Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Ereignisprotokoll Au_.exe und vieles vieles mehr

Ereignisprotokoll Au_.exe und vieles vieles mehr


Plagegeister aller Art und deren Bekämpfung: Ereignisprotokoll Au_.exe und vieles vieles mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.02.2014, 05:22   #1
hehejo
 
Ereignisprotokoll Au_.exe und vieles vieles mehr - Standard

Ereignisprotokoll Au_.exe und vieles vieles mehr


Hallo,

ich habe mehrere "Baustellen" zum Einen wollte heute auf meinen PC "Daemon Tools Lite" deinstallieren, doch jedesmal beim deinstallieren kommt die Fehlermeldung "Daemon Tools" funktioniert nicht mehr. (auch bei mehrmaligen Neustart des PC`s

Daraufhin habe ich mal in die Ereignisprotokollen geschaut hier ein Auszug:


"Name der fehlerhaften Anwendung: Au_.exe, Version: 4.48.1.347, Zeitstempel: 0x4bc06cda
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xc20
Startzeit der fehlerhaften Anwendung: 0x01cf22207eb40ac1
Pfad der fehlerhaften Anwendung: C:\Users\XXX\AppData\Local\Temp\~nsu.tmp\Au_.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: be2bff36-8e13-11e3-9504-406186298329"



Die nächste "Baustelle" laut Ereignisprotokoll ist:

"Der Dienst "WCMVCAM" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden."



Dann noch dieser hier:

"Benutzerdefinierte DLLs werden für jede Anwendung geladen. Der Systemadministrator sollte die Liste der DLLs prüfen, um sicherzustellen, dass sie sich auf die vertrauenswürdigen Anwendungen beziehen."



Hier:

"Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest."

Ich hoffe das ist nicht soviel aufeinmal Ich war selber etwas überrascht.

Und danke aufjedenfall schonmal im Voraus




Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by XXX (administrator) on XXX-PC on 05-02-2014 04:32:24
Running from C:\Users\XXX\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Ellora Assets Corp.) G:\Tools\Freemake\CaptureLib\CaptureLibService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Razer Inc.) G:\Tools\Razer Game Booster\RzKLService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
() C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [4464936 2013-12-16] (O&O Software GmbH)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [DeathAdder] - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [248832 2012-01-14] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x07C3E9EA0EEACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtBzyzztAtBzytA0FtA0FtN0D0Tzu0SyBtDtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=610215439&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtBzyzztAtBzytA0FtA0FtN0D0Tzu0SyBtDtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=610215439&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: LavaFox V2 - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\info@djzig.com [2014-01-13]
FF Extension: exfm - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\jid0-IsXX48jx4obwoZPnzG6RQB0pK9A@jetpack [2013-11-25]
FF Extension: NetVideoHunter - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\netvideohunter@netvideohunter.com [2013-12-19]
FF Extension: WOT - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: HP Detect - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-12-02]
FF Extension: DownloadHelper - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-19]
FF Extension: 1ClickMovie Downloader - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\clickMvd@clickMvd.com.xpi [2013-11-25]
FF Extension: SaveFrom.net helper - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\helper@savefrom.net.xpi [2013-12-19]
FF Extension: Magic Actions for YouTube™ - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2013-11-25]
FF Extension: NASA Night Launch - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\nasanightlaunch@example.com.xpi [2013-11-25]
FF Extension: Noia Fox options - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2014-01-17]
FF Extension: Toggle Persona - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\togglepersona@davidvincent.tld.xpi [2013-11-25]
FF Extension: Stylish - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-11-25]
FF Extension: Youtube Downloader - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{599B9024-EBA6-4258-95C5-9133F8D73856}.xpi [2013-11-25]
FF Extension: Noia Fox - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2013-11-25]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2013-11-25]
FF Extension: Downloads Window - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2013-12-29]
FF Extension: Shine Bright Skin Aero - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2013-11-25]
FF Extension: Show my Password - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2013-12-29]
FF Extension: Adblock Plus - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-25]
FF Extension: Greasemonkey - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-11-25]

Chrome: 
=======
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Google Drive) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (YouTube) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Hide My Ass! Web Proxy) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2014-01-05]
CHR Extension: (Google Search) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (FastestFox for Chrome) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Google Wallet) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-06] ()
R2 FreemakeVideoCapture; G:\Tools\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-12-12] (Ellora Assets Corp.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1656616 2013-12-16] (O&O Software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-05] ()
R2 RzKLService; G:\Tools\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-01] (Duplex Secure Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-11-25] (Spotflux, Inc.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-05 04:32 - 2014-02-05 04:32 - 00017700 _____ () C:\Users\Horst\Desktop\FRST.txt
2014-02-05 04:31 - 2014-02-05 04:31 - 02080256 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2014-02-05 04:28 - 2014-02-05 04:28 - 00000160 _____ () C:\Users\Horst\defogger_reenable
2014-02-05 04:01 - 2014-02-05 04:29 - 00002030 _____ () C:\Windows\PFRO.log
2014-02-05 04:00 - 2014-02-05 04:00 - 00002497 _____ () C:\Users\Public\Desktop\O&O Defrag.lnk
2014-02-05 04:00 - 2014-02-05 04:00 - 00000000 ____D () C:\Program Files\OO Software
2014-02-05 03:44 - 2014-02-05 03:44 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-05 03:44 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-05 03:44 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-05 03:43 - 2014-02-05 03:43 - 00000000 ____D () C:\Users\Horst\AppData\Local\NVIDIA
2014-02-05 03:42 - 2013-12-19 21:33 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-02-05 03:42 - 2013-12-19 21:33 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-05 03:41 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-05 03:41 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-05 03:41 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-05 03:41 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-05 03:41 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-05 03:41 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-05 03:41 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-05 03:41 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-05 03:39 - 2014-02-05 03:39 - 00000000 ____D () C:\NVIDIA
2014-02-05 03:39 - 2013-12-19 19:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-05 03:39 - 2013-12-19 19:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-05 03:39 - 2013-12-19 19:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-02-05 03:39 - 2013-12-19 19:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-05 03:39 - 2013-12-19 19:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-05 03:39 - 2013-12-19 19:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-05 03:39 - 2013-12-19 06:01 - 03539040 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-05 03:38 - 2014-02-05 04:29 - 00001355 _____ () C:\Windows\setupact.log
2014-02-05 03:38 - 2014-02-05 03:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-05 03:32 - 2014-02-05 04:10 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-05 03:31 - 2014-02-05 04:32 - 00066507 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 03:23 - 2014-02-05 03:23 - 00003544 ____N () C:\bootsqm.dat
2014-02-05 02:42 - 2014-02-05 02:42 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-05 02:42 - 2014-02-05 02:42 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-05 02:21 - 2014-02-05 02:21 - 00000751 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-04 21:58 - 2014-02-04 21:58 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\www.shadowexplorer.com
2014-02-03 16:25 - 2014-02-03 16:48 - 00000000 ____D () C:\Users\Horst\AppData\Local\Battle.net
2014-02-03 16:25 - 2014-02-03 16:25 - 00001150 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Battle.net
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Local\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-03 16:21 - 2014-02-03 16:21 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-03 01:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-03 01:44 - 2014-02-03 01:45 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-01 18:16 - 2014-02-01 18:16 - 00000000 ____D () C:\Users\Horst\AppData\Local\EdgeOfReality
2014-02-01 17:48 - 2014-02-01 17:51 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Awesomium
2014-01-29 20:34 - 2014-01-29 20:34 - 00000209 _____ () C:\Users\Horst\Desktop\Rust.url
2014-01-28 23:20 - 2014-01-28 23:25 - 00000000 ____D () C:\Users\Horst\Desktop\Active-File-Recovery-Professional-12.0.3
2014-01-28 20:26 - 2014-01-28 23:23 - 00000000 ____D () C:\Program Files\LSoft Technologies
2014-01-26 23:56 - 2014-01-26 23:56 - 00000000 ____D () C:\Users\Horst\AppData\Local\O&O
2014-01-26 23:55 - 2014-01-26 23:57 - 00000000 ____D () C:\Windows\system32\oodag
2014-01-26 23:55 - 2014-01-26 23:55 - 00000000 ____D () C:\ProgramData\OO Software
2014-01-26 19:20 - 2014-02-05 03:23 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-26 19:20 - 2014-02-05 02:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-01-26 19:06 - 2014-02-05 03:06 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f.job
2014-01-26 19:06 - 2014-02-05 02:00 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1.job
2014-01-26 19:06 - 2014-01-26 19:06 - 00003588 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1
2014-01-26 19:06 - 2014-01-26 19:06 - 00003514 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f
2014-01-26 19:06 - 2014-01-26 19:06 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\SUPERAntiSpyware.com
2014-01-26 19:05 - 2014-01-26 23:49 - 00001965 _____ () C:\Users\Horst\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-26 19:05 - 2014-01-26 19:06 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-01-26 19:05 - 2014-01-26 19:06 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-01-26 19:05 - 2014-01-26 19:05 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-01-25 01:57 - 2014-01-25 02:04 - 00000000 ____D () C:\Users\Horst\AppData\Local\ManyCam
2014-01-25 01:57 - 2014-01-25 01:57 - 00001019 _____ () C:\Users\Public\Desktop\ManyCam.lnk
2014-01-25 01:47 - 2014-01-08 04:36 - 01037068 _____ (Thisisu) C:\Users\Horst\Desktop\JRT_NEW.exe
2014-01-25 01:38 - 2014-01-25 01:38 - 00000000 _____ () C:\autoexec.bat
2014-01-25 01:37 - 2014-01-25 01:41 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-25 01:37 - 2014-01-25 01:37 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-25 01:19 - 2014-01-25 02:04 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\ManyCam
2014-01-25 01:19 - 2014-01-25 01:57 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-01-25 01:07 - 2014-01-25 01:08 - 00000000 ____D () C:\ProgramData\webcam 7
2014-01-25 01:02 - 2013-04-24 09:45 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-01-25 01:02 - 2013-04-24 09:45 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-01-25 01:02 - 2013-04-24 09:45 - 00080896 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-01-25 01:02 - 2013-04-24 09:45 - 00000590 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-01-25 00:54 - 2014-02-03 15:37 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-01-25 00:54 - 2014-01-25 00:54 - 00000939 _____ () C:\Users\Horst\Desktop\Open Broadcaster Software.lnk
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\OBS
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Program Files\OBS
2014-01-25 00:50 - 2014-01-25 00:50 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\WebcamMax
2014-01-25 00:39 - 2014-01-25 00:39 - 00000000 ____D () C:\Program Files (x86)\IPCameraDSFilter
2014-01-24 21:56 - 2014-01-24 23:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-18 02:09 - 2014-02-05 03:31 - 00000000 ____D () C:\Windows\Minidump
2014-01-17 20:51 - 2014-01-17 20:51 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-16 16:21 - 2014-01-16 16:21 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\PDF Architect
2014-01-15 10:34 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 10:34 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 18:37 - 2014-01-12 18:37 - 00355840 _____ () C:\Windows\SysWOW64\LiveWrapRTSP.dll
2014-01-08 02:03 - 2014-01-08 02:03 - 00000000 ____D () C:\Users\Horst\VirtualBox VMs
2014-01-08 02:02 - 2014-01-08 05:47 - 00000000 ____D () C:\Users\Horst\.VirtualBox
2014-01-08 02:01 - 2013-12-18 17:19 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-01-08 02:00 - 2013-12-18 17:16 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-01-08 00:53 - 2014-01-25 01:41 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-07 14:54 - 2014-01-07 14:54 - 00000000 ____D () C:\Users\Horst\AppData\Local\IsolatedStorage
2014-01-07 14:52 - 2014-01-07 15:17 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Apple Computer
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple Computer
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-07 14:51 - 2014-01-25 01:11 - 00000000 ____D () C:\ProgramData\Apple
2014-01-07 14:51 - 2014-01-07 14:51 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple

==================== One Month Modified Files and Folders =======

2014-02-05 04:32 - 2014-02-05 04:32 - 00017700 _____ () C:\Users\Horst\Desktop\FRST.txt
2014-02-05 04:32 - 2014-02-05 03:31 - 00066507 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 04:32 - 2013-12-29 12:09 - 00000000 ____D () C:\FRST
2014-02-05 04:32 - 2013-12-05 22:21 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 04:32 - 2013-11-26 03:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 04:31 - 2014-02-05 04:31 - 02080256 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2014-02-05 04:29 - 2014-02-05 04:01 - 00002030 _____ () C:\Windows\PFRO.log
2014-02-05 04:29 - 2014-02-05 03:38 - 00001355 _____ () C:\Windows\setupact.log
2014-02-05 04:29 - 2013-12-15 04:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-05 04:29 - 2013-12-05 22:21 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-05 04:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 04:28 - 2014-02-05 04:28 - 00000160 _____ () C:\Users\Horst\defogger_reenable
2014-02-05 04:28 - 2013-12-19 23:08 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-05 04:28 - 2013-11-25 19:40 - 00000000 ____D () C:\Users\Horst
2014-02-05 04:12 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 04:12 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 04:10 - 2014-02-05 03:32 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-05 04:10 - 2013-11-26 01:11 - 00007630 _____ () C:\Users\Horst\AppData\Local\Resmon.ResmonCfg
2014-02-05 04:10 - 2009-07-14 18:58 - 00699376 _____ () C:\Windows\system32\perfh007.dat
2014-02-05 04:10 - 2009-07-14 18:58 - 00149552 _____ () C:\Windows\system32\perfc007.dat
2014-02-05 04:10 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-05 04:00 - 2014-02-05 04:00 - 00002497 _____ () C:\Users\Public\Desktop\O&O Defrag.lnk
2014-02-05 04:00 - 2014-02-05 04:00 - 00000000 ____D () C:\Program Files\OO Software
2014-02-05 03:55 - 2013-12-05 06:01 - 00000000 ____D () C:\Program Files (x86)\Gomez
2014-02-05 03:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-05 03:44 - 2014-02-05 03:44 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-05 03:44 - 2013-11-25 20:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-05 03:44 - 2013-11-25 20:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-05 03:44 - 2013-11-25 20:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-05 03:43 - 2014-02-05 03:43 - 00000000 ____D () C:\Users\Horst\AppData\Local\NVIDIA
2014-02-05 03:39 - 2014-02-05 03:39 - 00000000 ____D () C:\NVIDIA
2014-02-05 03:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-05 03:38 - 2014-02-05 03:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-05 03:31 - 2014-01-18 02:09 - 00000000 ____D () C:\Windows\Minidump
2014-02-05 03:31 - 2013-12-01 19:12 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\DAEMON Tools Lite
2014-02-05 03:29 - 2013-12-31 23:56 - 00000000 ____D () C:\AdwCleaner
2014-02-05 03:23 - 2014-02-05 03:23 - 00003544 ____N () C:\bootsqm.dat
2014-02-05 03:23 - 2014-01-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-05 03:06 - 2014-01-26 19:06 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f.job
2014-02-05 03:01 - 2013-12-04 21:40 - 00000000 ____D () C:\Users\Horst\AppData\Local\NVIDIA Corporation
2014-02-05 03:00 - 2013-11-30 18:53 - 00000000 ____D () C:\Program Files (x86)\Thread Manager
2014-02-05 02:42 - 2014-02-05 02:42 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-05 02:42 - 2014-02-05 02:42 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-05 02:42 - 2014-01-26 19:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-05 02:22 - 2013-12-05 05:40 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\vlc
2014-02-05 02:21 - 2014-02-05 02:21 - 00000751 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-05 02:00 - 2014-01-26 19:06 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1.job
2014-02-04 21:58 - 2014-02-04 21:58 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\www.shadowexplorer.com
2014-02-04 21:51 - 2013-11-26 19:40 - 00000000 ____D () C:\Users\Horst\AppData\Local\PMB Files
2014-02-04 20:53 - 2013-11-26 19:40 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-03 20:14 - 2013-12-16 21:50 - 00000000 ____D () C:\Users\Horst\AppData\Local\DayZ
2014-02-03 16:48 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Local\Battle.net
2014-02-03 16:25 - 2014-02-03 16:25 - 00001150 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Battle.net
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Local\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-03 16:21 - 2014-02-03 16:21 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-03 15:37 - 2014-01-25 00:54 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-02-03 01:45 - 2014-02-03 01:44 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 01:45 - 2013-11-29 21:08 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-03 01:45 - 2013-11-29 21:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-01 18:16 - 2014-02-01 18:16 - 00000000 ____D () C:\Users\Horst\AppData\Local\EdgeOfReality
2014-02-01 17:51 - 2014-02-01 17:48 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Awesomium
2014-01-31 21:01 - 2013-12-18 23:52 - 00010520 _____ () C:\Users\Horst\Desktop\Neues Textdokument.txt
2014-01-29 20:34 - 2014-01-29 20:34 - 00000209 _____ () C:\Users\Horst\Desktop\Rust.url
2014-01-29 20:00 - 2013-12-01 19:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-28 23:25 - 2014-01-28 23:20 - 00000000 ____D () C:\Users\Horst\Desktop\Active-File-Recovery-Professional-12.0.3
2014-01-28 23:23 - 2014-01-28 20:26 - 00000000 ____D () C:\Program Files\LSoft Technologies
2014-01-28 23:01 - 2013-11-30 10:47 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apps\2.0
2014-01-28 20:20 - 2013-12-01 19:47 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\TeamViewer
2014-01-26 23:57 - 2014-01-26 23:55 - 00000000 ____D () C:\Windows\system32\oodag
2014-01-26 23:56 - 2014-01-26 23:56 - 00000000 ____D () C:\Users\Horst\AppData\Local\O&O
2014-01-26 23:55 - 2014-01-26 23:55 - 00000000 ____D () C:\ProgramData\OO Software
2014-01-26 23:49 - 2014-01-26 19:05 - 00001965 _____ () C:\Users\Horst\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-26 19:06 - 2014-01-26 19:06 - 00003588 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1
2014-01-26 19:06 - 2014-01-26 19:06 - 00003514 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f
2014-01-26 19:06 - 2014-01-26 19:06 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\SUPERAntiSpyware.com
2014-01-26 19:06 - 2014-01-26 19:05 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-01-26 19:06 - 2014-01-26 19:05 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-01-26 19:05 - 2014-01-26 19:05 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-01-25 02:04 - 2014-01-25 01:57 - 00000000 ____D () C:\Users\Horst\AppData\Local\ManyCam
2014-01-25 02:04 - 2014-01-25 01:19 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\ManyCam
2014-01-25 01:57 - 2014-01-25 01:57 - 00001019 _____ () C:\Users\Public\Desktop\ManyCam.lnk
2014-01-25 01:57 - 2014-01-25 01:19 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-01-25 01:53 - 2014-01-02 13:35 - 00987425 _____ () C:\Users\Horst\Desktop\SecurityCheck.exe
2014-01-25 01:52 - 2013-11-26 03:16 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Notepad++
2014-01-25 01:41 - 2014-01-25 01:37 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-25 01:41 - 2014-01-08 00:53 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-25 01:38 - 2014-01-25 01:38 - 00000000 _____ () C:\autoexec.bat
2014-01-25 01:37 - 2014-01-25 01:37 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-25 01:11 - 2014-01-07 14:51 - 00000000 ____D () C:\ProgramData\Apple
2014-01-25 01:08 - 2014-01-25 01:07 - 00000000 ____D () C:\ProgramData\webcam 7
2014-01-25 00:54 - 2014-01-25 00:54 - 00000939 _____ () C:\Users\Horst\Desktop\Open Broadcaster Software.lnk
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\OBS
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Program Files\OBS
2014-01-25 00:50 - 2014-01-25 00:50 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\WebcamMax
2014-01-25 00:39 - 2014-01-25 00:39 - 00000000 ____D () C:\Program Files (x86)\IPCameraDSFilter
2014-01-24 23:57 - 2014-01-24 21:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-22 20:41 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-01-19 08:33 - 2013-11-25 19:59 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 20:51 - 2014-01-17 20:51 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-17 20:51 - 2013-11-26 03:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-17 20:51 - 2013-11-26 03:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-17 20:51 - 2013-11-26 03:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 20:51 - 2013-11-26 00:46 - 00000000 ____D () C:\Users\Horst\AppData\Local\Adobe
2014-01-16 16:21 - 2014-01-16 16:21 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\PDF Architect
2014-01-15 18:26 - 2009-07-14 05:45 - 00422032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 14:55 - 2013-11-25 20:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 14:54 - 2013-11-25 20:08 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-12 18:37 - 2014-01-12 18:37 - 00355840 _____ () C:\Windows\SysWOW64\LiveWrapRTSP.dll
2014-01-09 23:58 - 2013-11-26 00:54 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-08 05:47 - 2014-01-08 02:02 - 00000000 ____D () C:\Users\Horst\.VirtualBox
2014-01-08 05:27 - 2013-12-14 03:04 - 00000665 _____ () C:\Users\Horst\Desktop\FurMark.lnk
2014-01-08 04:36 - 2014-01-25 01:47 - 01037068 _____ (Thisisu) C:\Users\Horst\Desktop\JRT_NEW.exe
2014-01-08 02:03 - 2014-01-08 02:03 - 00000000 ____D () C:\Users\Horst\VirtualBox VMs
2014-01-07 15:17 - 2014-01-07 14:52 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Apple Computer
2014-01-07 14:54 - 2014-01-07 14:54 - 00000000 ____D () C:\Users\Horst\AppData\Local\IsolatedStorage
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple Computer
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-07 14:51 - 2014-01-07 14:51 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 02:33

==================== End Of Log ============================


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by XXXX at 2014-02-05 04:32:46
Running from C:\Users\XXX\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Active@ File Recovery Professional 12 (Version: 12 - LSoft Technologies Inc)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Auslogics DiskDefrag (x32 Version: 4.3.1.0 - Auslogics Labs Pty Ltd)
Battle.net (x32 Version:  - Blizzard Entertainment)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
CCleaner (Version: 4.08 - Piriform)
ControlCenter (x32 Version: 1.0.230 - MSI)
Counter-Strike: Global Offensive (x32 Version:  - Valve)
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
DayZ (x32 Version:  - Bohemia Interactive)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version:  - Microsoft)
Emsisoft Anti-Malware (x32 Version: 8.1 - Emsisoft GmbH)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Freemake Video Downloader (x32 Version: 3.6.2 - Ellora Assets Corporation)
Geeks3D FurMark 1.12.0 (x32 Version:  - Geeks3D)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP IDF Software (x32 Version: 11.15.1000 - Hewlett-Packard Company)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
JMicron JMB36X Driver (x32 Version: 1.00.0000 - JMicron Technology Corp.)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (x32 Version:  - Valve)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
ManyCam 4.0.44 (x32 Version: 4.0.44 - Visicom Media Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (x32 Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (x32 Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
O&O Defrag Professional (Version: 17.0.490 - O&O Software GmbH)
Open Broadcaster Software (x32 Version:  - )
Origin (x32 Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
PDFCreator (x32 Version: 1.7.2 - pdfforge)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Razer DeathAdder(TM) Mouse (x32 Version: 3.05 - Razer USA Ltd.)
Razer Game Booster (x32 Version: 4.0.68.0 - Razer Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Rust (x32 Version:  - Facepunch Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKCU Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version:  - Microsoft)
VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN)
WinZip 16.0 (Version: 16.0.9715 - WinZip Computing, S.L. )

==================== Restore Points  =========================

05-02-2014 02:44:08 DirectX wurde installiert
05-02-2014 03:00:19 O&O Defrag Professional wird installiert

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-12-30 12:32 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {16CB78DE-6DA7-4479-A289-2739139171D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
Task: {23E74F71-CC0C-44F1-9676-A8C6B525F39D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17] (Adobe Systems Incorporated)
Task: {590011D2-72BF-4E09-9B36-5472889BC2AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
Task: {5E52BF8D-CA4F-40A4-B776-2594381DA973} - System32\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {6E6A0025-0633-47BA-9F4C-1A450E2E4A89} - System32\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {79763122-348E-4D88-9092-41213C76335B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-12-20 15:11 - 2013-12-20 15:11 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-09 12:57 - 2013-12-12 23:19 - 00142848 _____ () E:\Spiele\Steam\libavresample-1.dll
2014-01-09 12:57 - 2013-11-05 02:12 - 00890592 _____ () E:\Spiele\Steam\libavutil-52.dll
2013-10-24 09:45 - 2014-01-11 00:33 - 00717312 _____ () E:\Spiele\Steam\SDL2.dll
2013-10-30 11:25 - 2014-01-27 20:02 - 01138088 _____ () E:\Spiele\Steam\bin\chromehtml.DLL
2013-10-23 12:07 - 2014-01-11 00:33 - 20625832 _____ () E:\Spiele\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 01100800 _____ () E:\Spiele\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00124416 _____ () E:\Spiele\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00192000 _____ () E:\Spiele\Steam\bin\avformat-53.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:07BB519E
AlternateDataStreams: C:\ProgramData\Temp:9E00596C
AlternateDataStreams: C:\ProgramData\Temp:E744A7DC

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2014 04:15:20 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Au_.exe, Version: 4.48.1.347, Zeitstempel: 0x4bc06cda
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xc20
Startzeit der fehlerhaften Anwendung: 0xAu_.exe0
Pfad der fehlerhaften Anwendung: Au_.exe1
Pfad des fehlerhaften Moduls: Au_.exe2
Berichtskennung: Au_.exe3

Error: (02/05/2014 04:14:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Au_.exe, Version: 4.48.1.347, Zeitstempel: 0x4bc06cda
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x33c
Startzeit der fehlerhaften Anwendung: 0xAu_.exe0
Pfad der fehlerhaften Anwendung: Au_.exe1
Pfad des fehlerhaften Moduls: Au_.exe2
Berichtskennung: Au_.exe3

Error: (02/05/2014 04:05:49 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DTLite.exe, Version: 4.48.1.347, Zeitstempel: 0x526e206a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xb8c
Startzeit der fehlerhaften Anwendung: 0xDTLite.exe0
Pfad der fehlerhaften Anwendung: DTLite.exe1
Pfad des fehlerhaften Moduls: DTLite.exe2
Berichtskennung: DTLite.exe3

Error: (02/05/2014 04:01:46 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DTLite.exe, Version: 4.48.1.347, Zeitstempel: 0x526e206a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0xDTLite.exe0
Pfad der fehlerhaften Anwendung: DTLite.exe1
Pfad des fehlerhaften Moduls: DTLite.exe2
Berichtskennung: DTLite.exe3

Error: (02/05/2014 04:00:38 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance(CLSID_VSSCoordinator)" ist ein unerwarteter Fehler aufgetreten. hr = 0x800401f0, CoInitialize wurde nicht aufgerufen.
.

Error: (02/05/2014 04:00:38 AM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "Coordinator" kann nicht gestartet werden. [0x800401f0, CoInitialize wurde nicht aufgerufen.
]

Error: (02/05/2014 04:00:35 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance(CLSID_VSSCoordinator)" ist ein unerwarteter Fehler aufgetreten. hr = 0x800401f0, CoInitialize wurde nicht aufgerufen.
.

Error: (02/05/2014 04:00:35 AM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "Coordinator" kann nicht gestartet werden. [0x800401f0, CoInitialize wurde nicht aufgerufen.
]

Error: (02/05/2014 03:59:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Au_.exe, Version: 4.48.1.347, Zeitstempel: 0x4bc06cda
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x11e4
Startzeit der fehlerhaften Anwendung: 0xAu_.exe0
Pfad der fehlerhaften Anwendung: Au_.exe1
Pfad des fehlerhaften Moduls: Au_.exe2
Berichtskennung: Au_.exe3

Error: (02/05/2014 03:57:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/05/2014 04:29:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WCMVCAM" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (02/05/2014 04:05:46 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WCMVCAM" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (02/05/2014 04:01:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WCMVCAM" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (02/05/2014 03:45:22 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WebcamMax, WDM Video Capture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (02/05/2014 03:42:05 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (02/05/2014 03:39:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WebcamMax, WDM Video Capture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (02/05/2014 03:30:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WebcamMax, WDM Video Capture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (02/05/2014 03:23:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WebcamMax, WDM Video Capture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (02/05/2014 03:01:47 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NvNetworkService erreicht.

Error: (02/04/2014 01:48:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (02/05/2014 04:15:20 AM) (Source: Application Error)(User: )
Description: Au_.exe4.48.1.3474bc06cdaKERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41fc2001cf22207eb40ac1C:\Users\Horst\AppData\Local\Temp\~nsu.tmp\Au_.exeC:\Windows\syswow64\KERNELBASE.dllbe2bff36-8e13-11e3-9504-406186298329

Error: (02/05/2014 04:14:55 AM) (Source: Application Error)(User: )
Description: Au_.exe4.48.1.3474bc06cdaKERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f33c01cf22206eb483c8C:\Users\Horst\AppData\Local\Temp\~nsu.tmp\Au_.exeC:\Windows\syswow64\KERNELBASE.dllaf3bd51d-8e13-11e3-9504-406186298329

Error: (02/05/2014 04:05:49 AM) (Source: Application Error)(User: )
Description: DTLite.exe4.48.1.347526e206aKERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41fb8c01cf221f29e75b43G:\Tools\DAEMON Tools Lite\DTLite.exeC:\Windows\syswow64\KERNELBASE.dll69dd3afb-8e12-11e3-9504-406186298329

Error: (02/05/2014 04:01:46 AM) (Source: Application Error)(User: )
Description: DTLite.exe4.48.1.347526e206aKERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41fad401cf221e970415bcG:\Tools\DAEMON Tools Lite\DTLite.exeC:\Windows\syswow64\KERNELBASE.dlld8fbe081-8e11-11e3-957f-406186298329

Error: (02/05/2014 04:00:38 AM) (Source: VSS)(User: )
Description: CoCreateInstance(CLSID_VSSCoordinator)0x800401f0, CoInitialize wurde nicht aufgerufen.

Error: (02/05/2014 04:00:38 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x800401f0, CoInitialize wurde nicht aufgerufen.

Error: (02/05/2014 04:00:35 AM) (Source: VSS)(User: )
Description: CoCreateInstance(CLSID_VSSCoordinator)0x800401f0, CoInitialize wurde nicht aufgerufen.

Error: (02/05/2014 04:00:35 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x800401f0, CoInitialize wurde nicht aufgerufen.

Error: (02/05/2014 03:59:03 AM) (Source: Application Error)(User: )
Description: Au_.exe4.48.1.3474bc06cdaKERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f11e401cf221e36a309a4C:\Users\Horst\AppData\Local\Temp\~nsu.tmp\Au_.exeC:\Windows\syswow64\KERNELBASE.dll77caa729-8e11-11e3-8728-406186298329

Error: (02/05/2014 03:57:58 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestG:\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-12-30 12:31:00.942
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-30 12:31:00.873
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 8183.11 MB
Available physical RAM: 5473.75 MB
Total Pagefile: 16364.41 MB
Available Pagefile: 13540.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.53 GB) (Free:17.36 GB) NTFS
Drive e: () (Fixed) (Total:533.48 GB) (Free:470.5 GB) NTFS
Drive f: () (Fixed) (Total:298.03 GB) (Free:297.93 GB) NTFS
Drive g: () (Fixed) (Total:100 GB) (Free:97.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0EF270DC)
Partition 1: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=533 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: B4F32661)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.05.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Horst :: HORST-PC [Administrator]

05.02.2014 05:16:49
mbam-log-2014-02-05 (05-16-49).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 211628
Laufzeit: 2 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Alt 05.02.2014, 07:25   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Ereignisprotokoll Au_.exe und vieles vieles mehr - Standard

Ereignisprotokoll Au_.exe und vieles vieles mehr


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________
Alt 05.02.2014, 11:23   #3
hehejo
 
Ereignisprotokoll Au_.exe und vieles vieles mehr - Standard

Ereignisprotokoll Au_.exe und vieles vieles mehr


Code:
ATTFilter
ComboFix 14-02-05.02 - Horst 05.02.2014  11:12:45.2.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1031.18.8183.6141 [GMT 1:00]
Running from: c:\users\Horst\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\202621273b5f292b_c
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-05 to 2014-02-05  )))))))))))))))))))))))))))))))
.
.
2014-02-05 10:15 . 2014-02-05 10:15	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-02-05 10:15 . 2014-02-05 10:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-02-05 05:34 . 2014-02-05 05:34	--------	d-----w-	c:\users\Horst\AppData\Local\Blizzard
2014-02-05 05:08 . 2014-01-15 22:35	599840	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-02-05 05:07 . 2014-01-15 21:53	6712608	----a-w-	c:\windows\system32\nvcpl.dll
2014-02-05 05:07 . 2014-01-15 21:53	3498272	----a-w-	c:\windows\system32\nvsvc64.dll
2014-02-05 05:07 . 2014-01-15 21:53	923936	----a-w-	c:\windows\system32\nvvsvc.exe
2014-02-05 05:07 . 2014-01-15 21:53	63776	----a-w-	c:\windows\system32\nvshext.dll
2014-02-05 05:07 . 2014-01-15 21:53	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-02-05 05:07 . 2014-01-15 21:53	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2014-02-05 05:07 . 2014-01-13 22:31	3559557	----a-w-	c:\windows\system32\nvcoproc.bin
2014-02-05 05:07 . 2014-01-15 23:13	61216	----a-w-	c:\windows\system32\OpenCL.dll
2014-02-05 05:07 . 2014-01-15 23:13	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-02-05 04:38 . 2014-02-05 04:39	--------	d-----w-	c:\program files\HitmanPro
2014-02-05 04:38 . 2014-02-05 04:40	--------	d-----w-	c:\programdata\HitmanPro
2014-02-05 03:57 . 2013-12-03 18:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F56972E2-FD05-4824-9D77-2477133F0CB0}\mpengine.dll
2014-02-05 03:00 . 2014-02-05 03:00	--------	d-----w-	c:\program files\OO Software
2014-02-05 02:44 . 2013-12-10 02:15	982232	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-02-05 02:44 . 2013-12-10 02:14	1100248	----a-w-	c:\windows\system32\nvspcap64.dll
2014-02-05 02:43 . 2014-02-05 04:54	--------	d-----w-	c:\users\Horst\AppData\Local\NVIDIA
2014-02-05 02:41 . 2013-12-05 08:42	39200	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-02-05 02:41 . 2013-12-05 08:42	35104	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-02-05 02:41 . 2013-12-05 08:42	32544	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-02-05 02:39 . 2014-02-05 02:39	--------	d-----w-	C:\NVIDIA
2014-02-04 20:58 . 2014-02-04 20:58	--------	d-----w-	c:\users\Horst\AppData\Roaming\www.shadowexplorer.com
2014-02-04 11:57 . 2013-12-03 18:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-03 15:25 . 2014-02-03 15:25	--------	d-----w-	c:\users\Horst\AppData\Local\Blizzard Entertainment
2014-02-03 15:25 . 2014-02-05 10:10	--------	d-----w-	c:\users\Horst\AppData\Local\Battle.net
2014-02-03 15:25 . 2014-02-05 05:30	--------	d-----w-	c:\users\Horst\AppData\Roaming\Battle.net
2014-02-03 15:25 . 2014-02-05 05:31	--------	d-----w-	c:\program files (x86)\Common Files\Blizzard Entertainment
2014-02-03 15:25 . 2014-02-03 15:25	--------	d-----w-	c:\program files (x86)\Battle.net
2014-02-03 15:25 . 2014-02-03 15:25	--------	d-----w-	c:\programdata\Blizzard Entertainment
2014-02-03 15:21 . 2014-02-03 15:21	--------	d-----w-	c:\programdata\Battle.net
2014-02-03 00:47 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-02-01 17:16 . 2014-02-01 17:16	--------	d-----w-	c:\users\Horst\AppData\Local\EdgeOfReality
2014-02-01 16:48 . 2014-02-01 16:51	--------	d-----w-	c:\users\Horst\AppData\Roaming\Awesomium
2014-01-28 19:26 . 2014-01-28 22:23	--------	d-----w-	c:\program files\LSoft Technologies
2014-01-26 22:56 . 2014-01-26 22:56	--------	d-----w-	c:\users\Horst\AppData\Local\O&O
2014-01-26 22:55 . 2014-01-26 22:57	--------	d-----w-	c:\windows\system32\oodag
2014-01-26 22:55 . 2014-01-26 22:55	--------	d-----w-	c:\programdata\OO Software
2014-01-26 18:20 . 2014-02-05 01:42	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2014-01-26 18:20 . 2014-02-05 02:23	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2014-01-26 18:06 . 2014-01-26 18:06	--------	d-----w-	c:\users\Horst\AppData\Roaming\SUPERAntiSpyware.com
2014-01-26 18:05 . 2014-01-26 18:06	--------	d-----w-	c:\program files\SUPERAntiSpyware
2014-01-26 18:05 . 2014-01-26 18:05	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2014-01-25 00:57 . 2014-01-25 01:04	--------	d-----w-	c:\users\Horst\AppData\Local\ManyCam
2014-01-25 00:37 . 2014-01-25 00:37	--------	d-----w-	c:\program files\Enigma Software Group
2014-01-25 00:37 . 2014-01-25 00:41	--------	d-----w-	c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-25 00:37 . 2014-01-25 00:37	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-25 00:23 . 2013-12-20 15:21	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-25 00:23 . 2013-12-20 15:21	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9492548F-E2C9-47B0-A797-2719741C2271}\gapaengine.dll
2014-01-25 00:19 . 2014-01-25 01:04	--------	d-----w-	c:\users\Horst\AppData\Roaming\ManyCam
2014-01-25 00:19 . 2014-01-25 00:57	--------	d-----w-	c:\program files (x86)\ManyCam
2014-01-25 00:07 . 2014-01-25 00:08	--------	d-----w-	c:\programdata\webcam 7
2014-01-25 00:02 . 2013-04-24 08:45	810496	----a-w-	c:\windows\SysWow64\xvidcore.dll
2014-01-25 00:02 . 2013-04-24 08:45	80896	----a-w-	c:\windows\SysWow64\ff_vfw.dll
2014-01-25 00:02 . 2013-04-24 08:45	183808	----a-w-	c:\windows\SysWow64\xvidvfw.dll
2014-01-24 23:54 . 2014-01-24 23:54	--------	d-----w-	c:\users\Horst\AppData\Roaming\OBS
2014-01-24 23:54 . 2014-01-24 23:54	--------	d-----w-	c:\program files\OBS
2014-01-24 23:54 . 2014-02-03 14:37	--------	d-----w-	c:\program files (x86)\OBS
2014-01-24 23:50 . 2014-01-24 23:50	--------	d-----w-	c:\users\Horst\AppData\Roaming\WebcamMax
2014-01-24 23:39 . 2014-01-24 23:39	--------	d-----w-	c:\program files (x86)\IPCameraDSFilter
2014-01-24 20:56 . 2014-01-24 22:57	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-17 19:51 . 2014-01-17 19:51	--------	d-----w-	c:\programdata\McAfee
2014-01-16 15:22 . 2014-01-16 15:22	--------	d-----w-	c:\program files (x86)\Common Files\PDF Architect
2014-01-16 15:21 . 2014-01-16 15:21	--------	d-----w-	c:\users\Horst\AppData\Roaming\PDF Architect
2014-01-15 09:34 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 09:34 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 09:34 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 09:34 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 09:34 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 09:34 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 09:34 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 09:34 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-12 17:37 . 2014-01-12 17:37	355840	----a-w-	c:\windows\SysWow64\LiveWrapRTSP.dll
2014-01-08 01:03 . 2014-01-08 01:03	--------	d-----w-	c:\users\Horst\VirtualBox VMs
2014-01-08 01:02 . 2014-01-08 04:47	--------	d-----w-	c:\users\Horst\.VirtualBox
2014-01-08 01:01 . 2013-12-18 16:19	252688	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2014-01-08 01:00 . 2013-12-18 16:16	126736	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2014-01-07 23:53 . 2014-01-25 00:41	--------	d-----w-	c:\windows\system32\appmgmt
2014-01-07 13:54 . 2014-01-07 13:54	--------	d-----w-	c:\users\Horst\AppData\Local\IsolatedStorage
2014-01-07 13:52 . 2014-01-07 14:17	--------	d-----w-	c:\users\Horst\AppData\Roaming\Apple Computer
2014-01-07 13:52 . 2014-01-07 13:52	--------	d-----w-	c:\users\Horst\AppData\Local\Apple Computer
2014-01-07 13:52 . 2014-01-24 22:57	--------	dc----w-	c:\windows\system32\DRVSTORE
2014-01-07 13:52 . 2014-01-07 13:52	--------	d-----w-	c:\programdata\Apple Computer
2014-01-07 13:51 . 2014-01-07 13:51	--------	d-----w-	c:\users\Horst\AppData\Local\Apple
2014-01-07 13:51 . 2014-01-25 00:11	--------	d-----w-	c:\programdata\Apple
2014-01-06 10:36 . 2014-01-06 10:36	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2013-11-25 18:59	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-17 19:51 . 2013-11-26 02:05	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-17 19:51 . 2013-11-26 02:05	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 13:54 . 2013-11-25 19:08	86054176	----a-w-	c:\windows\system32\MRT.exe
2014-01-09 22:58 . 2013-11-25 23:54	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-12-18 20:09 . 2013-11-29 20:07	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 16:16 . 2013-12-18 16:16	140560	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2013-12-18 16:16 . 2013-12-18 16:16	113936	----a-w-	c:\windows\system32\drivers\VBoxUSB.sys
2013-12-18 16:13 . 2013-12-18 16:13	204048	------w-	c:\windows\system32\VBoxNetFltNobj.dll
2013-12-16 19:35 . 2013-11-25 23:54	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-12-16 16:39 . 2013-12-16 16:39	240936	----a-w-	c:\windows\system32\oodbs.exe
2013-12-16 16:39 . 2013-12-16 16:39	11048	----a-w-	c:\windows\system32\oodbsrs.dll
2013-12-06 13:37 . 2013-12-06 13:37	35232	----a-w-	c:\windows\system32\drivers\mcaudrv_x64.sys
2013-12-05 18:14 . 2013-11-25 23:54	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-12-05 00:26 . 2013-12-05 00:26	140096	------r-	c:\windows\SysWow64\COMDLG32.OCX
2013-12-04 03:28 . 2013-12-20 15:13	10315576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D71F2AB6-5C29-4EFF-A42C-1B6A770FCAAD}\mpengine.dll
2013-12-01 18:13 . 2013-12-01 18:13	381440	----a-w-	c:\windows\system32\drivers\sptd.sys
2013-11-29 19:57 . 2013-10-28 09:44	884952	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2013-11-29 19:57 . 2013-10-28 09:44	74456	----a-w-	c:\windows\system32\RtNicProp64.dll
2013-11-29 19:57 . 2013-10-28 09:44	108760	----a-w-	c:\windows\system32\RTNUninst64.dll
2013-11-29 00:54 . 2013-11-28 22:53	291296	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-11-27 01:54 . 2013-11-27 01:54	42016	----a-w-	c:\windows\system32\drivers\mcvidrv.sys
2013-11-26 11:54 . 2013-12-16 20:18	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-16 20:18	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-16 20:18	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-16 20:18	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-16 20:18	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-16 20:18	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-16 20:18	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-16 20:18	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-16 20:18	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-16 20:18	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-16 20:18	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-16 20:18	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-16 20:18	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-16 20:18	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-16 20:18	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-16 20:18	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-16 20:18	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-16 20:18	1995264	----a-w-	c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-16 20:18	12996608	----a-w-	c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-16 20:18	1928192	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-16 20:18	2334208	----a-w-	c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-16 20:18	1395200	----a-w-	c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-16 20:18	817664	----a-w-	c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-16 20:18	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2013-11-25 23:11 . 2013-11-25 23:11	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-25 23:11 . 2013-11-25 23:11	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-25 23:11 . 2013-11-25 23:11	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-25 23:11 . 2013-11-25 23:11	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-25 23:11 . 2013-11-25 23:11	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-25 23:11 . 2013-11-25 23:11	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-25 23:11 . 2013-11-25 23:11	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-25 23:11 . 2013-11-25 23:11	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-25 23:11 . 2013-11-25 23:11	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-25 23:11 . 2013-11-25 23:11	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-25 23:11 . 2013-11-25 23:11	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-25 23:11 . 2013-11-25 23:11	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-25 23:11 . 2013-11-25 23:11	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-25 23:11 . 2013-11-25 23:11	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-25 23:11 . 2013-11-25 23:11	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-25 23:11 . 2013-11-25 23:11	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-25 23:11 . 2013-11-25 23:11	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-25 23:11 . 2013-11-25 23:11	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-25 23:11 . 2013-11-25 23:11	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-25 23:11 . 2013-11-25 23:11	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-11-25 23:11 . 2013-11-25 23:11	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-25 23:11 . 2013-11-25 23:11	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-25 23:11 . 2013-11-25 23:11	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-25 23:11 . 2013-11-25 23:11	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-25 23:11 . 2013-11-25 23:11	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-25 23:11 . 2013-11-25 23:11	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-25 23:11 . 2013-11-25 23:11	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-25 23:11 . 2013-11-25 23:11	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-25 23:11 . 2013-11-25 23:11	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-25 23:11 . 2013-11-25 23:11	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-25 23:11 . 2013-11-25 23:11	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-25 23:11 . 2013-11-25 23:11	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-25 23:11 . 2013-11-25 23:11	413696	----a-w-	c:\windows\system32\html.iec
2013-11-25 23:11 . 2013-11-25 23:11	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-25 23:11 . 2013-11-25 23:11	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-25 23:11 . 2013-11-25 23:11	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-25 23:11 . 2013-11-25 23:11	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-25 23:11 . 2013-11-25 23:11	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-25 23:11 . 2013-11-25 23:11	235520	----a-w-	c:\windows\system32\url.dll
2013-11-25 23:11 . 2013-11-25 23:11	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-25 23:11 . 2013-11-25 23:11	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-25 23:11 . 2013-11-25 23:11	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-25 23:11 . 2013-11-25 23:11	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-25 23:11 . 2013-11-25 23:11	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-25 23:11 . 2013-11-25 23:11	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-11-25 23:11 . 2013-11-25 23:11	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-25 23:11 . 2013-11-25 23:11	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-25 23:11 . 2013-11-25 23:11	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-25 23:11 . 2013-11-25 23:11	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-25 23:11 . 2013-11-25 23:11	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-25 23:11 . 2013-11-25 23:11	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-25 23:11 . 2013-11-25 23:11	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-25 23:11 . 2013-11-25 23:11	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-25 23:11 . 2013-11-25 23:11	167424	----a-w-	c:\windows\system32\iexpress.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="g:\tools\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2012-01-14 248832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 WCMVCAM;WCMVCAM;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
R3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 scvad_simple;SplitCam Virtual Microphone (WDM);c:\windows\system32\drivers\SplitCamAudio.sys;c:\windows\SYSNATIVE\drivers\SplitCamAudio.sys [x]
R3 splitcam_hd_driver;SplitCam Virtual Video Driver;c:\windows\system32\DRIVERS\splitcam_hd_driver.sys;c:\windows\SYSNATIVE\DRIVERS\splitcam_hd_driver.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 tapSF0901;Spotflux Virtual Network Device Driver;c:\windows\system32\DRIVERS\tapSF0901.sys;c:\windows\SYSNATIVE\DRIVERS\tapSF0901.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [x]
R4 FreemakeVideoCapture;FreemakeVideoCapture;g:\tools\Freemake\CaptureLib\CaptureLibService.exe;g:\tools\Freemake\CaptureLib\CaptureLibService.exe [x]
R4 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R4 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;g:\tools\Razer Game Booster\RzKLService.exe;g:\tools\Razer Game Booster\RzKLService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys;c:\windows\SYSNATIVE\drivers\danew.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VKbms;Razer Gaming Device;c:\windows\system32\DRIVERS\VKbms.sys;c:\windows\SYSNATIVE\DRIVERS\VKbms.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 18:59	1211720	----a-w-	c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-26 19:51]
.
2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05 21:21]
.
2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05 21:21]
.
2014-02-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-02-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-03 13651672]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2013-12-16 4464936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - 
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-19 04:52; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-12-19 04:52; netvideohunter@netvideohunter.com; c:\users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\extensions\netvideohunter@netvideohunter.com
FF - ExtSQL: 2013-12-19 08:12; helper@savefrom.net; c:\users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\extensions\helper@savefrom.net.xpi
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="06D897AFB131B52DE0409829619C318D1DE16238109006D6CFD49B9884E14D7612428E266ABB76E0AE3A96209AD87CFAF16796B9E0A7A755FA088878DFA0DEB022B711667D858A577393B013E2DD8948AF9DFCE0885230ADE703E42A58CA5AA2211E15AD586593D2895A595269BEC2DBC2619D349A027189368F7508014C9C5DFBC935CAACE414E84F94A1422142F3701981A6CB68D8A2EA056D1D7FAE46E0C7A388B1A0F1417282A739C4DA42E0CC14A745E6D50CAED925F7CC6894790ECB180E97EC27626C7B5FF8351C28C64B62AB66E4D59260101860B95484DB3F2BE1DAB6AAED68FA0BDD0FAE67A84B6E622DEB4F8D0C58FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14078EDD5E5BE2F6E667BA7FD869164D6794FEBC9E127BECC74CA322D3330CD2A5A52A1EDAB49D4A685E1D7F3AE586D9196E36BEA3E6C2F59F5F9D97C5F4CAB154F0A455FCCED76801AB1A5F97733CC163BD24A324284776CF2FB2485B4EBF71D45FF9B00B8F63BCF8D784D11D54083907E94FD5AA0D37AFE3A3F813994A6BADFC8901CD53A6D42CC0309550077B2E132B94F1497A6E27045C514B08EDC656EFC81B55FA0C9642106D16C905F132F6961FF408A73AFA31C263E448EC26F58939D85456384D3647B4B7FE6051DD92317B5453D3CA73B072B4409CD13C77DB94FDF18826BE12AF055BFCF4DC46310DAA7162905AC694660D15654E8CA2F7540AA5F9A1ACF63D829EB93E13882D3565391A801DE3DCF1C2A693E35E6401A28B808CFD1B940211813B789E0DEF029734B68B0F007D873FC5695171C907EED8841303AE06CDAF375307B36926E1F2E9E37ECE0E537972973D82E6EB1F65345C14DFCB5F850B083BF231FC8AB87363A03671E3A4C46D7EFACF235ECF82B74ED4E30A20065343C58DAEED5A9231FBEB96BC733B9C98B0404A75013841AAF6EE4E73372C41393155832974C3371319D707DF6EBA62A26180CCFA57E507E161FCB712130F501AD4DC54D980A750F02AA5955CCE3E0A4E61BA2C02614E0B887990E3674C5D16E8712F1D0B52655B75D20AC6C08412C81AD421767D634D5D1384F70CEC941F9B2E0D595EDBAC52795DFBEB037285F7779724171F372132B1850EB349EEA24F0C857419FB3F58376FFA51671927C827156EFDB47CCCE3BFDB7EE37A9C91326037A135603F7A1F52A633434B3A6C4C4943D653C6C82EFA2C59AB17B569C802B391C3A3D6532A52D32A7D059CFB20907CC721584F22A0B724C8CF7E8175DE532332C556D54A3CC4E0AD691011D67819538C2E87018A3B6E45EB4334316E72ED795614A86C9674CE1303172015A8FA6FD120759C46696C7AA32B7116C961749B775CAD3ADD92684C76A5BC3547B20520F4337F99B988F4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files (x86)\Razer\DeathAdder\razertra.exe
c:\program files (x86)\Razer\DeathAdder\razerofa.exe
c:\program files (x86)\Razer\DeathAdder\vdDaemon.exe
.
**************************************************************************
.
Completion time: 2014-02-05  11:17:50 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-05 10:17
.
Pre-Run: 15 Verzeichnis(se), 17.979.416.576 Bytes frei
Post-Run: 17 Verzeichnis(se), 17.802.559.488 Bytes frei
.
- - End Of File - - 6CAD00387F67D572B6B6D40E86B34798
__________________
Alt 06.02.2014, 09:15   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Ereignisprotokoll Au_.exe und vieles vieles mehr - Standard

Ereignisprotokoll Au_.exe und vieles vieles mehr


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.02.2014, 23:24   #5
hehejo
 
Ereignisprotokoll Au_.exe und vieles vieles mehr - Standard

Ereignisprotokoll Au_.exe und vieles vieles mehr


Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.06.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Horst :: HORST-PC [Administrator]

06.02.2014 23:03:54
mbam-log-2014-02-06 (23-03-54).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 212645
Laufzeit: 1 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


[CODE]AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 06/02/2014 um 23:10:01
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Horst - HORST-PC
# Gestartet von : C:\Users\Horst\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\prefs.js ]


[ Datei : C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\7we6ss0f.default\prefs.js ]


[ Datei : C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\eskmam7m.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7843 octets] - [31/12/2013 23:56:30]
AdwCleaner[R1].txt - [2865 octets] - [25/01/2014 01:42:31]
AdwCleaner[R2].txt - [2935 octets] - [25/01/2014 01:43:22]
AdwCleaner[R3].txt - [1655 octets] - [26/01/2014 20:27:10]
AdwCleaner[R4].txt - [1918 octets] - [05/02/2014 03:29:10]
AdwCleaner[R5].txt - [1660 octets] - [06/02/2014 23:09:33]
AdwCleaner[S0].txt - [7207 octets] - [31/12/2013 23:57:34]
AdwCleaner[S1].txt - [2304 octets] - [25/01/2014 01:44:29]
AdwCleaner[S2].txt - [1596 octets] - [26/01/2014 20:27:55]
AdwCleaner[S3].txt - [1865 octets] - [05/02/2014 03:29:51]
AdwCleaner[S4].txt - [1581 octets] - [06/02/2014 23:10:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1641 octets] ##########

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Ultimate x64
Ran by Horst on 06.02.2014 at 23:13:09,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Horst\AppData\Roaming\mozilla\firefox\profiles\5e1sner9.default\minidumps [26 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2014 at 23:16:25,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-02-2014
Ran by Horst (administrator) on HORST-PC on 06-02-2014 23:18:27
Running from C:\Users\Horst\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) G:\Tools\Razer Game Booster\RzKLService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Razer Inc.) C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
() C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [4464936 2013-12-16] (O&O Software GmbH)
HKLM-x32\...\Run: [DeathAdder] - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [248832 2012-01-14] ()
HKU\S-1-5-21-2522954031-3629111441-1662823005-1000\...\Run: [DAEMON Tools Lite] - G:\Tools\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x07C3E9EA0EEACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtBzyzztAtBzytA0FtA0FtN0D0Tzu0SyBtDtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=610215439&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtBzyzztAtBzytA0FtA0FtN0D0Tzu0SyBtDtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=610215439&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: LavaFox V2 - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\info@djzig.com [2014-01-13]
FF Extension: exfm - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\jid0-IsXX48jx4obwoZPnzG6RQB0pK9A@jetpack [2013-11-25]
FF Extension: NetVideoHunter - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\netvideohunter@netvideohunter.com [2013-12-19]
FF Extension: WOT - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: HP Detect - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-12-02]
FF Extension: DownloadHelper - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-19]
FF Extension: 1ClickMovie Downloader - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\clickMvd@clickMvd.com.xpi [2013-11-25]
FF Extension: SaveFrom.net helper - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\helper@savefrom.net.xpi [2013-12-19]
FF Extension: Magic Actions for YouTube™ - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2013-11-25]
FF Extension: NASA Night Launch - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\nasanightlaunch@example.com.xpi [2013-11-25]
FF Extension: Noia Fox options - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2014-01-17]
FF Extension: Toggle Persona - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\togglepersona@davidvincent.tld.xpi [2013-11-25]
FF Extension: Stylish - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-11-25]
FF Extension: Youtube Downloader - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{599B9024-EBA6-4258-95C5-9133F8D73856}.xpi [2013-11-25]
FF Extension: Noia Fox - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2013-11-25]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2013-11-25]
FF Extension: Downloads Window - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2013-12-29]
FF Extension: Shine Bright Skin Aero - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2013-11-25]
FF Extension: Show my Password - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2013-12-29]
FF Extension: Adblock Plus - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-25]
FF Extension: Greasemonkey - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-11-25]

Chrome: 
=======
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Google Drive) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (YouTube) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Hide My Ass! Web Proxy) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2014-01-05]
CHR Extension: (Google Search) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (FastestFox for Chrome) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Gmail) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S4 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-06] ()
S4 FreemakeVideoCapture; G:\Tools\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-12-12] (Ellora Assets Corp.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1656616 2013-12-16] (O&O Software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-05] ()
R2 RzKLService; G:\Tools\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-01] (Duplex Secure Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-11-25] (Spotflux, Inc.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 23:18 - 2014-02-06 23:18 - 00000000 ____D () C:\Users\Horst\Desktop\FRST-OlderVersion
2014-02-06 23:16 - 2014-02-06 23:16 - 00000753 _____ () C:\Users\Horst\Desktop\JRT.txt
2014-02-06 23:13 - 2014-02-06 23:13 - 01037530 _____ (Thisisu) C:\Users\Horst\Desktop\JRT.exe
2014-02-06 23:09 - 2014-02-06 23:09 - 01166132 _____ () C:\Users\Horst\Desktop\adwcleaner.exe
2014-02-06 20:24 - 2014-02-06 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 11:17 - 2014-02-05 11:17 - 00031139 _____ () C:\ComboFix.txt
2014-02-05 06:34 - 2014-02-05 06:34 - 00000000 ____D () C:\Users\Horst\AppData\Local\Blizzard
2014-02-05 06:31 - 2014-02-05 06:31 - 00000755 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-02-05 06:08 - 2014-01-15 23:35 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-05 06:07 - 2014-01-16 00:13 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-02-05 06:07 - 2014-01-16 00:13 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-02-05 06:07 - 2014-01-15 22:53 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-05 06:07 - 2014-01-15 22:53 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-05 06:07 - 2014-01-15 22:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-02-05 06:07 - 2014-01-15 22:53 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-05 06:07 - 2014-01-15 22:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-05 06:07 - 2014-01-15 22:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-05 06:07 - 2014-01-13 23:31 - 03559557 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-05 06:05 - 2014-01-16 00:13 - 31421216 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 25255200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 23672096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 18184976 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 17714760 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 15690744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 14668008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 12668192 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-05 06:05 - 2014-01-16 00:13 - 11631544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 11583616 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 09723944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 09686304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 03087112 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 02711656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433467.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433467.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00859936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-05 06:05 - 2014-01-16 00:13 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-02-05 06:05 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-05 06:05 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-05 06:05 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-05 05:39 - 2014-02-05 05:39 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-05 05:38 - 2014-02-05 05:40 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-05 05:38 - 2014-02-05 05:39 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-05 04:32 - 2014-02-06 23:18 - 00017198 _____ () C:\Users\Horst\Desktop\FRST.txt
2014-02-05 04:32 - 2014-02-05 05:21 - 00024216 _____ () C:\Users\Horst\Desktop\Addition.txt
2014-02-05 04:31 - 2014-02-06 23:18 - 02079744 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2014-02-05 04:01 - 2014-02-05 11:16 - 00003600 _____ () C:\Windows\PFRO.log
2014-02-05 04:00 - 2014-02-05 04:00 - 00002497 _____ () C:\Users\Public\Desktop\O&O Defrag.lnk
2014-02-05 04:00 - 2014-02-05 04:00 - 00000000 ____D () C:\Program Files\OO Software
2014-02-05 03:44 - 2014-02-05 03:44 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-05 03:44 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-05 03:44 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-05 03:43 - 2014-02-05 05:54 - 00000000 ____D () C:\Users\Horst\AppData\Local\NVIDIA
2014-02-05 03:41 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-05 03:41 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-05 03:41 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-05 03:39 - 2014-02-05 03:39 - 00000000 ____D () C:\NVIDIA
2014-02-05 03:38 - 2014-02-06 23:10 - 00003279 _____ () C:\Windows\setupact.log
2014-02-05 03:38 - 2014-02-05 03:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-05 03:32 - 2014-02-05 04:10 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-05 03:31 - 2014-02-06 23:10 - 00210891 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 02:42 - 2014-02-05 02:42 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-05 02:21 - 2014-02-05 02:21 - 00000751 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-04 21:58 - 2014-02-04 21:58 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\www.shadowexplorer.com
2014-02-03 16:25 - 2014-02-06 01:32 - 00000000 ____D () C:\Users\Horst\AppData\Local\Battle.net
2014-02-03 16:25 - 2014-02-05 06:30 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Battle.net
2014-02-03 16:25 - 2014-02-03 16:25 - 00001150 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Local\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-03 16:21 - 2014-02-03 16:21 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-03 01:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-03 01:44 - 2014-02-03 01:45 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-01 18:16 - 2014-02-01 18:16 - 00000000 ____D () C:\Users\Horst\AppData\Local\EdgeOfReality
2014-02-01 17:48 - 2014-02-01 17:51 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Awesomium
2014-01-29 20:34 - 2014-01-29 20:34 - 00000209 _____ () C:\Users\Horst\Desktop\Rust.url
2014-01-28 23:20 - 2014-01-28 23:25 - 00000000 ____D () C:\Users\Horst\Desktop\Active-File-Recovery-Professional-12.0.3
2014-01-28 20:26 - 2014-01-28 23:23 - 00000000 ____D () C:\Program Files\LSoft Technologies
2014-01-26 23:56 - 2014-01-26 23:56 - 00000000 ____D () C:\Users\Horst\AppData\Local\O&O
2014-01-26 23:55 - 2014-01-26 23:57 - 00000000 ____D () C:\Windows\system32\oodag
2014-01-26 23:55 - 2014-01-26 23:55 - 00000000 ____D () C:\ProgramData\OO Software
2014-01-26 19:20 - 2014-02-05 03:23 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-26 19:20 - 2014-02-05 02:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-01-26 19:06 - 2014-02-06 19:06 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f.job
2014-01-26 19:06 - 2014-02-06 02:00 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1.job
2014-01-26 19:06 - 2014-01-26 19:06 - 00003588 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1
2014-01-26 19:06 - 2014-01-26 19:06 - 00003514 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f
2014-01-26 19:06 - 2014-01-26 19:06 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\SUPERAntiSpyware.com
2014-01-26 19:05 - 2014-01-26 23:49 - 00001965 _____ () C:\Users\Horst\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-26 19:05 - 2014-01-26 19:06 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-01-26 19:05 - 2014-01-26 19:06 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-01-26 19:05 - 2014-01-26 19:05 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-01-25 01:57 - 2014-01-25 02:04 - 00000000 ____D () C:\Users\Horst\AppData\Local\ManyCam
2014-01-25 01:57 - 2014-01-25 01:57 - 00001019 _____ () C:\Users\Public\Desktop\ManyCam.lnk
2014-01-25 01:38 - 2014-01-25 01:38 - 00000000 _____ () C:\autoexec.bat
2014-01-25 01:37 - 2014-01-25 01:41 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-25 01:37 - 2014-01-25 01:37 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-25 01:19 - 2014-01-25 02:04 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\ManyCam
2014-01-25 01:19 - 2014-01-25 01:57 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-01-25 01:07 - 2014-01-25 01:08 - 00000000 ____D () C:\ProgramData\webcam 7
2014-01-25 01:02 - 2013-04-24 09:45 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-01-25 01:02 - 2013-04-24 09:45 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-01-25 01:02 - 2013-04-24 09:45 - 00080896 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-01-25 01:02 - 2013-04-24 09:45 - 00000590 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-01-25 00:54 - 2014-02-03 15:37 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-01-25 00:54 - 2014-01-25 00:54 - 00000939 _____ () C:\Users\Horst\Desktop\Open Broadcaster Software.lnk
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\OBS
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Program Files\OBS
2014-01-25 00:50 - 2014-01-25 00:50 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\WebcamMax
2014-01-25 00:39 - 2014-01-25 00:39 - 00000000 ____D () C:\Program Files (x86)\IPCameraDSFilter
2014-01-24 21:56 - 2014-01-24 23:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-18 02:09 - 2014-02-05 03:31 - 00000000 ____D () C:\Windows\Minidump
2014-01-17 20:51 - 2014-01-17 20:51 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-16 16:21 - 2014-01-16 16:21 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\PDF Architect
2014-01-15 10:34 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 10:34 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 10:34 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 18:37 - 2014-01-12 18:37 - 00355840 _____ () C:\Windows\SysWOW64\LiveWrapRTSP.dll
2014-01-08 02:03 - 2014-01-08 02:03 - 00000000 ____D () C:\Users\Horst\VirtualBox VMs
2014-01-08 02:02 - 2014-01-08 05:47 - 00000000 ____D () C:\Users\Horst\.VirtualBox
2014-01-08 02:01 - 2013-12-18 17:19 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-01-08 02:00 - 2013-12-18 17:16 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-01-08 00:53 - 2014-01-25 01:41 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-07 14:54 - 2014-01-07 14:54 - 00000000 ____D () C:\Users\Horst\AppData\Local\IsolatedStorage
2014-01-07 14:52 - 2014-01-07 15:17 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Apple Computer
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple Computer
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-07 14:51 - 2014-01-25 01:11 - 00000000 ____D () C:\ProgramData\Apple
2014-01-07 14:51 - 2014-01-07 14:51 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple

==================== One Month Modified Files and Folders =======

2014-02-06 23:18 - 2014-02-06 23:18 - 00000000 ____D () C:\Users\Horst\Desktop\FRST-OlderVersion
2014-02-06 23:18 - 2014-02-05 04:32 - 00017198 _____ () C:\Users\Horst\Desktop\FRST.txt
2014-02-06 23:18 - 2014-02-05 04:31 - 02079744 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2014-02-06 23:18 - 2013-12-29 12:09 - 00000000 ____D () C:\FRST
2014-02-06 23:17 - 2013-12-18 23:52 - 00013665 _____ () C:\Users\Horst\Desktop\Neues Textdokument.txt
2014-02-06 23:17 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 23:17 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 23:16 - 2014-02-06 23:16 - 00000753 _____ () C:\Users\Horst\Desktop\JRT.txt
2014-02-06 23:16 - 2009-07-14 18:58 - 00699376 _____ () C:\Windows\system32\perfh007.dat
2014-02-06 23:16 - 2009-07-14 18:58 - 00149552 _____ () C:\Windows\system32\perfc007.dat
2014-02-06 23:16 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 23:13 - 2014-02-06 23:13 - 01037530 _____ (Thisisu) C:\Users\Horst\Desktop\JRT.exe
2014-02-06 23:13 - 2014-02-05 03:31 - 00210891 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 23:11 - 2013-12-01 04:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 23:10 - 2014-02-05 03:38 - 00003279 _____ () C:\Windows\setupact.log
2014-02-06 23:10 - 2013-12-31 23:56 - 00000000 ____D () C:\AdwCleaner
2014-02-06 23:10 - 2013-12-15 04:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-06 23:10 - 2013-12-05 22:21 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 23:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 23:09 - 2014-02-06 23:09 - 01166132 _____ () C:\Users\Horst\Desktop\adwcleaner.exe
2014-02-06 23:09 - 2013-11-26 19:40 - 00000000 ____D () C:\Users\Horst\AppData\Local\PMB Files
2014-02-06 22:32 - 2013-12-05 22:21 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 22:32 - 2013-11-26 03:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 20:24 - 2014-02-06 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 20:02 - 2013-12-16 21:50 - 00000000 ____D () C:\Users\Horst\AppData\Local\DayZ
2014-02-06 19:06 - 2014-01-26 19:06 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f.job
2014-02-06 19:02 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-06 02:00 - 2014-01-26 19:06 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1.job
2014-02-06 01:32 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Local\Battle.net
2014-02-05 11:17 - 2014-02-05 11:17 - 00031139 _____ () C:\ComboFix.txt
2014-02-05 11:17 - 2013-12-30 12:25 - 00000000 ____D () C:\Qoobox
2014-02-05 11:16 - 2014-02-05 04:01 - 00003600 _____ () C:\Windows\PFRO.log
2014-02-05 11:16 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-05 11:10 - 2013-12-19 23:08 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-05 09:49 - 2013-12-05 17:56 - 00000000 ____D () C:\Windows\pss
2014-02-05 09:44 - 2013-12-30 12:25 - 05180173 ____R (Swearware) C:\Users\Horst\Desktop\ComboFix.exe
2014-02-05 06:34 - 2014-02-05 06:34 - 00000000 ____D () C:\Users\Horst\AppData\Local\Blizzard
2014-02-05 06:31 - 2014-02-05 06:31 - 00000755 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-02-05 06:30 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Battle.net
2014-02-05 06:08 - 2013-11-25 20:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-05 06:07 - 2013-11-25 20:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-05 06:07 - 2013-11-25 20:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-05 06:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-05 05:54 - 2014-02-05 03:43 - 00000000 ____D () C:\Users\Horst\AppData\Local\NVIDIA
2014-02-05 05:40 - 2014-02-05 05:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-05 05:39 - 2014-02-05 05:39 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-05 05:39 - 2014-02-05 05:38 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-05 05:21 - 2014-02-05 04:32 - 00024216 _____ () C:\Users\Horst\Desktop\Addition.txt
2014-02-05 04:50 - 2013-11-25 19:40 - 00000000 ____D () C:\Users\Horst
2014-02-05 04:10 - 2014-02-05 03:32 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-05 04:10 - 2013-11-26 01:11 - 00007630 _____ () C:\Users\Horst\AppData\Local\Resmon.ResmonCfg
2014-02-05 04:00 - 2014-02-05 04:00 - 00002497 _____ () C:\Users\Public\Desktop\O&O Defrag.lnk
2014-02-05 04:00 - 2014-02-05 04:00 - 00000000 ____D () C:\Program Files\OO Software
2014-02-05 03:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-05 03:44 - 2014-02-05 03:44 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-05 03:39 - 2014-02-05 03:39 - 00000000 ____D () C:\NVIDIA
2014-02-05 03:38 - 2014-02-05 03:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-05 03:31 - 2014-01-18 02:09 - 00000000 ____D () C:\Windows\Minidump
2014-02-05 03:31 - 2013-12-01 19:12 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\DAEMON Tools Lite
2014-02-05 03:23 - 2014-01-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-05 03:01 - 2013-12-04 21:40 - 00000000 ____D () C:\Users\Horst\AppData\Local\NVIDIA Corporation
2014-02-05 03:00 - 2013-11-30 18:53 - 00000000 ____D () C:\Program Files (x86)\Thread Manager
2014-02-05 02:42 - 2014-02-05 02:42 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-05 02:42 - 2014-01-26 19:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-05 02:22 - 2013-12-05 05:40 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\vlc
2014-02-05 02:21 - 2014-02-05 02:21 - 00000751 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-04 21:58 - 2014-02-04 21:58 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\www.shadowexplorer.com
2014-02-04 20:53 - 2013-11-26 19:40 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-03 16:25 - 2014-02-03 16:25 - 00001150 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\Horst\AppData\Local\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-03 16:21 - 2014-02-03 16:21 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-03 15:37 - 2014-01-25 00:54 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-02-03 01:45 - 2014-02-03 01:44 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 01:45 - 2013-11-29 21:08 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-03 01:45 - 2013-11-29 21:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-01 18:16 - 2014-02-01 18:16 - 00000000 ____D () C:\Users\Horst\AppData\Local\EdgeOfReality
2014-02-01 17:51 - 2014-02-01 17:48 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Awesomium
2014-01-29 20:34 - 2014-01-29 20:34 - 00000209 _____ () C:\Users\Horst\Desktop\Rust.url
2014-01-29 20:00 - 2013-12-01 19:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-28 23:25 - 2014-01-28 23:20 - 00000000 ____D () C:\Users\Horst\Desktop\Active-File-Recovery-Professional-12.0.3
2014-01-28 23:23 - 2014-01-28 20:26 - 00000000 ____D () C:\Program Files\LSoft Technologies
2014-01-28 23:01 - 2013-11-30 10:47 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apps\2.0
2014-01-28 20:20 - 2013-12-01 19:47 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\TeamViewer
2014-01-26 23:57 - 2014-01-26 23:55 - 00000000 ____D () C:\Windows\system32\oodag
2014-01-26 23:56 - 2014-01-26 23:56 - 00000000 ____D () C:\Users\Horst\AppData\Local\O&O
2014-01-26 23:55 - 2014-01-26 23:55 - 00000000 ____D () C:\ProgramData\OO Software
2014-01-26 23:49 - 2014-01-26 19:05 - 00001965 _____ () C:\Users\Horst\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-26 19:06 - 2014-01-26 19:06 - 00003588 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d319197d-9400-4fe0-b01d-061b91d4d3a1
2014-01-26 19:06 - 2014-01-26 19:06 - 00003514 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d520f79a-15e0-4d3c-813f-2b69bbd4ac5f
2014-01-26 19:06 - 2014-01-26 19:06 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\SUPERAntiSpyware.com
2014-01-26 19:06 - 2014-01-26 19:05 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-01-26 19:06 - 2014-01-26 19:05 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-01-26 19:05 - 2014-01-26 19:05 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-01-25 02:04 - 2014-01-25 01:57 - 00000000 ____D () C:\Users\Horst\AppData\Local\ManyCam
2014-01-25 02:04 - 2014-01-25 01:19 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\ManyCam
2014-01-25 01:57 - 2014-01-25 01:57 - 00001019 _____ () C:\Users\Public\Desktop\ManyCam.lnk
2014-01-25 01:57 - 2014-01-25 01:19 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-01-25 01:53 - 2014-01-02 13:35 - 00987425 _____ () C:\Users\Horst\Desktop\SecurityCheck.exe
2014-01-25 01:52 - 2013-11-26 03:16 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Notepad++
2014-01-25 01:41 - 2014-01-25 01:37 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-25 01:41 - 2014-01-08 00:53 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-25 01:38 - 2014-01-25 01:38 - 00000000 _____ () C:\autoexec.bat
2014-01-25 01:37 - 2014-01-25 01:37 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-25 01:11 - 2014-01-07 14:51 - 00000000 ____D () C:\ProgramData\Apple
2014-01-25 01:08 - 2014-01-25 01:07 - 00000000 ____D () C:\ProgramData\webcam 7
2014-01-25 00:54 - 2014-01-25 00:54 - 00000939 _____ () C:\Users\Horst\Desktop\Open Broadcaster Software.lnk
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\OBS
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-01-25 00:54 - 2014-01-25 00:54 - 00000000 ____D () C:\Program Files\OBS
2014-01-25 00:50 - 2014-01-25 00:50 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\WebcamMax
2014-01-25 00:39 - 2014-01-25 00:39 - 00000000 ____D () C:\Program Files (x86)\IPCameraDSFilter
2014-01-24 23:57 - 2014-01-24 21:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-22 20:41 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-01-19 08:33 - 2013-11-25 19:59 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 20:51 - 2014-01-17 20:51 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-17 20:51 - 2013-11-26 03:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-17 20:51 - 2013-11-26 03:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-17 20:51 - 2013-11-26 03:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 20:51 - 2013-11-26 00:46 - 00000000 ____D () C:\Users\Horst\AppData\Local\Adobe
2014-01-16 16:21 - 2014-01-16 16:21 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\PDF Architect
2014-01-16 00:13 - 2014-02-05 06:07 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-01-16 00:13 - 2014-02-05 06:07 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 31421216 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 25255200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 23672096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 18184976 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 17714760 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 15690744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 14668008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 12668192 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-16 00:13 - 2014-02-05 06:05 - 11631544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 11583616 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 09723944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 09686304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 03087112 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 02711656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433467.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433467.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00859936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-16 00:13 - 2014-02-05 06:05 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-01-15 23:35 - 2014-02-05 06:08 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-01-15 22:53 - 2014-02-05 06:07 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-01-15 22:53 - 2014-02-05 06:07 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-01-15 22:53 - 2014-02-05 06:07 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-01-15 22:53 - 2014-02-05 06:07 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-01-15 22:53 - 2014-02-05 06:07 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-01-15 22:53 - 2014-02-05 06:07 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-01-15 18:26 - 2009-07-14 05:45 - 00422032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 14:55 - 2013-11-25 20:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 14:54 - 2013-11-25 20:08 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 23:31 - 2014-02-05 06:07 - 03559557 _____ () C:\Windows\system32\nvcoproc.bin
2014-01-12 18:37 - 2014-01-12 18:37 - 00355840 _____ () C:\Windows\SysWOW64\LiveWrapRTSP.dll
2014-01-09 23:58 - 2013-11-26 00:54 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-08 05:47 - 2014-01-08 02:02 - 00000000 ____D () C:\Users\Horst\.VirtualBox
2014-01-08 05:27 - 2013-12-14 03:04 - 00000665 _____ () C:\Users\Horst\Desktop\FurMark.lnk
2014-01-08 02:03 - 2014-01-08 02:03 - 00000000 ____D () C:\Users\Horst\VirtualBox VMs
2014-01-07 15:17 - 2014-01-07 14:52 - 00000000 ____D () C:\Users\Horst\AppData\Roaming\Apple Computer
2014-01-07 14:54 - 2014-01-07 14:54 - 00000000 ____D () C:\Users\Horst\AppData\Local\IsolatedStorage
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple Computer
2014-01-07 14:52 - 2014-01-07 14:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-07 14:51 - 2014-01-07 14:51 - 00000000 ____D () C:\Users\Horst\AppData\Local\Apple

Some content of TEMP:
====================
C:\Users\Horst\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 02:33

==================== End Of Log ============================
--- --- ---

--- --- ---


Alt 07.02.2014, 17:28   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Ereignisprotokoll Au_.exe und vieles vieles mehr - Standard

Ereignisprotokoll Au_.exe und vieles vieles mehr



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Ereignisprotokoll Au_.exe und vieles vieles mehr

Antwort

Themen zu Ereignisprotokoll Au_.exe und vieles vieles mehr
au_.exe, browser, combofix, defender, downloader, emsisoft, explorer, fehlermeldung, firefox, flash player, google, helper, homepage, iexplore.exe, launch, mozilla, neustart, nvidia, prüfen, realtek, registry, savefrom.net, scan, security, services.exe, software, svchost.exe, systemadministrator, version., virtualbox, windows, winlogon.exe, youtube downloader


« Trojan:Win32 lässt sich nicht entfernen | yontoo 2.052 lässt sich nicht deinstallieren »


Ähnliche Themen: Ereignisprotokoll Au_.exe und vieles vieles mehr


  1. .NET: Open Source, neue Vorabversionen und vieles mehr
    Nachrichten - 13.11.2014 (0)
  2. Regsvr3 fehler und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 11.07.2014 (26)
  3. Windows Vista: ewiges booten, email-browser hängt sich auf und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (21)
  4. Trojan.Agent, Bundeswehrtrojaner und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (1)
  5. w32/murofet.a und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 11.06.2011 (6)
  6. AVIRA meldet andauernd Trojaner TR/Fakealert.LH und TR/Dldr.Agent.fdbj und vieles mehr!
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (88)
  7. Generic Host Prozess für Win32 hat ein Problem festgestellt - und vieles mehr
    Log-Analyse und Auswertung - 09.01.2010 (3)
  8. Pc sehr langsam, Maus Icon hängt und vieles mehr !
    Plagegeister aller Art und deren Bekämpfung - 15.03.2009 (27)
  9. trojan.vundo und vieles mehr. bin verzweifelt
    Log-Analyse und Auswertung - 07.11.2008 (2)
  10. Virus. internet und vieles andere geht nicht mehr!!! Hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 15.07.2008 (1)
  11. Windows Secerity Alert und vieles mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 24.09.2007 (4)
  12. TrustInPopups und vieles mehr...
    Log-Analyse und Auswertung - 05.08.2006 (16)
  13. Dldr.Agent. RunDLL kein Explorer und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 05.10.2005 (1)
  14. Trojaner und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 31.08.2005 (1)
  15. Trojaner? -> PC spinnt - vieles geht nicht mehr
    Log-Analyse und Auswertung - 10.04.2005 (6)
  16. msn starseite! und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 28.02.2005 (1)
  17. IE,cws und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 07.12.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ereignisprotokoll Au_.exe und vieles vieles mehr - Hallo, ich habe mehrere "Baustellen" zum Einen wollte heute auf meinen PC "Daemon Tools Lite" deinstallieren, doch jedesmal beim deinstallieren kommt die Fehlermeldung "Daemon Tools" funktioniert nicht mehr. (auch bei - Ereignisprotokoll Au_.exe und vieles vieles mehr...
Archiv
Du betrachtest: Ereignisprotokoll Au_.exe und vieles vieles mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55