PUP optional Candy

schrauber · 15.01.2014, 09:13

Ja bitte, ich brauche auf jeden Fall ein frisches FRST Logfile. Mach noch das hier vorher:

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

drud · 15.01.2014, 21:13

kein neustart verlangt von TFC. ging ganz rassig.

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 01
Ran by ***** (administrator) on *****-PC on 15-01-2014 20:32:26
Running from C:\Users\*****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Splashtop Inc.) C:\ASUS.SYS\SIONExportService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4156 2010-04-16] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [SynAsusAcpi] - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-07-19] (syncables, LLC)
HKCU\...\Run: [SecureBanking] - C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-07-06] (Secure Banking)
HKU\UpdatusUser\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
ShortcutTarget: phase-6 Reminder.lnk -> C:\Users\*****\AppData\Local\phase-6\phase-6-compendio\reminder\reminder.exe (phase-6)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {FAD6394E-D719-45AD-8C59-99A8E90A359C} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -  No File
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\mpazrgl1.default
FF Homepage: hxxp://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\mpazrgl1.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-23]
FF Extension: WOT - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\mpazrgl1.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-28]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\mpazrgl1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-06]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT

==================== Services (Whitelisted) =================

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896056 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [249856 2011-02-15] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 Splashtop MDES; C:\ASUS.SYS\SIONExportService.exe [338208 2011-05-10] (Splashtop Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-11-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2012-09-05] (Scott)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 DNIMp50a64; System32\Drivers\DNIMp50a64.sys [x]
S3 DNISp50a64; System32\Drivers\DNISp50a64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 20:27 - 2014-01-15 20:27 - 00448512 _____ (OldTimer Tools) C:\Users\*****\Desktop\TFC.exe
2014-01-15 20:25 - 2014-01-15 20:25 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-14 06:45 - 2014-01-14 06:45 - 00987410 _____ C:\Users\*****\Desktop\SecurityCheck.exe
2014-01-13 21:04 - 2014-01-13 21:05 - 02347384 _____ (ESET) C:\Users\*****\Desktop\esetsmartinstaller_enu.exe
2014-01-13 20:21 - 2014-01-13 20:45 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-01-13 20:17 - 2014-01-13 20:17 - 00000207 _____ C:\Windows\tweaking.com-regbackup-*****-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-01-13 20:17 - 2014-01-13 20:17 - 00000000 ____D C:\RegBackup
2014-01-13 19:32 - 2014-01-13 19:32 - 00000000 ____D C:\Users\*****\Desktop\tweaking.com_windows_repair_aio
2014-01-13 19:31 - 2014-01-13 19:31 - 02903255 _____ C:\Users\*****\Desktop\tweaking.com_windows_repair_aio.zip
2014-01-07 22:03 - 2014-01-15 20:32 - 00000000 ____D C:\Users\*****\Desktop\FRST-OlderVersion
2014-01-07 21:56 - 2014-01-07 21:56 - 00000756 _____ C:\Users\*****\Desktop\JRT 7.1.14.txt
2014-01-07 21:53 - 2014-01-07 21:53 - 00000756 _____ C:\Users\*****\Desktop\JRT.txt
2014-01-07 21:47 - 2014-01-07 21:47 - 01036305 _____ (Thisisu) C:\Users\*****\Desktop\JRT.exe
2014-01-07 21:17 - 2014-01-07 21:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-05 18:39 - 2014-01-13 20:47 - 00003692 _____ C:\Windows\PFRO.log
2014-01-05 18:31 - 2014-01-05 18:31 - 00051871 _____ C:\ComboFix.txt
2014-01-05 18:19 - 2014-01-05 18:31 - 00000000 ____D C:\ComboFix
2014-01-05 18:19 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-05 18:19 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-05 18:19 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-05 18:19 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-05 18:19 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-05 18:19 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-05 18:19 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-05 18:19 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-05 18:18 - 2014-01-05 18:31 - 00000000 ____D C:\Qoobox
2014-01-05 18:11 - 2014-01-05 18:11 - 05160001 ____R (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2014-01-05 17:32 - 2014-01-05 17:33 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-05 17:31 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-05 17:31 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-05 17:30 - 2014-01-05 17:33 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-05 17:24 - 2014-01-05 17:24 - 00001349 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-05 17:21 - 2014-01-05 17:21 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-05 17:21 - 2013-12-10 03:13 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-05 17:21 - 2013-12-10 03:13 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-05 17:20 - 2014-01-05 17:20 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-05 17:20 - 2014-01-05 17:20 - 00000000 ____D C:\Windows\system32\NV
2014-01-05 17:17 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-05 17:17 - 2013-11-14 12:58 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-01-05 17:17 - 2013-11-14 12:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-05 17:17 - 2013-11-14 12:58 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-05 17:15 - 2014-01-05 17:15 - 00000000 ____D C:\NVIDIA
2014-01-05 17:10 - 2014-01-05 17:14 - 259887872 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\331.82-notebook-win8-win7-64bit-international-whql.exe
2014-01-04 09:35 - 2014-01-04 09:43 - 00037839 _____ C:\Users\*****\Desktop\Addition.txt
2014-01-04 09:34 - 2014-01-15 20:32 - 00017586 _____ C:\Users\*****\Desktop\FRST.txt
2014-01-04 09:34 - 2014-01-15 20:32 - 00000000 ____D C:\FRST
2014-01-04 09:29 - 2014-01-15 20:32 - 02076160 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-01-04 07:21 - 2014-01-15 20:22 - 00005470 _____ C:\Windows\setupact.log
2014-01-04 07:21 - 2014-01-04 07:21 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 20:49 - 2014-01-03 20:49 - 00000000 ____D C:\Windows\ERUNT
2014-01-03 20:48 - 2014-01-03 20:48 - 01034531 _____ (Thisisu) C:\Users\*****\Desktop\JRT_6.0.8.exe
2014-01-03 20:36 - 2014-01-03 20:36 - 01233962 _____ C:\Users\*****\Desktop\adwcleaner_3.016(1).exe
2014-01-03 20:33 - 2014-01-03 20:33 - 00035240 _____ C:\Users\*****\Desktop\cc_20140103_203341.reg
2014-01-03 20:26 - 2014-01-07 21:40 - 00000000 ____D C:\AdwCleaner
2014-01-03 20:26 - 2014-01-03 20:26 - 01233962 _____ C:\Users\*****\Desktop\adwcleaner_3.016.exe
2014-01-03 19:28 - 2014-01-03 19:28 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-03 18:47 - 2014-01-03 18:47 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-03 18:47 - 2014-01-03 18:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-03 18:47 - 2014-01-03 18:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-03 18:47 - 2014-01-03 18:47 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-03 18:47 - 2014-01-03 18:47 - 00000000 ____D C:\Program Files\Java
2014-01-03 18:45 - 2014-01-03 18:46 - 30694824 _____ (Oracle Corporation) C:\Users\*****\Downloads\jre-7u45-windows-x64.exe
2014-01-03 18:44 - 2014-01-03 18:44 - 00000000 ____D C:\Users\*****\AppData\Roaming\Google
2013-12-29 16:06 - 2013-12-29 16:06 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-29 16:06 - 2013-12-29 16:06 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-29 16:06 - 2013-12-29 16:06 - 00000000 _____ C:\Users\*****\.airinstall.log
2013-12-29 16:03 - 2013-12-29 16:04 - 63772080 _____ C:\Users\*****\Downloads\myphotobook.ch-1.5.3.exe
2013-12-25 12:38 - 2013-12-25 12:38 - 00001158 _____ C:\Users\Public\Desktop\MAGIX Video deluxe 2014 Plus.lnk
2013-12-25 12:38 - 2013-12-25 12:38 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2013-12-25 12:25 - 2013-12-25 12:25 - 02849256 _____ (MAGIX AG) C:\Users\*****\Downloads\videodeluxe2014plus_dlm.exe
2013-12-21 23:13 - 2013-12-21 23:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-15 20:32 - 2014-01-07 22:03 - 00000000 ____D C:\Users\*****\Desktop\FRST-OlderVersion
2014-01-15 20:32 - 2014-01-04 09:34 - 00017586 _____ C:\Users\*****\Desktop\FRST.txt
2014-01-15 20:32 - 2014-01-04 09:34 - 00000000 ____D C:\FRST
2014-01-15 20:32 - 2014-01-04 09:29 - 02076160 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-01-15 20:27 - 2014-01-15 20:27 - 00448512 _____ (OldTimer Tools) C:\Users\*****\Desktop\TFC.exe
2014-01-15 20:27 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-15 20:27 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-15 20:26 - 2011-11-11 20:57 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2014-01-15 20:26 - 2011-02-19 05:24 - 00697232 _____ C:\Windows\system32\perfh007.dat
2014-01-15 20:26 - 2011-02-19 05:24 - 00149372 _____ C:\Windows\system32\perfc007.dat
2014-01-15 20:26 - 2009-07-14 06:13 - 01651444 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-15 20:25 - 2014-01-15 20:25 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-15 20:25 - 2011-12-26 13:15 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2014-01-15 20:25 - 2011-11-11 10:23 - 00000000 ___HD C:\ASUS.DAT
2014-01-15 20:22 - 2014-01-04 07:21 - 00005470 _____ C:\Windows\setupact.log
2014-01-15 20:22 - 2011-09-15 07:37 - 00000012 ____H C:\dvmexp.idx
2014-01-15 20:22 - 2011-09-15 07:23 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-15 20:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-15 20:20 - 2011-09-15 07:11 - 01513867 _____ C:\Windows\WindowsUpdate.log
2014-01-14 06:45 - 2014-01-14 06:45 - 00987410 _____ C:\Users\*****\Desktop\SecurityCheck.exe
2014-01-14 06:22 - 2012-09-29 21:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-14 01:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-13 21:05 - 2014-01-13 21:04 - 02347384 _____ (ESET) C:\Users\*****\Desktop\esetsmartinstaller_enu.exe
2014-01-13 20:47 - 2014-01-05 18:39 - 00003692 _____ C:\Windows\PFRO.log
2014-01-13 20:47 - 2009-07-14 05:45 - 00592688 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-13 20:45 - 2014-01-13 20:21 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-01-13 20:44 - 2009-07-14 03:34 - 00000514 _____ C:\Windows\win.ini
2014-01-13 20:17 - 2014-01-13 20:17 - 00000207 _____ C:\Windows\tweaking.com-regbackup-*****-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-01-13 20:17 - 2014-01-13 20:17 - 00000000 ____D C:\RegBackup
2014-01-13 19:51 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-13 19:32 - 2014-01-13 19:32 - 00000000 ____D C:\Users\*****\Desktop\tweaking.com_windows_repair_aio
2014-01-13 19:31 - 2014-01-13 19:31 - 02903255 _____ C:\Users\*****\Desktop\tweaking.com_windows_repair_aio.zip
2014-01-07 21:56 - 2014-01-07 21:56 - 00000756 _____ C:\Users\*****\Desktop\JRT 7.1.14.txt
2014-01-07 21:53 - 2014-01-07 21:53 - 00000756 _____ C:\Users\*****\Desktop\JRT.txt
2014-01-07 21:47 - 2014-01-07 21:47 - 01036305 _____ (Thisisu) C:\Users\*****\Desktop\JRT.exe
2014-01-07 21:40 - 2014-01-03 20:26 - 00000000 ____D C:\AdwCleaner
2014-01-07 21:18 - 2012-11-26 19:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-07 21:18 - 2012-11-26 19:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 21:17 - 2014-01-07 21:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-05 18:40 - 2011-09-15 07:36 - 00002594 _____ C:\Windows\system32\AutoRunFilter.ini
2014-01-05 18:39 - 2011-09-15 07:36 - 00001956 _____ C:\Windows\system32\ServiceFilter.ini
2014-01-05 18:31 - 2014-01-05 18:31 - 00051871 _____ C:\ComboFix.txt
2014-01-05 18:31 - 2014-01-05 18:19 - 00000000 ____D C:\ComboFix
2014-01-05 18:31 - 2014-01-05 18:18 - 00000000 ____D C:\Qoobox
2014-01-05 18:29 - 2009-07-14 03:34 - 00000248 _____ C:\Windows\system.ini
2014-01-05 18:11 - 2014-01-05 18:11 - 05160001 ____R (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2014-01-05 17:33 - 2014-01-05 17:32 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-05 17:33 - 2014-01-05 17:30 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-05 17:33 - 2011-09-15 07:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-05 17:32 - 2011-09-15 07:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-05 17:32 - 2011-09-15 07:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-05 17:24 - 2014-01-05 17:24 - 00001349 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-05 17:21 - 2014-01-05 17:21 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-05 17:20 - 2014-01-05 17:20 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-05 17:20 - 2014-01-05 17:20 - 00000000 ____D C:\Windows\system32\NV
2014-01-05 17:15 - 2014-01-05 17:15 - 00000000 ____D C:\NVIDIA
2014-01-05 17:14 - 2014-01-05 17:10 - 259887872 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\331.82-notebook-win8-win7-64bit-international-whql.exe
2014-01-04 09:43 - 2014-01-04 09:35 - 00037839 _____ C:\Users\*****\Desktop\Addition.txt
2014-01-04 07:21 - 2014-01-04 07:21 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 20:49 - 2014-01-03 20:49 - 00000000 ____D C:\Windows\ERUNT
2014-01-03 20:48 - 2014-01-03 20:48 - 01034531 _____ (Thisisu) C:\Users\*****\Desktop\JRT_6.0.8.exe
2014-01-03 20:36 - 2014-01-03 20:36 - 01233962 _____ C:\Users\*****\Desktop\adwcleaner_3.016(1).exe
2014-01-03 20:33 - 2014-01-03 20:33 - 00035240 _____ C:\Users\*****\Desktop\cc_20140103_203341.reg
2014-01-03 20:26 - 2014-01-03 20:26 - 01233962 _____ C:\Users\*****\Desktop\adwcleaner_3.016.exe
2014-01-03 20:01 - 2011-11-11 10:23 - 00183904 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 19:48 - 2011-12-25 20:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-03 19:46 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew
2014-01-03 19:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-03 19:28 - 2014-01-03 19:28 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-03 19:28 - 2011-11-13 20:03 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2014-01-03 19:28 - 2011-11-12 14:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-03 19:28 - 2011-11-12 14:06 - 00000000 ____D C:\ProgramData\Adobe
2014-01-03 18:59 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-03 18:58 - 2011-11-11 10:24 - 00001423 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-03 18:58 - 2011-11-11 10:24 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-03 18:58 - 2011-11-11 10:24 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-03 18:57 - 2011-04-13 03:33 - 00000000 ____D C:\Program Files\Google
2014-01-03 18:57 - 2011-04-13 03:33 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-03 18:51 - 2012-12-05 19:49 - 00000000 ____D C:\Program Files (x86)\Opera
2014-01-03 18:51 - 2012-12-05 18:36 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-01-03 18:51 - 2011-12-05 21:43 - 00000000 ____D C:\Users\*****\AppData\Roaming\IrfanView
2014-01-03 18:47 - 2014-01-03 18:47 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-03 18:47 - 2014-01-03 18:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-03 18:47 - 2014-01-03 18:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-03 18:47 - 2014-01-03 18:47 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-03 18:47 - 2014-01-03 18:47 - 00000000 ____D C:\Program Files\Java
2014-01-03 18:47 - 2013-11-07 19:15 - 00000000 ____D C:\ProgramData\Oracle
2014-01-03 18:46 - 2014-01-03 18:45 - 30694824 _____ (Oracle Corporation) C:\Users\*****\Downloads\jre-7u45-windows-x64.exe
2014-01-03 18:45 - 2011-04-13 03:47 - 00000000 ____D C:\Program Files (x86)\ASUS
2014-01-03 18:44 - 2014-01-03 18:44 - 00000000 ____D C:\Users\*****\AppData\Roaming\Google
2014-01-03 18:44 - 2011-11-11 19:25 - 00000000 ____D C:\Users\*****\AppData\Local\Google
2014-01-03 18:41 - 2013-12-05 21:21 - 01625724 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-29 16:06 - 2013-12-29 16:06 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-29 16:06 - 2013-12-29 16:06 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-29 16:06 - 2013-12-29 16:06 - 00000000 _____ C:\Users\*****\.airinstall.log
2013-12-29 16:06 - 2011-11-11 19:28 - 00000000 ____D C:\Users\*****\AppData\Roaming\Adobe
2013-12-29 16:06 - 2011-11-11 10:22 - 00000000 ____D C:\Users\*****
2013-12-29 16:04 - 2013-12-29 16:03 - 63772080 _____ C:\Users\*****\Downloads\myphotobook.ch-1.5.3.exe
2013-12-26 11:48 - 2011-11-12 08:22 - 00000000 ____D C:\Users\*****\AppData\Local\MAGIX_AG
2013-12-25 12:39 - 2011-11-12 08:05 - 00000000 ___RD C:\Users\*****\Documents\MAGIX
2013-12-25 12:38 - 2013-12-25 12:38 - 00001158 _____ C:\Users\Public\Desktop\MAGIX Video deluxe 2014 Plus.lnk
2013-12-25 12:38 - 2013-12-25 12:38 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2013-12-25 12:38 - 2011-11-12 08:04 - 00000000 ____D C:\Users\*****\AppData\Roaming\MAGIX
2013-12-25 12:38 - 2011-11-12 08:04 - 00000000 ____D C:\Users\*****\AppData\Local\MAGIX
2013-12-25 12:36 - 2011-11-12 08:02 - 00000000 ____D C:\Program Files (x86)\MAGIX
2013-12-25 12:36 - 2011-09-15 07:38 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-25 12:25 - 2013-12-25 12:25 - 02849256 _____ (MAGIX AG) C:\Users\*****\Downloads\videodeluxe2014plus_dlm.exe
2013-12-25 11:57 - 2012-12-05 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 23:13 - 2013-12-21 23:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 21:02 - 2012-08-31 20:11 - 00000000 ____D C:\Users\*****\Documents\My Digital Editions
2013-12-18 17:04 - 2013-05-08 19:14 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-18 17:04 - 2013-03-29 15:49 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 17:04 - 2013-03-29 15:49 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-14 01:13

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

mein avira email-schutz ist jetzt nicht gegeben. soll ich die aufgaben von der seite 1 unten noch lösen? hab jetzt einfach das TFC und FRST gemacht wie hier in deinem letzten post beschrieben.

DANKE

daa windows explorer problem besteht immer noch.

danke für deine hilfe!

schrauber · 16.01.2014, 16:13

Avira neu installieren.

Windows DVD zur Hand?

drud · 16.01.2014, 16:43

Avira neu installieren geht okay, werde ich morgen abend tun.

eine Windows DVD habe ich meines wissens nicht? was soll ich nun tun?

DANKE!

schrauber · 17.01.2014, 12:43

War WIndows vorinstalliert? Kannste eine baugleiche DVD irgendwo leihen?

drud · 17.01.2014, 19:04

ja, war vorinstalliert.

habe windows 7. keine ahnung, wo ich so eine DVD herkriegen kann

was kann ich tun?

avira hab ich nun neuinstalliert. hat bestens geklappt.

nun laufen noch windows updates.

bezüglich windows dvd. hab wirklich nichts

so eine ISO erstellen?

schrauber · 18.01.2014, 08:12

Jap

http://www.chip.de/artikel/Windows-7..._46353107.html

drud · 18.01.2014, 11:42

ok. auf dvd brennen? und dann?

wo finde ich meine windows lizenz nummer?

merci :-)

schrauber · 19.01.2014, 09:28

Auf DVD brennen. Key sollte auf einem Aufkleber auf dem Rechner sein.

drud · 19.01.2014, 20:08

key habe ich gefunden. ISO dvd gebrannt

danke.
was muss ich nun tun mit der DVD? nehme an, dass windows irgendwie repariert werden muss?

MERCI

schrauber · 20.01.2014, 21:51

Guggst Du

"In Place Upgrade"

drud · 20.01.2014, 22:28

oh mein gott! hab das soeben durchgelesen. hoffentlich kann ich das alles..!werde als erstes noch wie empfohlen eine sicherung der daten anlegen. der eine satz da gefällt mir.nämlich nicht...

schrauber · 21.01.2014, 12:17

ok

drud · 23.01.2014, 20:47

hey schrauber
ich dann die aufgabe erst am wochenende erledigen (liege mit fieber im bett).
danke für deine hilfe und dein verständnis.
lg

schrauber · 24.01.2014, 12:28

ok. gute Besserung

16.01.2014, 16:13	#18
schrauber /// the machine /// TB-Ausbilder	PUP optional Candy Avira neu installieren. Windows DVD zur Hand? __________________ __________________

17.01.2014, 12:43	#20
schrauber /// the machine /// TB-Ausbilder	PUP optional Candy War WIndows vorinstalliert? Kannste eine baugleiche DVD irgendwo leihen? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

18.01.2014, 08:12	#22
schrauber /// the machine /// TB-Ausbilder	PUP optional Candy Jap http://www.chip.de/artikel/Windows-7..._46353107.html __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

19.01.2014, 09:28	#24
schrauber /// the machine /// TB-Ausbilder	PUP optional Candy Auf DVD brennen. Key sollte auf einem Aufkleber auf dem Rechner sein. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.01.2014, 21:51	#26
schrauber /// the machine /// TB-Ausbilder	PUP optional Candy Guggst Du "In Place Upgrade" __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

PUP optional Candy

Plagegeister aller Art und deren Bekämpfung: PUP optional Candy