Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner

98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner


Log-Analyse und Auswertung: 98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 04.01.2014, 18:44   #1
SvenS
 
98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner - Standard

98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b755a2347c3b15419d9364545cff283e
# engine=16517
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-04 03:53:13
# local_time=2014-01-04 04:53:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 140480643 0 0
# scanned=230298
# found=0
# cleaned=0
# scan_time=5191
Auch nach dem Neustart noch alles in Ordnung, das Problem scheint behoben zu sein.


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Sven (administrator) on SVEN-PC on 04-01-2014 18:43:15
Running from C:\Users\Sven\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) G:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) G:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) G:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Deutsche Telekom AG) C:\Program Files (x86)\Speedport W 101 Stick WLAN Manager\Speedport W 101 Stick.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0
CHR Extension: (Safe Money) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (Virtual Keyboard) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4816_0
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (Anti-Banner) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-03] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-11] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; g:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; g:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-12-21] ()

==================== Drivers (Whitelisted) ====================

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-11] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2013-12-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-03] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-03] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-20] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 ZDCNDIS6a64; C:\Windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\Windows\SysWow64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZY202_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2009-06-26] (Atheros Communications, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 15:20 - 2014-01-04 15:21 - 02347384 _____ (ESET) C:\Users\Sven\Downloads\esetsmartinstaller_enu.exe
2014-01-04 15:00 - 2014-01-04 18:43 - 00013328 _____ C:\Users\Sven\Downloads\FRST.txt
2014-01-04 02:05 - 2014-01-04 02:05 - 00026510 _____ C:\Users\Sven\Desktop\ComboFix.txt
2014-01-04 01:58 - 2014-01-04 02:05 - 00000000 ____D C:\Qoobox
2014-01-04 01:58 - 2014-01-04 02:04 - 00000000 ____D C:\Windows\erdnt
2014-01-04 01:58 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-04 01:58 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-04 01:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-04 01:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-04 01:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-04 01:58 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-04 01:58 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-04 01:58 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-04 01:56 - 2014-01-04 01:57 - 05160001 ____R (Swearware) C:\Users\Sven\Desktop\ComboFix.exe
2014-01-04 01:29 - 2014-01-04 01:29 - 00000000 ____D C:\Crash
2014-01-04 00:35 - 2014-01-04 00:35 - 00059957 _____ C:\Users\Sven\Desktop\gmerfile.log
2014-01-04 00:29 - 2014-01-04 00:29 - 00377856 _____ C:\Users\Sven\Downloads\gmer_2.1.19163.exe
2014-01-04 00:26 - 2014-01-04 14:56 - 00000000 ____D C:\FRST
2014-01-04 00:26 - 2014-01-04 00:27 - 00031356 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-04 00:26 - 2014-01-04 00:27 - 00022829 _____ C:\Users\Sven\Desktop\Addition.txt
2014-01-04 00:25 - 2014-01-04 14:47 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64.exe
2014-01-04 00:24 - 2014-01-04 00:24 - 00000470 _____ C:\Users\Sven\Desktop\defogger_disable.log
2014-01-04 00:24 - 2014-01-04 00:24 - 00000000 _____ C:\Users\Sven\defogger_reenable
2014-01-04 00:23 - 2014-01-04 00:23 - 00050477 _____ C:\Users\Sven\Desktop\Defogger.exe
2014-01-03 22:51 - 2014-01-03 22:51 - 01233962 _____ C:\Users\Sven\Downloads\adwcleaner.exe
2014-01-03 22:45 - 2014-01-03 22:45 - 00000000 ____D C:\Users\Sven\AppData\Local\SCE
2014-01-03 22:44 - 2014-01-03 22:44 - 00001312 _____ C:\Users\Sven\Desktop\PlanetSide 2 PSG.lnk
2014-01-03 22:44 - 2014-01-03 22:44 - 00001312 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2014-01-03 22:43 - 2014-01-03 22:44 - 20095616 _____ C:\Users\Sven\Downloads\PS2_PSG_setup.exe
2014-01-02 21:27 - 2014-01-02 21:27 - 00354984 _____ C:\Windows\Minidump\010214-26176-01.dmp
2013-12-23 16:11 - 2014-01-03 22:58 - 00000000 ____D C:\AdwCleaner
2013-12-23 16:10 - 2013-12-23 16:10 - 01233962 _____ C:\Users\Sven\Desktop\adwcleaner.exe
2013-12-21 19:14 - 2013-12-22 10:33 - 00000000 ____D C:\Users\Sven\AppData\Local\Ubisoft Game Launcher
2013-12-21 19:13 - 2013-12-21 19:13 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-21 19:13 - 2013-12-21 19:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-18 19:31 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-18 19:31 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 12613920 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-14 22:17 - 2013-11-23 20:26 - 11566648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 11441664 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 09663656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-12-14 22:17 - 2013-11-23 20:26 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-12-14 11:28 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-14 11:28 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-14 11:28 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-14 11:28 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-14 11:27 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-14 11:27 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-14 11:27 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-14 11:27 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-14 11:27 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-14 11:27 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-14 11:27 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-14 11:27 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-14 11:27 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-14 11:27 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-14 11:27 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-14 11:27 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-14 11:27 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-14 11:27 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-14 11:27 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-14 11:27 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-14 11:27 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-14 11:27 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-14 11:27 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-14 11:27 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-14 11:27 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-14 11:27 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-14 11:27 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-14 11:27 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-14 11:27 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-14 11:27 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-14 11:27 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-14 11:27 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-14 11:27 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-14 11:27 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-14 11:27 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-14 11:24 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-14 11:24 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-14 11:24 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-14 11:24 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-14 11:24 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-14 11:24 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-14 11:24 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-14 11:24 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-14 11:24 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-14 11:24 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-14 11:24 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-14 11:24 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-14 11:24 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-14 11:24 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-14 11:24 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-14 11:24 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-14 11:24 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-14 11:24 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-14 11:24 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-01-04 18:43 - 2014-01-04 15:00 - 00013328 _____ C:\Users\Sven\Downloads\FRST.txt
2014-01-04 18:38 - 2013-09-26 18:28 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-04 18:38 - 2013-09-10 17:15 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 18:35 - 2013-09-10 13:42 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-04 18:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 18:35 - 2009-07-14 05:51 - 00053352 _____ C:\Windows\setupact.log
2014-01-04 18:34 - 2013-09-10 12:28 - 01894950 _____ C:\Windows\WindowsUpdate.log
2014-01-04 18:34 - 2010-11-21 04:47 - 00213352 _____ C:\Windows\PFRO.log
2014-01-04 18:33 - 2013-09-10 17:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 18:30 - 2013-09-10 19:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 15:27 - 2013-09-10 22:23 - 00699416 _____ C:\Windows\system32\perfh007.dat
2014-01-04 15:27 - 2013-09-10 22:23 - 00149556 _____ C:\Windows\system32\perfc007.dat
2014-01-04 15:27 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 15:21 - 2014-01-04 15:20 - 02347384 _____ (ESET) C:\Users\Sven\Downloads\esetsmartinstaller_enu.exe
2014-01-04 15:06 - 2009-07-14 05:45 - 00026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 15:06 - 2009-07-14 05:45 - 00026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 14:56 - 2014-01-04 00:26 - 00000000 ____D C:\FRST
2014-01-04 14:47 - 2014-01-04 00:25 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64.exe
2014-01-04 11:01 - 2013-09-11 09:44 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-04 02:05 - 2014-01-04 02:05 - 00026510 _____ C:\Users\Sven\Desktop\ComboFix.txt
2014-01-04 02:05 - 2014-01-04 01:58 - 00000000 ____D C:\Qoobox
2014-01-04 02:05 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-04 02:04 - 2014-01-04 01:58 - 00000000 ____D C:\Windows\erdnt
2014-01-04 02:04 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-04 01:57 - 2014-01-04 01:56 - 05160001 ____R (Swearware) C:\Users\Sven\Desktop\ComboFix.exe
2014-01-04 01:29 - 2014-01-04 01:29 - 00000000 ____D C:\Crash
2014-01-04 00:35 - 2014-01-04 00:35 - 00059957 _____ C:\Users\Sven\Desktop\gmerfile.log
2014-01-04 00:29 - 2014-01-04 00:29 - 00377856 _____ C:\Users\Sven\Downloads\gmer_2.1.19163.exe
2014-01-04 00:27 - 2014-01-04 00:26 - 00031356 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-04 00:27 - 2014-01-04 00:26 - 00022829 _____ C:\Users\Sven\Desktop\Addition.txt
2014-01-04 00:24 - 2014-01-04 00:24 - 00000470 _____ C:\Users\Sven\Desktop\defogger_disable.log
2014-01-04 00:24 - 2014-01-04 00:24 - 00000000 _____ C:\Users\Sven\defogger_reenable
2014-01-04 00:24 - 2013-09-10 12:34 - 00000000 ____D C:\Users\Sven
2014-01-04 00:23 - 2014-01-04 00:23 - 00050477 _____ C:\Users\Sven\Desktop\Defogger.exe
2014-01-03 22:58 - 2013-12-23 16:11 - 00000000 ____D C:\AdwCleaner
2014-01-03 22:51 - 2014-01-03 22:51 - 01233962 _____ C:\Users\Sven\Downloads\adwcleaner.exe
2014-01-03 22:45 - 2014-01-03 22:45 - 00000000 ____D C:\Users\Sven\AppData\Local\SCE
2014-01-03 22:44 - 2014-01-03 22:44 - 00001312 _____ C:\Users\Sven\Desktop\PlanetSide 2 PSG.lnk
2014-01-03 22:44 - 2014-01-03 22:44 - 00001312 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2014-01-03 22:44 - 2014-01-03 22:43 - 20095616 _____ C:\Users\Sven\Downloads\PS2_PSG_setup.exe
2014-01-02 21:57 - 2013-09-11 09:44 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-02 21:27 - 2014-01-02 21:27 - 00354984 _____ C:\Windows\Minidump\010214-26176-01.dmp
2014-01-02 21:27 - 2013-10-20 12:25 - 00000000 ____D C:\Windows\Minidump
2014-01-02 21:26 - 2013-11-20 19:47 - 734524269 _____ C:\Windows\MEMORY.DMP
2014-01-01 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-27 11:12 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 22:00 - 2013-09-10 17:13 - 00000000 ____D C:\Users\Sven\AppData\Roaming\TS3Client
2013-12-23 16:10 - 2013-12-23 16:10 - 01233962 _____ C:\Users\Sven\Desktop\adwcleaner.exe
2013-12-22 13:27 - 2013-09-10 23:51 - 00000000 ____D C:\Users\Sven\AppData\Local\ArmA 2 OA
2013-12-22 11:34 - 2013-12-04 12:16 - 00000000 ____D C:\Users\Sven\AppData\Roaming\NVIDIA
2013-12-22 10:33 - 2013-12-21 19:14 - 00000000 ____D C:\Users\Sven\AppData\Local\Ubisoft Game Launcher
2013-12-21 19:13 - 2013-12-21 19:13 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-21 19:13 - 2013-12-21 19:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-21 19:13 - 2013-09-11 09:44 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-21 19:13 - 2013-09-10 18:33 - 00184453 _____ C:\Windows\DirectX.log
2013-12-20 22:47 - 2013-09-12 20:19 - 00000000 ____D C:\Users\Sven\Documents\My Games
2013-12-20 17:34 - 2013-09-26 18:28 - 00620640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-12-20 17:34 - 2013-06-06 16:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2013-12-14 22:21 - 2013-09-10 13:41 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-14 17:26 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-14 17:22 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-14 11:57 - 2013-09-10 19:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-14 11:57 - 2013-09-10 19:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-14 11:57 - 2013-09-10 19:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-14 11:28 - 2013-09-10 17:15 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-14 11:27 - 2013-09-11 10:29 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 11:27 - 2013-09-10 17:15 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-14 11:25 - 2013-09-11 10:29 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 03:13 - 2013-10-29 20:17 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-12-10 03:13 - 2013-10-29 20:17 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-12-05 09:42 - 2013-12-18 19:31 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-05 09:42 - 2013-12-18 19:31 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-05 09:42 - 2013-10-22 09:34 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-01 18:17

==================== End Of Log ============================
--- --- ---

--- --- ---

Antwort

Themen zu 98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner
4d36e972-e325-11ce-bfc1-08002be10318, adobe, ausgelastet, auslastung, coinminer, computer, defender, desktop, ebanking, entfernen, flash player, google, installation, internet, klelam.sys, minidump, ntdll.dll, plug-in, problem, programm, realtek, registry, rundll, security, services.exe, software, stick, svchost.exe, temp, usb, windows, wlan


« ScrInject.B.Gen virus - Computer noch "verseucht"? | Windows XP (SP3): Probleme mit Advanced System Protector? »


Ähnliche Themen: 98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner


  1. Windows 7: svhost.exe hohe Auslastung
    Plagegeister aller Art und deren Bekämpfung - 02.10.2015 (7)
  2. hohe CPU-Auslastung durch svhost.exe(netsvcs)
    Plagegeister aller Art und deren Bekämpfung - 30.09.2015 (17)
  3. Arbeitsspeicher / CPU vom Laptop (Acer Aspire 5738G) im Leerlauf bei mind. 80% Auslastung
    Log-Analyse und Auswertung - 26.05.2015 (7)
  4. Svhost.exe /Backdoor.Agent + PUP.BitCoinMiner
    Plagegeister aller Art und deren Bekämpfung - 29.09.2014 (35)
  5. Virus(bitcoinminer) durch svhost.exe
    Plagegeister aller Art und deren Bekämpfung - 10.09.2014 (15)
  6. Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% Auslastung
    Log-Analyse und Auswertung - 26.06.2014 (8)
  7. Malwarebytes erkennt SpeedAnalysis.com als potenzielle Bedrohung
    Log-Analyse und Auswertung - 20.06.2014 (9)
  8. MalwareBytes erkennt 6 Dateien und ich weiß nicht ob sie falsch positiv sind.
    Log-Analyse und Auswertung - 12.05.2014 (21)
  9. CPU Auslastung im Leerlauf bei 100%
    Plagegeister aller Art und deren Bekämpfung - 10.01.2014 (13)
  10. CPU Auslastung im Leerlauf 100%
    Plagegeister aller Art und deren Bekämpfung - 20.11.2013 (17)
  11. SVHOST.exe 99% Cpu auslastung
    Alles rund um Windows - 16.11.2013 (1)
  12. Hohe CPU Auslastung im Leerlauf
    Alles rund um Windows - 25.10.2013 (6)
  13. CPU-Auslastung 100% trotz Leerlauf
    Log-Analyse und Auswertung - 30.04.2013 (19)
  14. Hohe CPU Auslastung im Leerlauf
    Log-Analyse und Auswertung - 23.11.2011 (12)
  15. Cpu Auslastung steigt beim spielen zwischen 80&100%! Im Leerlauf zwischen 10&40%.
    Log-Analyse und Auswertung - 16.11.2011 (1)
  16. CPU Auslastung zwichen 60-80% wobei Leerlauf auf 99% steht ?
    Alles rund um Windows - 07.04.2011 (40)
  17. SVHOST (nein nicht svChost!) svhost.exe nervt!
    Log-Analyse und Auswertung - 11.07.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner - Code: Alles auswählen Aufklappen ATTFilter ESETSmartInstaller@High as downloader log: all ok ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=b755a2347c3b15419d9364545cff283e # engine=16517 # - 98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner...
Archiv
Du betrachtest: 98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131