sein räumen wir noch auf. |
|
29.10.2013, 15:55
| #11 |
| | Ihavenet.com weiterleitungen Nach den ersten Versuchen scheint in der Tat das Ihavenet weg zu sein - bis jetzt keine weiterleitungen - SUPER Vielen Dank ;-) Hier noch die LOG FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013
Ran by Silenia (administrator) on SILENIA-PC on 29-10-2013 15:53:22
Running from C:\Users\Silenia\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2013-01-10] (Analog Devices, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Silenia\AppData\Roaming\Mozilla\Firefox\Profiles\fsnkgbki.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
S4 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2013-01-10] (Andrea Electronics Corporation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-10-23] (BitRaider, LLC)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-10-03] (BitRaider)
R3 MCfilt; C:\Windows\System32\drivers\MCfilt64.sys [25600 2013-01-10] (Creative Technology Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-29 15:50 - 2013-10-29 15:50 - 00448512 _____ (OldTimer Tools) C:\Users\Silenia\Downloads\TFC.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-29 15:48 - 2013-10-29 15:48 - 00000000 ____D C:\Program Files\Java
2013-10-29 15:46 - 2013-10-29 15:48 - 00000000 ____D C:\ProgramData\Oracle
2013-10-29 15:46 - 2013-10-29 15:46 - 00000000 ____D C:\ProgramData\Sun
2013-10-29 14:12 - 2013-10-29 14:12 - 02347384 _____ (ESET) C:\Users\Silenia\Downloads\esetsmartinstaller_enu.exe
2013-10-29 14:04 - 2013-10-29 14:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-10-29 14:04 - 2013-10-29 14:04 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-29 14:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-28 13:13 - 2013-10-28 13:13 - 00002898 _____ C:\Users\Silenia\Desktop\AdwCleaner[S3].txt
2013-10-28 13:11 - 2013-10-28 13:12 - 00000000 ____D C:\AdwCleaner
2013-10-28 13:09 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe
2013-10-28 13:08 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Downloads\FRST64.exe
2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST
2013-10-27 15:33 - 2013-10-27 15:40 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt
2013-10-27 15:32 - 2013-10-27 15:39 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt
2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe
2013-10-27 14:59 - 2013-10-27 15:25 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER
2013-10-27 14:56 - 2013-10-27 14:57 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe
2013-10-27 14:27 - 2013-10-27 14:31 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-10-27 14:12 - 2013-10-27 14:22 - 00000000 ____D C:\Windows\erdnt
2013-10-27 13:42 - 2013-10-27 13:43 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe
2013-10-27 13:35 - 2013-10-27 13:37 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe
2013-10-27 13:19 - 2013-10-27 13:34 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE
2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe
2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton
2013-10-27 13:00 - 2013-10-27 14:35 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe
2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe
2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe
2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe
2013-10-24 15:50 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20131024-165007.backup
2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Desktop\adwcleaner-3.010.exe
2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log
2013-10-23 18:35 - 2013-10-29 15:52 - 00202392 _____ C:\Windows\PFRO.log
2013-10-23 18:35 - 2013-10-29 15:52 - 00003528 _____ C:\Windows\setupact.log
2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 18:26 - 2013-10-24 15:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-23 18:26 - 2009-01-25 12:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-10-23 18:25 - 2013-10-23 18:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-23 18:17 - 2013-10-23 18:28 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft
2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe
2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:16 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe
2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft
2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes
2013-10-23 12:46 - 2013-10-23 12:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 18:01 - 2013-10-16 01:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-22 18:01 - 2013-10-16 01:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-22 18:01 - 2013-10-16 01:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-10-13 21:02 - 2013-10-14 12:27 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet
2013-10-12 16:51 - 2013-09-07 22:45 - 00675988 _____ C:\Users\Silenia\Desktop\Minecraft.exe
2013-10-11 14:55 - 2013-10-13 22:20 - 00000000 ____D C:\CrashReport
2013-10-10 22:32 - 2013-10-11 09:56 - 00000000 ____D C:\Users\Silenia\Documents\dragoon
2013-10-10 20:52 - 2013-10-10 22:22 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet
2013-10-10 20:50 - 2013-10-12 13:46 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe
2013-10-09 21:14 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 21:14 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 21:14 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 21:14 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 21:14 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 21:14 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 21:14 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 21:14 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 21:14 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 21:14 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 09:46 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 09:46 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 09:46 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 09:46 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 09:46 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:46 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:46 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 09:46 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 09:46 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 09:46 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 09:46 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 09:46 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 09:46 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 09:46 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 09:46 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 09:46 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 09:46 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 09:46 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 09:46 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 09:46 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 09:46 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 09:46 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 09:46 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-09 09:46 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-10-09 09:46 - 2012-11-28 23:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
==================== One Month Modified Files and Folders =======
2013-10-29 15:52 - 2013-10-23 18:35 - 00202392 _____ C:\Windows\PFRO.log
2013-10-29 15:52 - 2013-10-23 18:35 - 00003528 _____ C:\Windows\setupact.log
2013-10-29 15:52 - 2013-01-31 20:05 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 15:52 - 2013-01-09 23:43 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-29 15:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 15:51 - 2013-01-09 23:21 - 02002044 _____ C:\Windows\WindowsUpdate.log
2013-10-29 15:50 - 2013-10-29 15:50 - 00448512 _____ (OldTimer Tools) C:\Users\Silenia\Downloads\TFC.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-29 15:48 - 2013-10-29 15:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-29 15:48 - 2013-10-29 15:48 - 00000000 ____D C:\Program Files\Java
2013-10-29 15:48 - 2013-10-29 15:46 - 00000000 ____D C:\ProgramData\Oracle
2013-10-29 15:46 - 2013-10-29 15:46 - 00000000 ____D C:\ProgramData\Sun
2013-10-29 15:18 - 2013-01-09 23:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-29 15:13 - 2013-01-31 20:05 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-29 14:12 - 2013-10-29 14:12 - 02347384 _____ (ESET) C:\Users\Silenia\Downloads\esetsmartinstaller_enu.exe
2013-10-29 14:08 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 14:08 - 2009-07-14 05:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 14:06 - 2009-07-14 18:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-10-29 14:06 - 2009-07-14 18:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-10-29 14:06 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-29 14:04 - 2013-10-29 14:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-10-29 14:04 - 2013-10-29 14:04 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-29 14:04 - 2013-10-29 14:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-28 22:31 - 2013-01-10 09:44 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\TS3Client
2013-10-28 13:13 - 2013-10-28 13:13 - 00002898 _____ C:\Users\Silenia\Desktop\AdwCleaner[S3].txt
2013-10-28 13:12 - 2013-10-28 13:11 - 00000000 ____D C:\AdwCleaner
2013-10-28 13:09 - 2013-10-28 13:09 - 01956538 _____ (Farbar) C:\Users\Silenia\Desktop\FRST64.exe
2013-10-28 13:09 - 2013-10-28 13:08 - 01956538 _____ (Farbar) C:\Users\Silenia\Downloads\FRST64.exe
2013-10-27 21:49 - 2013-10-27 21:49 - 00000000 ____D C:\FRST
2013-10-27 21:47 - 2013-01-17 00:37 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-27 21:46 - 2013-01-18 18:31 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-10-27 21:46 - 2013-01-17 09:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-27 21:44 - 2013-01-10 12:11 - 00000000 ____D C:\ProgramData\Adobe
2013-10-27 21:44 - 2013-01-09 23:34 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Adobe
2013-10-27 15:40 - 2013-10-27 15:33 - 00084746 _____ C:\Users\Silenia\Desktop\Extras.Txt
2013-10-27 15:39 - 2013-10-27 15:32 - 00116698 _____ C:\Users\Silenia\Desktop\OTL.Txt
2013-10-27 15:26 - 2013-10-27 15:26 - 00602112 _____ (OldTimer Tools) C:\Users\Silenia\Desktop\OTL.exe
2013-10-27 15:25 - 2013-10-27 14:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\GHISLER
2013-10-27 14:57 - 2013-10-27 14:56 - 05896408 _____ (Ghisler Software GmbH) C:\Users\Silenia\Downloads\tcm801x32-64.exe
2013-10-27 14:47 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-10-27 14:35 - 2013-10-27 13:00 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-27 14:31 - 2013-10-27 14:27 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-10-27 14:24 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-10-27 14:22 - 2013-10-27 14:12 - 00000000 ____D C:\Windows\erdnt
2013-10-27 13:43 - 2013-10-27 13:42 - 91374864 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\msert.exe
2013-10-27 13:37 - 2013-10-27 13:35 - 22205064 _____ (Microsoft Corporation) C:\Users\Silenia\Downloads\Windows-KB890830-x64-V5.5.exe
2013-10-27 13:34 - 2013-10-27 13:19 - 00000000 ____D C:\Users\Silenia\AppData\Local\NPE
2013-10-27 13:30 - 2013-01-10 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-27 13:19 - 2013-10-27 13:19 - 03053496 ____N (Symantec Corporation) C:\Users\Silenia\Downloads\NPE.exe
2013-10-27 13:19 - 2013-10-27 13:19 - 00000000 ____D C:\ProgramData\Norton
2013-10-27 12:59 - 2013-10-27 12:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 12:59 - 2013-10-27 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-27 12:58 - 2013-10-27 12:58 - 00281896 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 12:57 - 2013-01-16 18:58 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Samsung
2013-10-27 12:57 - 2013-01-16 18:54 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-27 12:56 - 2013-01-16 18:54 - 00000000 ____D C:\ProgramData\Samsung
2013-10-27 12:56 - 2013-01-10 00:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-27 12:53 - 2013-01-09 23:31 - 00000000 ___RD C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-27 12:47 - 2013-10-27 12:47 - 22404568 _____ (Mozilla) C:\Users\Silenia\Downloads\Firefox_Setup [1].exe
2013-10-27 12:47 - 2013-10-27 12:47 - 00351112 _____ C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx
2013-10-27 12:47 - 2013-01-31 20:05 - 00000000 ____D C:\Users\Silenia\AppData\Local\Google
2013-10-27 12:37 - 2013-05-15 13:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-26 16:14 - 2013-10-26 16:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-26 16:08 - 2013-10-26 16:08 - 02753344 _____ (AVAST Software) C:\Users\Silenia\Downloads\avast-browser-cleanup.exe
2013-10-26 15:32 - 2013-01-23 17:17 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-24 17:11 - 2013-01-09 23:31 - 00001425 _____ C:\Users\Silenia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-24 16:21 - 2013-10-24 16:21 - 01060070 _____ C:\Users\Silenia\Downloads\AdwCleaner.exe
2013-10-24 16:18 - 2013-01-10 09:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-24 15:54 - 2013-10-24 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Silenia\Downloads\SpyHunter-Installer.exe
2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-24 15:39 - 2013-10-23 18:26 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-24 15:30 - 2013-10-24 15:30 - 01060070 _____ C:\Users\Silenia\Desktop\adwcleaner-3.010.exe
2013-10-24 15:28 - 2013-10-24 15:28 - 00008029 _____ C:\Users\Silenia\Documents\hijackthis.log
2013-10-23 19:33 - 2013-09-14 21:26 - 00000000 ____D C:\ProgramData\BitRaider
2013-10-23 18:35 - 2013-10-23 18:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 18:28 - 2013-10-23 18:17 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Anvisoft
2013-10-23 18:26 - 2013-10-23 18:25 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Silenia\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-23 18:16 - 2013-10-23 18:09 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-10-23 18:16 - 2013-01-09 23:18 - 00000000 ____D C:\Windows\Panther
2013-10-23 18:11 - 2013-10-23 18:11 - 06672080 _____ (Anvisoft) C:\Users\Silenia\Downloads\csbsetup.exe
2013-10-23 18:11 - 2013-10-23 18:11 - 00000000 ____D C:\Users\Public\Anvisoft
2013-10-23 18:09 - 2013-10-23 18:09 - 09978896 _____ C:\Users\Silenia\Downloads\astsetup.exe
2013-10-23 18:09 - 2013-10-23 18:09 - 00000000 ____D C:\Users\Silenia\AppData\Local\Anvisoft
2013-10-23 12:47 - 2013-10-23 12:47 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\Malwarebytes
2013-10-23 12:47 - 2013-10-23 12:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Silenia\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 18:04 - 2013-01-09 23:42 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-22 18:03 - 2013-01-09 23:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-17 08:08 - 2013-01-31 20:05 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-17 08:08 - 2013-01-31 20:05 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-16 01:48 - 2013-10-22 18:01 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-16 01:48 - 2013-10-22 18:01 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-16 01:48 - 2013-10-22 18:01 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-16 01:48 - 2013-09-14 13:51 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-16 01:48 - 2013-09-14 13:51 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-16 01:48 - 2013-03-21 17:51 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-16 01:48 - 2013-01-09 23:53 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-16 01:48 - 2013-01-09 23:53 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-16 01:48 - 2013-01-09 23:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-10-16 01:48 - 2013-01-09 23:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-10-16 01:48 - 2012-10-10 21:23 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-16 01:48 - 2012-10-10 21:23 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-16 01:48 - 2012-10-10 21:22 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-15 22:47 - 2013-01-09 23:42 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-15 22:47 - 2013-01-09 23:42 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-15 22:47 - 2013-01-09 23:42 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-15 15:54 - 2013-10-15 15:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-14 12:27 - 2013-10-13 21:02 - 00000000 ____D C:\Program Files (x86)\Dragon's Prophet
2013-10-13 22:20 - 2013-10-11 14:55 - 00000000 ____D C:\CrashReport
2013-10-13 21:11 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-13 21:10 - 2013-10-13 21:10 - 00001067 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-10-13 14:05 - 2013-01-16 19:29 - 00000000 ____D C:\Users\Silenia\AppData\Roaming\.minecraft
2013-10-12 13:46 - 2013-10-10 20:50 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-10-11 18:01 - 2013-01-09 23:30 - 00000000 ____D C:\Users\Silenia
2013-10-11 09:56 - 2013-10-10 22:32 - 00000000 ____D C:\Users\Silenia\Documents\dragoon
2013-10-10 22:22 - 2013-10-10 20:52 - 00000000 ____D C:\Users\Silenia\Desktop\Dragon,prophet
2013-10-10 20:54 - 2013-06-14 23:02 - 00000000 ____D C:\Program Files (x86)\RIFT Game
2013-10-10 20:50 - 2013-10-10 20:50 - 01435416 _____ (Infernum) C:\Users\Silenia\Downloads\DragonsProphetDLM.exe
2013-10-10 10:16 - 2009-07-14 05:45 - 02343336 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 21:13 - 2013-09-14 13:53 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 21:11 - 2013-09-05 23:26 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 14:18 - 2013-01-09 23:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 14:18 - 2013-01-09 23:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 14:18 - 2013-01-09 23:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 20:14 - 2013-01-09 23:42 - 03398914 _____ C:\Windows\system32\nvcoproc.bin
2013-09-29 13:07 - 2013-01-26 16:26 - 00494080 ___SH C:\Users\Silenia\Desktop\Thumbs.db
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-23 18:57
==================== End Of Log ============================
|
|
29.10.2013, 18:15
| #12 |
| /// Malwareteam | Ihavenet.com weiterleitungen ich möchte mir mal deine Dienste anschaun ob da alles passt... Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. |
|
29.10.2013, 19:52
| #13 |
| | Ihavenet.com weiterleitungenCode:
ATTFilter Farbar Service Scanner Version: 24-10-2013
Ran by Silenia (administrator) on 29-10-2013 at 18:16:53
Running from "C:\Users\Silenia\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
|
|
29.10.2013, 19:55
| #14 |
| /// Malwareteam | Ihavenet.com weiterleitungen Gut dann scan mal mit dem hier: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
29.10.2013, 20:11
| #15 |
| | Ihavenet.com weiterleitungenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org
Database version: v2013.10.29.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Silenia :: SILENIA-PC [administrator]
29.10.2013 20:05:09
mbar-log-2013-10-29 (20-05-09).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 252289
Time elapsed: 5 minute(s), 19 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
| Themen zu Ihavenet.com weiterleitungen |
| .com, adobe flash player, adobe reader xi, battle.net, bho, browser, clean, flash player, helper, install.exe, microsoft, mozilla, nodrives, plug-in, programme, pup.optional.funmoods.a, pup.optional.mysearchdial.a, safer networking, senden, spyhunter, spyhunter entfernen, super, winlogon |
Beim ersten Anzeichen illegal genutzter Software (Cracks, Patches und Co) wird der Support unterbrochen . Bis die illegale Software deinstalliert ist.
Gruß Aneri 
Linear-Darstellung
