Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 08.02.2014, 09:52   #1
manu92000
 
Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen - Standard

Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen



FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Manuel (administrator) on MANUEL-PC on 08-02-2014 09:34:11
Running from C:\Users\Manuel\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) D:\Vmware\vmware-authd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() D:\Vmware\vmware-hostd.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(VMware, Inc.) D:\Vmware\vmware-tray.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6470760 2012-05-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-22] (AVAST Software)
HKLM-x32\...\Run: [ControlCenterCount] - C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2966757714-401893276-3215075033-1000\...\Run: [Raptr] - C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-01-08] (Raptr, Inc)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD80104D7FE6FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\qv46dgox.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-23]

Chrome: 
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: hxxp://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (AdBlock) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-30]
CHR Extension: (avast! Online Security) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-07]
CHR Extension: (Google Wallet) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (YouTube Unblocker) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-02-07]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-22] (AVAST Software)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 MSISleep; C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [282624 2013-04-29] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-29] ()
R2 VMAuthdService; D:\Vmware\vmware-authd.exe [86096 2013-10-18] (VMware, Inc.)
R2 VMwareHostd; D:\Vmware\vmware-hostd.exe [14405200 2013-10-18] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-22] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-22] ()
R3 NTIOLib_1_0_2; C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [13328 2012-02-14] (MSI)
R3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 wolf; \??\D:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 09:34 - 2014-02-08 09:34 - 00013675 _____ () C:\Users\Manuel\Desktop\FRST.txt
2014-02-08 09:34 - 2014-02-08 09:34 - 00000000 ____D () C:\FRST
2014-02-08 09:33 - 2014-02-08 09:33 - 00380416 _____ () C:\Users\Manuel\Desktop\Gmer-19357.exe
2014-02-08 09:33 - 2014-02-08 09:33 - 00000895 _____ () C:\Users\Manuel\Desktop\gmer.txt
2014-02-08 09:33 - 2014-02-08 09:32 - 02079744 _____ (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2014-02-05 19:30 - 2013-10-18 12:46 - 00064080 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-02-05 19:30 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2014-02-05 19:30 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2014-02-05 19:30 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2014-02-05 19:29 - 2014-02-05 19:29 - 00001515 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk
2014-02-05 19:29 - 2014-02-05 19:29 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-02-05 19:29 - 2013-10-18 12:45 - 00930384 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-02-05 19:29 - 2013-10-18 12:45 - 00437328 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-02-05 19:29 - 2013-10-18 12:45 - 00358480 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-02-05 19:29 - 2013-10-18 12:45 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-02-05 19:29 - 2013-10-09 08:04 - 00053816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-02-05 19:29 - 2013-10-09 08:03 - 00038456 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmusb.sys
2014-02-05 19:28 - 2014-02-05 19:28 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-02-05 19:28 - 2014-02-05 19:28 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-02-05 16:05 - 2014-02-05 16:05 - 00000202 _____ () C:\Users\Manuel\Desktop\Rust.url
2014-02-04 18:10 - 2014-02-04 18:10 - 00060993 _____ () C:\Windows\SysWOW64\CCCInstall_201402041810334344.log
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 ____D () C:\ProgramData\ATI
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Eclipse
2014-02-02 15:48 - 2014-02-02 15:48 - 00816954 _____ () C:\Users\Manuel\Desktop\worldedit-5.5.8.zip
2014-02-01 22:54 - 2014-02-01 22:54 - 00000837 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2014-02-01 22:42 - 2014-02-01 22:42 - 00000010 _____ () C:\Users\Manuel\Desktop\new  3.txt
2014-02-01 20:47 - 2014-02-01 20:47 - 00000000 ____D () C:\Users\Manuel\Desktop\eclipse-java-kepler-SR1-win32-x86_64
2014-02-01 18:24 - 2014-02-01 18:24 - 00000000 ____D () C:\Windows\Sun
2014-02-01 18:21 - 2014-02-01 18:21 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-01 18:21 - 2014-02-01 18:21 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-01 18:21 - 2014-02-01 18:21 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-01 18:21 - 2014-02-01 18:21 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-01 18:21 - 2014-02-01 18:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-01 16:04 - 2014-02-01 16:04 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Macromedia
2014-02-01 15:56 - 2014-02-01 15:56 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Mozilla
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Mozilla
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\library_dir
2014-01-30 15:15 - 2014-02-08 09:13 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Raptr
2014-01-30 15:15 - 2014-02-04 18:03 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-01-30 15:15 - 2014-01-30 15:15 - 00060993 _____ () C:\Windows\SysWOW64\CCCInstall_201401301515246048.log
2014-01-30 14:57 - 2014-01-30 14:57 - 00362029 _____ () C:\Windows\SysWOW64\sqlite3.dll
2014-01-30 14:47 - 2014-02-01 13:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-30 14:47 - 2014-02-01 13:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-30 14:47 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-30 14:47 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-30 14:47 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-01-30 14:47 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-30 14:47 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-30 14:47 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-30 14:47 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-30 14:47 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-30 14:47 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-30 14:47 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-30 14:47 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-30 14:47 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-30 14:47 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-30 14:47 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-30 14:47 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-30 14:47 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-30 14:47 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-30 14:47 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-30 14:47 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-30 14:47 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-30 14:47 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-30 14:47 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-30 14:47 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-30 14:47 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-30 14:47 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-30 14:45 - 2012-05-04 12:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-01-30 14:45 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-01-30 14:34 - 2014-01-30 14:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-30 14:34 - 2014-01-06 16:20 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-29 15:27 - 2014-01-29 16:19 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-25 19:22 - 2014-02-04 20:23 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\.minecraft
2014-01-24 18:01 - 2014-02-01 23:57 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-01-24 16:09 - 2014-01-24 16:09 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-01-24 15:27 - 2013-03-09 14:25 - 00000000 ____D () C:\Users\Manuel\Desktop\TW_Mapeditor
2014-01-22 18:49 - 2014-01-22 18:49 - 00263186 _____ () C:\Users\Manuel\Desktop\Minecraft.exe
2014-01-22 13:49 - 2014-01-22 13:49 - 00000202 _____ () C:\Users\Manuel\Desktop\APB Reloaded.url
2014-01-21 17:03 - 2014-01-24 15:30 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Teeworlds
2014-01-21 17:03 - 2014-01-21 17:03 - 00000000 ____D () C:\Users\Manuel\Desktop\13x37 0.6.1 Client - Public 003 (win32)
2014-01-19 20:01 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-01-19 19:16 - 2014-01-19 19:16 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-19 19:16 - 2014-01-19 19:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-19 19:16 - 2014-01-19 19:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-19 19:16 - 2014-01-19 19:16 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-19 19:00 - 2014-01-19 19:00 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 21:29 - 2014-01-18 21:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-01-15 18:09 - 2014-01-15 18:09 - 00000000 ____D () C:\Users\Manuel\AppData\Local\LogMeIn
2014-01-15 18:09 - 2014-01-15 18:09 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-01-15 16:51 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:51 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:51 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:51 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:51 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:51 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:51 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:51 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 16:51 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 17:40 - 2014-01-17 20:02 - 00000000 ____D () C:\Users\Manuel\Desktop\mc server
2014-01-13 16:39 - 2014-01-13 16:39 - 00000000 ____D () C:\AeriaGames
2014-01-10 22:04 - 2014-01-20 16:05 - 00000000 ____D () C:\CFLog

==================== One Month Modified Files and Folders =======

2014-02-08 09:34 - 2014-02-08 09:34 - 00013675 _____ () C:\Users\Manuel\Desktop\FRST.txt
2014-02-08 09:34 - 2014-02-08 09:34 - 00000000 ____D () C:\FRST
2014-02-08 09:33 - 2014-02-08 09:33 - 00380416 _____ () C:\Users\Manuel\Desktop\Gmer-19357.exe
2014-02-08 09:33 - 2014-02-08 09:33 - 00000895 _____ () C:\Users\Manuel\Desktop\gmer.txt
2014-02-08 09:32 - 2014-02-08 09:33 - 02079744 _____ (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2014-02-08 09:25 - 2013-07-10 18:26 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\VMware
2014-02-08 09:25 - 2013-07-10 18:26 - 00000000 ____D () C:\Users\Manuel\AppData\Local\VMware
2014-02-08 09:25 - 2013-06-23 11:55 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 09:21 - 2013-07-13 21:27 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Adobe
2014-02-08 09:19 - 2009-07-14 05:45 - 00021696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 09:19 - 2009-07-14 05:45 - 00021696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 09:15 - 2013-06-23 11:39 - 01805813 _____ () C:\Windows\WindowsUpdate.log
2014-02-08 09:13 - 2014-01-30 15:15 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Raptr
2014-02-08 09:11 - 2013-06-23 13:13 - 00000000 ____D () C:\ProgramData\VMware
2014-02-08 09:11 - 2013-06-23 11:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-08 09:11 - 2013-06-23 11:55 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 09:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-08 09:11 - 2009-07-14 05:51 - 00061293 _____ () C:\Windows\setupact.log
2014-02-07 21:54 - 2013-06-23 12:53 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Skype
2014-02-07 20:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-06 21:04 - 2013-10-24 13:34 - 00000016 _____ () C:\Users\Manuel\Desktop\timer.cfg
2014-02-05 19:29 - 2014-02-05 19:29 - 00001515 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk
2014-02-05 19:29 - 2014-02-05 19:29 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-02-05 19:29 - 2013-06-23 12:30 - 01712014 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-05 19:29 - 2011-04-12 08:43 - 00723530 _____ () C:\Windows\system32\perfh007.dat
2014-02-05 19:29 - 2011-04-12 08:43 - 00160404 _____ () C:\Windows\system32\perfc007.dat
2014-02-05 19:28 - 2014-02-05 19:28 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-02-05 19:28 - 2014-02-05 19:28 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-02-05 16:05 - 2014-02-05 16:05 - 00000202 _____ () C:\Users\Manuel\Desktop\Rust.url
2014-02-04 20:23 - 2014-01-25 19:22 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\.minecraft
2014-02-04 18:27 - 2013-06-23 11:56 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 18:10 - 2014-02-04 18:10 - 00060993 _____ () C:\Windows\SysWOW64\CCCInstall_201402041810334344.log
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 ____D () C:\ProgramData\ATI
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-04 18:10 - 2013-06-23 12:42 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-02-04 18:10 - 2013-06-23 12:09 - 00000000 ____D () C:\ProgramData\AMD
2014-02-04 18:08 - 2013-06-23 12:43 - 00000000 ____D () C:\Program Files\AMD
2014-02-04 18:03 - 2014-01-30 15:15 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Eclipse
2014-02-02 15:48 - 2014-02-02 15:48 - 00816954 _____ () C:\Users\Manuel\Desktop\worldedit-5.5.8.zip
2014-02-01 23:57 - 2014-01-24 18:01 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-01 23:06 - 2013-08-15 23:00 - 00000000 ____D () C:\Users\Manuel\.gimp-2.8
2014-02-01 22:54 - 2014-02-01 22:54 - 00000837 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2014-02-01 22:42 - 2014-02-01 22:42 - 00000010 _____ () C:\Users\Manuel\Desktop\new  3.txt
2014-02-01 20:47 - 2014-02-01 20:47 - 00000000 ____D () C:\Users\Manuel\Desktop\eclipse-java-kepler-SR1-win32-x86_64
2014-02-01 18:24 - 2014-02-01 18:24 - 00000000 ____D () C:\Windows\Sun
2014-02-01 18:21 - 2014-02-01 18:21 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-01 18:21 - 2014-02-01 18:21 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-01 18:21 - 2014-02-01 18:21 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-01 18:21 - 2014-02-01 18:21 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-01 18:21 - 2014-02-01 18:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-01 18:21 - 2013-11-22 20:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-01 16:04 - 2014-02-01 16:04 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Macromedia
2014-02-01 15:56 - 2014-02-01 15:56 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Mozilla
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Mozilla
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-01 15:56 - 2014-02-01 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-01 13:12 - 2014-01-30 14:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-01 13:12 - 2014-01-30 14:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-31 13:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-30 15:26 - 2013-12-21 10:23 - 00000000 ____D () C:\ProgramData\Origin
2014-01-30 15:19 - 2013-08-23 23:50 - 00000000 ____D () C:\Users\Manuel\Documents\Diablo III
2014-01-30 15:19 - 2013-08-20 15:09 - 00000000 ____D () C:\Users\Manuel\AppData\Local\PAYDAY 2
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\library_dir
2014-01-30 15:15 - 2014-01-30 15:15 - 00060993 _____ () C:\Windows\SysWOW64\CCCInstall_201401301515246048.log
2014-01-30 15:12 - 2013-06-23 12:05 - 00000000 ____D () C:\AMD
2014-01-30 15:10 - 2013-12-21 11:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-30 14:57 - 2014-01-30 14:57 - 00362029 _____ () C:\Windows\SysWOW64\sqlite3.dll
2014-01-30 14:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-30 14:51 - 2009-07-14 06:13 - 01657124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-30 14:36 - 2014-01-30 14:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-30 14:29 - 2013-06-23 13:16 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-01-29 20:43 - 2013-11-17 10:56 - 00000000 ____D () C:\Users\Manuel\Desktop\photoshop
2014-01-29 20:33 - 2013-08-12 12:52 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-01-29 20:33 - 2013-08-12 12:45 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-01-29 16:19 - 2014-01-29 15:27 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-29 16:19 - 2013-12-21 11:14 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-29 15:27 - 2013-12-21 12:24 - 00000000 ____D () C:\Users\Manuel\AppData\Local\PunkBuster
2014-01-29 15:27 - 2013-12-21 11:14 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-29 15:27 - 2013-12-21 11:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-25 14:47 - 2009-07-14 05:45 - 04938392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-24 18:30 - 2013-06-23 12:33 - 00058792 _____ () C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-24 18:15 - 2013-08-10 18:52 - 00000000 ____D () C:\Users\Manuel\Desktop\mc
2014-01-24 18:02 - 2013-12-04 18:36 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\TeamViewer
2014-01-24 18:01 - 2013-07-10 17:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-24 16:09 - 2014-01-24 16:09 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-01-24 15:30 - 2014-01-21 17:03 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Teeworlds
2014-01-22 18:49 - 2014-01-22 18:49 - 00263186 _____ () C:\Users\Manuel\Desktop\Minecraft.exe
2014-01-22 13:49 - 2014-01-22 13:49 - 00000202 _____ () C:\Users\Manuel\Desktop\APB Reloaded.url
2014-01-21 17:03 - 2014-01-21 17:03 - 00000000 ____D () C:\Users\Manuel\Desktop\13x37 0.6.1 Client - Public 003 (win32)
2014-01-20 16:05 - 2014-01-10 22:04 - 00000000 ____D () C:\CFLog
2014-01-19 20:10 - 2009-07-14 05:45 - 00006144 _____ () C:\Windows\system32\umstartup.etl
2014-01-19 20:01 - 2013-08-12 13:50 - 00062431 _____ () C:\Windows\DirectX.log
2014-01-19 19:19 - 2013-12-18 19:05 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-01-19 19:16 - 2014-01-19 19:16 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-19 19:16 - 2014-01-19 19:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-19 19:16 - 2014-01-19 19:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-19 19:16 - 2014-01-19 19:16 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-19 19:00 - 2014-01-19 19:00 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 21:29 - 2014-01-18 21:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-01-17 20:02 - 2014-01-14 17:40 - 00000000 ____D () C:\Users\Manuel\Desktop\mc server
2014-01-17 14:25 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 22:00 - 2009-07-14 05:45 - 00015360 _____ () C:\Windows\system32\umstartup000.etl
2014-01-16 15:25 - 2013-11-01 22:06 - 00000000 ____D () C:\Users\Manuel\Desktop\Textdokumente
2014-01-15 20:18 - 2013-06-30 11:08 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\ftblauncher
2014-01-15 18:09 - 2014-01-15 18:09 - 00000000 ____D () C:\Users\Manuel\AppData\Local\LogMeIn
2014-01-15 18:09 - 2014-01-15 18:09 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-01-14 16:13 - 2014-01-07 20:20 - 00000000 ____D () C:\Users\Manuel\Desktop\hack123
2014-01-13 16:39 - 2014-01-13 16:39 - 00000000 ____D () C:\AeriaGames

Some content of TEMP:
====================
C:\Users\Manuel\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe
C:\Users\Manuel\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Manuel\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-11-g81cb6e3-b2853jnks.dll
C:\Users\Manuel\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-10-gd51ccd1-b2987jnks.dll
C:\Users\Manuel\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-7-g169af45-b2985jnks.dll
C:\Users\Manuel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Manuel\AppData\Local\Temp\raptrpatch.exe
C:\Users\Manuel\AppData\Local\Temp\raptr_stub.exe
C:\Users\Manuel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Manuel\AppData\Local\Temp\skype_amd643476549469918892946.dll
C:\Users\Manuel\AppData\Local\Temp\sonarinst.exe
C:\Users\Manuel\AppData\Local\Temp\SRLDetectionLibrary6013315643244146918.dll
C:\Users\Manuel\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Manuel\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-31 13:23

==================== End Of Log ============================
         
--- --- ---


Addition

[/CODE]
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2014
Ran by Manuel at 2014-02-08 09:34:35
Running from C:\Users\Manuel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Creative Cloud (x32 Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
APB Reloaded (x32 Version:  - Reloaded Productions)
AutoHotkey 1.1.11.01 (Version: 1.1.11.01 - Lexikos)
avast! Free Antivirus (x32 Version: 9.0.2008 - Avast Software)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlefield Heroes (Manuel) (HKCU Version:  - EA Digital illusions)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
Bing-Desktop (x32 Version: 1.3.347.0 - Microsoft Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CLICKBIOSII (x32 Version: 1.0.123 - MSI)
ControlCenter (x32 Version: 2.5.060 - MSI)
Counter-Strike: Source (x32 Version:  - Valve)
Cross Fire En (x32 Version:  - Z8Games.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (x32 Version:  - Blizzard Entertainment)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version:  - )
Garry's Mod (x32 Version:  - Garry)
GhostMouse (x32 Version: Free V3.2.1 - ghost-mouse.com)
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Gyazo 1.0.1 (x32 Version:  - Nota Inc. & Toshiyuki Masui)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (x32 Version:  - Valve)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MTA:SA v1.3.4 (x32 Version: v1.3.4 - Multi Theft Auto)
Notepad++ (x32 Version: 6.5.1 - Notepad++ Team)
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation)
Origin (x32 Version: 9.3.6.4639 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (Version: 3.60.0 - dotPDN LLC)
PAYDAY 2 (x32 Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PunkBuster Services (x32 Version: 0.990 - Even Balance, Inc.)
PX3 Presets Manager (x32 Version: 1.00.0000 - Turtle Beach)
Raptr (x32 Version:  - )
Realtek Ethernet Controller Driver (x32 Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6631 - Realtek Semiconductor Corp.)
Rust (x32 Version:  - Facepunch Studios)
Skype™ 6.5 (x32 Version: 6.5.158 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (x32 Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (x32 Version: 9.0.25790 - TeamViewer)
tools-freebsd (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
VMware Workstation (Version: 10.0.1 - VMware, Inc.) Hidden
VMware Workstation (x32 Version: 10.0.1 - VMware, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

29-01-2014 19:32:37 Removed Aeria Ignite
30-01-2014 13:33:36 Windows Update
30-01-2014 13:45:52 Windows Update
30-01-2014 14:09:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
30-01-2014 14:10:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
30-01-2014 14:11:38 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte
01-02-2014 02:00:10 Windows Update
01-02-2014 17:21:14 Installed Java 7 Update 51
04-02-2014 17:05:55 Windows Update
04-02-2014 17:06:46 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
04-02-2014 17:07:11 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {5BD9C972-842B-4CA0-B9C2-4ED3FF82E21D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {61884C41-CC1E-44E1-9591-4EB47F2AC30D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {A09E3BAD-C3DD-494B-90E6-8AA877BAFC56} - System32\Tasks\AdobeAAMUpdater-1.0-Manuel-PC-Manuel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {B32E91A3-FEE9-461F-9853-9E96046BF57D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-22] (AVAST Software)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-04-04 09:38 - 2013-11-14 13:08 - 00302056 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-04-04 09:38 - 2013-11-14 13:08 - 00320488 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-04-04 09:38 - 2013-11-14 13:08 - 00186344 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2013-04-04 09:38 - 2013-11-14 13:08 - 00565224 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-11-14 13:08 - 2013-11-14 13:08 - 00700904 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-08 09:12 - 2014-02-07 19:49 - 02171904 _____ () C:\Program Files\AVAST Software\Avast\defs\14020701\algo.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () D:\Vmware\libxml2.dll
2013-11-22 19:05 - 2013-11-22 19:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2012-06-22 22:53 - 2012-06-22 22:53 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2012-06-22 22:24 - 2012-06-22 22:24 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2012-06-22 22:39 - 2012-06-22 22:39 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2012-06-22 22:55 - 2012-06-22 22:55 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 20:01 - 2011-05-10 20:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2012-06-22 22:59 - 2012-06-22 22:59 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 08:53 - 2012-10-27 08:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Manuel\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Manuel\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2014 09:12:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2014 02:54:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2014 01:13:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2014 02:05:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2014 06:01:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/03/2014 03:13:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2014 00:35:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2014 01:13:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 01:07:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 02:57:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/01/2014 06:11:11 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/01/2014 06:11:11 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/01/2014 03:16:22 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/01/2014 03:16:22 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/31/2014 01:55:52 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (01/30/2014 03:14:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/28/2014 06:18:04 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎28.‎01.‎2014 um 18:16:24 unerwartet heruntergefahren.

Error: (01/23/2014 02:56:29 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎22.‎01.‎2014 um 22:58:17 unerwartet heruntergefahren.

Error: (01/22/2014 03:03:30 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎22.‎01.‎2014 um 15:02:04 unerwartet heruntergefahren.

Error: (01/20/2014 05:35:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (02/08/2014 09:12:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2014 02:54:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2014 01:13:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2014 02:05:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2014 06:01:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/03/2014 03:13:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2014 00:35:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2014 01:13:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 01:07:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 02:57:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 8162.14 MB
Available physical RAM: 6257.24 MB
Total Pagefile: 16322.45 MB
Available Pagefile: 14236.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:250.49 GB) (Free:166.9 GB) NTFS
Drive d: () (Fixed) (Total:680.92 GB) (Free:519.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 01C5BAD2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=250 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=681 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
da der GMERlog zu groß war müsste ich ihn als anhang hochladen.

Geändert von manu92000 (08.02.2014 um 10:03 Uhr)

 

Themen zu Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen
adobe, antivirus, avast, branding, browser, defender, error, explorer, flash player, google, helper, installation, manuel, mozilla, realtek, registry, scan, security, services.exe, software, svchost.exe, system, teamspeak, temp, updates, vcredist, warnung




Ähnliche Themen: Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen


  1. Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan
    Log-Analyse und Auswertung - 18.10.2015 (23)
  2. Problem nach GMER Scan- Rechner zu lahm
    Antiviren-, Firewall- und andere Schutzprogramme - 08.03.2015 (16)
  3. Windows 7: Avira lässt sich nach GMER-Scan nicht mehr aktivieren
    Antiviren-, Firewall- und andere Schutzprogramme - 08.03.2015 (4)
  4. Windows 7: MailLink angeklickt, System noch ok? , Abstürze bei Gmer-scan
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (11)
  5. SuggestedSites.dat entdeckt und beim GMER Scan ist system abgestützt (blue screen)
    Log-Analyse und Auswertung - 18.10.2014 (11)
  6. PC nach GMER scan langsam
    Antiviren-, Firewall- und andere Schutzprogramme - 27.05.2014 (4)
  7. PC nach GMER scan superlangsam geworden.
    Log-Analyse und Auswertung - 30.06.2013 (25)
  8. Laptop immer langsamer, absturz, OTL scan abgestürzt, gmer scan > Systemabsturz - HILFE!
    Plagegeister aller Art und deren Bekämpfung - 06.02.2013 (3)
  9. Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt
    Log-Analyse und Auswertung - 22.10.2012 (19)
  10. Nach Verschlüsselungstrojaner Malewarebytes-/defogger-/otlpenet-/gmer-scan durchgeführt
    Log-Analyse und Auswertung - 21.08.2012 (27)
  11. GMER Scan nach Windows 7 Neuinstalltion
    Plagegeister aller Art und deren Bekämpfung - 03.08.2011 (5)
  12. Gmer Scan durchgeführt-und nun?
    Log-Analyse und Auswertung - 23.03.2011 (7)
  13. System sauber??? Gmer Scan
    Log-Analyse und Auswertung - 24.05.2009 (0)
  14. browser hat problem festgestellt, wird geschlossen. PC stürzt ab bevor Scan fertig
    Alles rund um Windows - 07.05.2009 (1)
  15. Frage zu GMER Rootkit Scan
    Antiviren-, Firewall- und andere Schutzprogramme - 17.02.2009 (3)
  16. automatischer neutstart unmittelbar nach antivir system-scan start
    Plagegeister aller Art und deren Bekämpfung - 15.08.2008 (1)

Zum Thema Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen - FRST FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by Manuel (administrator) on MANUEL-PC on 08-02-2014 09:34:11 Running from - Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen...
Archiv
Du betrachtest: Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.