| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Treiber Probleme mit leichten SystembeinträchtigungenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.02.2014, 15:07
| #1 |
 |  Treiber Probleme mit leichten Systembeinträchtigungen Hallo, eigentlich hatte ich nur ein kleines Problem mit einem acedrv05.sys Treiber der meinem Systemstart verlangsamte(laut Systemstartanalysetool von Windows). Darauf dachte ich mir mal allgemein alle Hard/Software Treiber zu aktualisieren. Leider nicht manuell sonderen mit verschiedenen Tools aus dem Netz. Dabei hat mein avast Antivir Alarm geschlagen und Maleware entdeckt. Musste einen Neustart machen, leider habe ich darüber keine Logs oder Archive gefunden. Nun habe ich keine akuten Probleme, aber kleinere. Der Systemstart dauert immer noch recht lang, zudem fährt mein Rechner früher oder später immer wieder von alleine aus dem StandBy Betrieb hoch. Mozilla Firefox ist 2 mal eingefroren. Erstmal zu meinen System: Code:
ATTFilter Code:
ATTFilter Zur acedrv05.sys FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01 Ran by Patrick (administrator) on PATRICK-PC on 15-02-2014 14:53:10 Running from C:\Users\Patrick\Desktop\TEST Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe (Intel Corporation) C:\Windows\system32\IProsetMonitor.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation) C:\Windows\system32\mqsvc.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.) HKLM\...\Run: [Cm106Sound] - C:\Windows\Syswow64\cm106.dll [8151040 2010-07-01] (C-Media Corporation) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.) HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2000-01-01] (Realtek Semiconductor) HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.) HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] () HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-12] (AVAST Software) HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2000-01-01] () HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-841257951-2905640-2559971789-1000\...\Run: [Google Update] - C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-08] (Google Inc.) HKU\S-1-5-21-841257951-2905640-2559971789-1000\...\MountPoints2: {fdd3d94b-05ce-11e0-b828-00016c6e4f1c} - L:\autorun.exe ==================== Internet (Whitelisted) ==================== ProxyServer: http=;ftp=;https=; HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m5810&r=17360510ln069f3254405qh8k3wv2r HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE378 SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb BHO: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIEx64.dll (G Data Software AG) BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIE.dll (G Data Software AG) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIEx64.dll (G Data Software AG) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIE.dll (G Data Software AG) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 80.69.103.78 80.69.102.158 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lcoa2o11.default FF Homepage: hxxp://www.google.de/firefox FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Patrick\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Patrick\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DownloadHelper - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lcoa2o11.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27] FF Extension: Ghostery - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lcoa2o11.default\Extensions\firefox@ghostery.com.xpi [2014-02-12] FF Extension: DownThemAll! - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lcoa2o11.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-10] FF Extension: G Data WebFilter - C:\Program Files (x86)\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2014-02-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-21] FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-08] CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-08] CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-08] CHR Extension: (Google-Suche) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-08] CHR Extension: (avast! Online Security) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-28] CHR Extension: (Google Wallet) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (Google Mail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-08] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-03-08] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-12] (AVAST Software) S4 AVKProxy; C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [1128008 2009-12-07] (G Data Software AG) S4 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [397896 2009-08-08] (G Data Software AG) S4 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe [1731504 2009-11-25] (G Data Software AG) S3 GDScan; C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe [302152 2009-11-26] (G Data Software AG) R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation) R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation) R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-16] () S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe [68760 2008-12-27] (SiSoftware) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S1 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2011-04-22] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-12] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-15] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-12] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-12] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-12] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-15] () S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2010-08-07] () R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [34760 2010-10-07] (G Data Software AG) S3 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [74184 2010-10-07] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\DRIVERS\gdwfpcd64.sys [48584 2010-10-07] (G DATA Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106224 2010-10-13] (G Data Software) R1 GRD; C:\Windows\SysWOW64\drivers\GRD.sys [106224 2013-11-23] (G Data Software) S3 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [42952 2010-10-07] (G Data Software AG) R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2010-08-07] () R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware) S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce)) S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology) R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce)) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-05-03] () S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-02-13] () S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-10-21] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2010-10-21] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2010-10-21] (LG Electronics Inc.) S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-10-01] (C-Media Electronics Inc) R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-08-04] (CyberLink Corp.) U3 af19sgz7; C:\Windows\System32\Drivers\af19sgz7.sys [0 ] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-15 12:55 - 2014-02-15 12:55 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-02-15 12:55 - 2014-02-15 12:55 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Malwarebytes 2014-02-15 12:55 - 2014-02-15 12:55 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-02-15 12:55 - 2014-02-15 12:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-15 12:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-02-15 12:54 - 2014-02-15 12:54 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-14 17:06 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-14 17:06 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-14 17:06 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-14 17:06 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-14 17:06 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-14 17:06 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-14 17:06 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-14 17:06 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-14 17:06 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-14 17:06 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-14 17:06 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-14 17:06 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-14 17:06 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-14 17:06 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-14 17:06 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-14 17:06 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-14 17:06 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-14 17:06 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-14 17:06 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-14 17:06 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-14 17:06 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-14 17:06 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-14 17:06 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-14 17:06 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-14 17:06 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-14 17:06 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-14 17:06 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-14 17:06 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-14 17:06 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-14 17:06 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-14 17:06 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-14 17:06 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-14 17:06 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-14 17:06 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-14 17:06 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-14 17:05 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-14 17:05 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-14 17:05 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-14 17:05 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-14 17:05 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-14 17:05 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-14 14:48 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-14 14:48 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-14 14:48 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-14 14:48 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-14 14:48 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-14 14:48 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-14 14:47 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-14 14:47 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-14 14:47 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-14 14:47 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-14 14:47 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-14 14:47 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-14 14:47 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-14 14:47 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-14 14:47 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-14 14:47 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-14 14:47 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-14 14:47 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-14 14:47 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-14 14:47 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-14 14:47 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-14 14:47 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-14 14:47 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-14 14:47 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-14 14:47 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-14 14:47 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-14 14:47 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-14 14:47 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-13 16:53 - 2014-02-13 16:53 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\Patrick\Downloads\SlimDrivers-setup_32705(1).exe 2014-02-12 20:10 - 2014-02-12 20:10 - 00614792 _____ (Chip Digital GmbH) C:\Users\Patrick\Desktop\HijackThis - CHIP-Downloader.exe 2014-02-12 20:03 - 2014-02-12 20:21 - 00000000 ____D () C:\Users\Patrick\Desktop\Verschlüsseln 2014-02-12 18:55 - 2014-02-12 18:55 - 00001999 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk 2014-02-12 18:55 - 2014-02-12 18:55 - 00001969 _____ () C:\Users\Patrick\Desktop\Update Checker.lnk 2014-02-12 18:55 - 2014-02-12 18:55 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com 2014-02-12 18:54 - 2014-02-12 18:54 - 00264757 _____ () C:\Users\Patrick\Downloads\FHSetup.exe 2014-02-12 18:40 - 2014-02-12 18:41 - 00000881 _____ () C:\Users\Patrick\Desktop\Systemkonfiguration.lnk 2014-02-12 18:39 - 2014-02-12 18:39 - 00001256 _____ () C:\Users\Patrick\Desktop\SystemInformation.lnk 2014-02-12 16:18 - 2009-07-14 05:54 - 00001298 _____ () C:\Users\Patrick\Desktop\Event Viewer.lnk 2014-02-12 14:07 - 2014-02-15 12:41 - 00001197 _____ () C:\Windows\DtcInstall.log 2014-02-11 22:52 - 2014-02-15 14:53 - 00000000 ____D () C:\Users\Patrick\Desktop\TEST 2014-02-11 22:52 - 2014-02-15 14:53 - 00000000 ____D () C:\FRST 2014-02-11 21:26 - 2014-02-15 12:41 - 00001512 _____ () C:\Windows\setupact.log 2014-02-11 21:26 - 2014-02-11 21:26 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-11 21:12 - 2014-02-11 21:12 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-02-11 21:12 - 2014-02-11 21:12 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-02-11 21:12 - 2014-02-11 21:12 - 00000000 ____D () C:\Program Files\Realtek 2014-02-11 21:11 - 2014-02-11 21:11 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Intel Corporation 2014-02-11 21:11 - 2000-01-01 01:00 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-02-11 21:11 - 2000-01-01 01:00 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 05751576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 05681192 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2014-02-11 21:11 - 2000-01-01 01:00 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-02-11 21:11 - 2000-01-01 01:00 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-02-11 21:11 - 2000-01-01 01:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00929080 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00681905 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-02-11 21:11 - 2000-01-01 01:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2014-02-11 21:11 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2014-02-11 21:10 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-02-11 20:59 - 2012-02-01 16:16 - 00568600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys 2014-02-11 20:58 - 2014-02-11 20:58 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Matrox 2014-02-11 20:57 - 2009-07-14 02:15 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Difxec8f.rra 2014-02-11 20:57 - 2000-01-01 01:00 - 00121432 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys 2014-02-11 20:55 - 2014-02-11 20:55 - 00000000 ____D () C:\Program Files\Intel 2014-02-11 20:55 - 2013-05-16 19:45 - 00552760 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe 2014-02-11 20:55 - 2006-01-12 23:52 - 00001904 ____N () C:\Windows\system32\SetupBD.din 2014-02-11 20:50 - 2014-02-11 20:50 - 00000000 ____D () C:\Windows\SysWOW64\sda 2014-02-11 20:50 - 2000-01-01 01:00 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll 2014-02-11 20:50 - 2000-01-01 01:00 - 00422504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll 2014-02-11 20:50 - 2000-01-01 01:00 - 00250984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys 2014-02-11 20:42 - 2014-02-11 20:42 - 00000000 ____D () C:\Users\Patrick\AppData\Local\NVIDIA Corporation 2014-02-11 20:36 - 2014-02-11 20:42 - 00000000 ____D () C:\Users\Patrick\AppData\Local\NVIDIA 2014-02-11 20:36 - 2014-02-11 20:36 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-02-11 20:36 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-02-11 20:36 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-02-11 20:33 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-02-11 20:33 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-02-11 20:33 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-02-11 20:33 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-02-11 20:33 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-02-11 20:32 - 2014-02-11 20:32 - 00000000 ____D () C:\NVIDIA 2014-02-11 20:29 - 2014-02-13 16:54 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-02-11 20:29 - 2014-02-11 20:29 - 00000000 ____D () C:\Users\Patrick\AppData\Local\SlimWare Utilities Inc 2014-02-11 20:28 - 2014-02-11 20:28 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-02-11 20:17 - 2014-02-11 20:39 - 00000410 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2014-02-11 20:17 - 2014-02-11 20:27 - 00000000 ____D () C:\Program Files\Easeware 2014-02-11 20:17 - 2014-02-11 20:17 - 00003820 _____ () C:\Windows\System32\Tasks\DriverEasy Scheduled Scan 2014-02-11 20:17 - 2014-02-11 20:17 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Easeware 2014-02-11 20:13 - 2014-02-11 20:14 - 00013611 _____ () C:\Users\Patrick\AppData\Local\HWVendorDetection.log 2014-02-11 19:16 - 2014-02-11 19:16 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-02-10 20:59 - 2014-02-10 20:59 - 03645064 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup410_slim.exe 2014-02-10 15:43 - 2014-02-10 15:46 - 00000000 ____D () C:\Users\Patrick\Desktop\Musik2 2014-02-10 15:42 - 2014-02-10 15:46 - 00000000 ____D () C:\Users\Patrick\Desktop\Oh Shit 2014-02-10 15:15 - 2014-02-10 15:15 - 00000000 ____D () C:\Users\Patrick\AppData\Local\DDMSettings 2014-02-10 12:59 - 2014-02-10 14:55 - 00000000 ____D () C:\Users\Patrick\Desktop\DownThemAll 2014-02-10 12:00 - 2014-02-15 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-08 15:40 - 2014-02-08 16:26 - 2121412933 _____ () C:\Users\Patrick\Desktop\2033.mp4 2014-01-25 06:40 - 2014-01-25 07:24 - 00000000 ____D () C:\Users\Patrick\Desktop\WWM dick dich ==================== One Month Modified Files and Folders ======= 2014-02-15 14:53 - 2014-02-11 22:52 - 00000000 ____D () C:\Users\Patrick\Desktop\TEST 2014-02-15 14:53 - 2014-02-11 22:52 - 00000000 ____D () C:\FRST 2014-02-15 14:42 - 2013-01-25 08:54 - 02077022 _____ () C:\Windows\WindowsUpdate.log 2014-02-15 14:37 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-15 14:37 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-15 14:23 - 2010-05-03 11:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-15 14:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-02-15 13:54 - 2013-03-08 17:34 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841257951-2905640-2559971789-1000UA.job 2014-02-15 13:37 - 2014-02-10 12:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-15 12:55 - 2014-02-15 12:55 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-02-15 12:55 - 2014-02-15 12:55 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Malwarebytes 2014-02-15 12:55 - 2014-02-15 12:55 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-02-15 12:55 - 2014-02-15 12:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-15 12:54 - 2014-02-15 12:54 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-15 12:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\inetsrv 2014-02-15 12:42 - 2010-05-03 11:33 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-15 12:41 - 2014-02-12 14:07 - 00001197 _____ () C:\Windows\DtcInstall.log 2014-02-15 12:41 - 2014-02-11 21:26 - 00001512 _____ () C:\Windows\setupact.log 2014-02-15 12:41 - 2009-09-28 00:50 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-15 12:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-14 17:07 - 2010-05-16 14:26 - 01814474 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-02-14 17:07 - 2009-09-25 17:34 - 00786028 _____ () C:\Windows\system32\perfh007.dat 2014-02-14 17:07 - 2009-09-25 17:34 - 00181292 _____ () C:\Windows\system32\perfc007.dat 2014-02-14 17:07 - 2009-07-14 06:13 - 01814474 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-14 16:04 - 2012-12-30 18:50 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-02-13 17:29 - 2010-05-26 18:19 - 00153600 _____ () C:\Users\Patrick\Documents\Finzans.xlr 2014-02-13 17:29 - 2010-05-26 16:41 - 00001614 _____ () C:\Users\Patrick\AppData\Roaming\wklnhst.dat 2014-02-13 16:54 - 2014-02-11 20:29 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-02-13 16:53 - 2014-02-13 16:53 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\Patrick\Downloads\SlimDrivers-setup_32705(1).exe 2014-02-12 20:21 - 2014-02-12 20:03 - 00000000 ____D () C:\Users\Patrick\Desktop\Verschlüsseln 2014-02-12 20:10 - 2014-02-12 20:10 - 00614792 _____ (Chip Digital GmbH) C:\Users\Patrick\Desktop\HijackThis - CHIP-Downloader.exe 2014-02-12 19:54 - 2013-03-08 17:34 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841257951-2905640-2559971789-1000Core.job 2014-02-12 19:49 - 2013-03-08 17:34 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-841257951-2905640-2559971789-1000UA 2014-02-12 19:49 - 2013-03-08 17:34 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-841257951-2905640-2559971789-1000Core 2014-02-12 19:00 - 2014-01-15 21:02 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-02-12 19:00 - 2012-12-29 21:41 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-12 19:00 - 2012-01-21 16:39 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-02-12 19:00 - 2012-01-21 16:38 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-12 19:00 - 2012-01-21 16:38 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-12 19:00 - 2012-01-21 16:38 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-12 19:00 - 2012-01-21 16:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-12 18:55 - 2014-02-12 18:55 - 00001999 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk 2014-02-12 18:55 - 2014-02-12 18:55 - 00001969 _____ () C:\Users\Patrick\Desktop\Update Checker.lnk 2014-02-12 18:55 - 2014-02-12 18:55 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com 2014-02-12 18:54 - 2014-02-12 18:54 - 00264757 _____ () C:\Users\Patrick\Downloads\FHSetup.exe 2014-02-12 18:41 - 2014-02-12 18:40 - 00000881 _____ () C:\Users\Patrick\Desktop\Systemkonfiguration.lnk 2014-02-12 18:39 - 2014-02-12 18:39 - 00001256 _____ () C:\Users\Patrick\Desktop\SystemInformation.lnk 2014-02-12 18:36 - 2011-01-27 20:17 - 00007597 _____ () C:\Users\Patrick\AppData\Local\Resmon.ResmonCfg 2014-02-12 16:33 - 2013-12-29 00:17 - 00011212 _____ () C:\Users\Patrick\Desktop\TabaK.xlsx 2014-02-11 21:26 - 2014-02-11 21:26 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-11 21:14 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-11 21:12 - 2014-02-11 21:12 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-02-11 21:12 - 2014-02-11 21:12 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-02-11 21:12 - 2014-02-11 21:12 - 00000000 ____D () C:\Program Files\Realtek 2014-02-11 21:11 - 2014-02-11 21:11 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Intel Corporation 2014-02-11 21:10 - 2009-09-17 22:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-02-11 21:08 - 2009-09-17 22:04 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-02-11 20:58 - 2014-02-11 20:58 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Matrox 2014-02-11 20:57 - 2009-09-17 22:16 - 00000000 ____D () C:\Windows\RaidTool 2014-02-11 20:55 - 2014-02-11 20:55 - 00000000 ____D () C:\Program Files\Intel 2014-02-11 20:52 - 2009-09-28 00:46 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-02-11 20:50 - 2014-02-11 20:50 - 00000000 ____D () C:\Windows\SysWOW64\sda 2014-02-11 20:42 - 2014-02-11 20:42 - 00000000 ____D () C:\Users\Patrick\AppData\Local\NVIDIA Corporation 2014-02-11 20:42 - 2014-02-11 20:36 - 00000000 ____D () C:\Users\Patrick\AppData\Local\NVIDIA 2014-02-11 20:42 - 2012-01-16 16:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-02-11 20:39 - 2014-02-11 20:17 - 00000410 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2014-02-11 20:36 - 2014-02-11 20:36 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-02-11 20:36 - 2012-01-16 16:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-02-11 20:36 - 2012-01-16 15:46 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-02-11 20:32 - 2014-02-11 20:32 - 00000000 ____D () C:\NVIDIA 2014-02-11 20:29 - 2014-02-11 20:29 - 00000000 ____D () C:\Users\Patrick\AppData\Local\SlimWare Utilities Inc 2014-02-11 20:28 - 2014-02-11 20:28 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-02-11 20:27 - 2014-02-11 20:17 - 00000000 ____D () C:\Program Files\Easeware 2014-02-11 20:17 - 2014-02-11 20:17 - 00003820 _____ () C:\Windows\System32\Tasks\DriverEasy Scheduled Scan 2014-02-11 20:17 - 2014-02-11 20:17 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Easeware 2014-02-11 20:14 - 2014-02-11 20:13 - 00013611 _____ () C:\Users\Patrick\AppData\Local\HWVendorDetection.log 2014-02-11 20:09 - 2009-09-17 22:39 - 00000000 ____D () C:\Program Files (x86)\Acer 2014-02-11 20:08 - 2009-09-17 22:56 - 00000000 ___HD () C:\OEM 2014-02-11 19:20 - 2013-09-11 18:38 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-02-11 19:16 - 2014-02-11 19:16 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-02-11 19:16 - 2013-09-11 18:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-02-11 19:05 - 2012-01-16 14:46 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-02-11 19:05 - 2012-01-16 14:09 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-02-10 21:00 - 2014-01-14 11:05 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-10 21:00 - 2011-06-29 15:36 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-10 20:59 - 2014-02-10 20:59 - 03645064 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup410_slim.exe 2014-02-10 20:53 - 2013-03-08 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-10 15:51 - 2010-10-03 11:37 - 00000000 ____D () C:\Users\Patrick\Documents\ProgrammVerknüpfungen 2014-02-10 15:46 - 2014-02-10 15:43 - 00000000 ____D () C:\Users\Patrick\Desktop\Musik2 2014-02-10 15:46 - 2014-02-10 15:42 - 00000000 ____D () C:\Users\Patrick\Desktop\Oh Shit 2014-02-10 15:40 - 2011-05-07 17:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\vlc 2014-02-10 15:15 - 2014-02-10 15:15 - 00000000 ____D () C:\Users\Patrick\AppData\Local\DDMSettings 2014-02-10 14:55 - 2014-02-10 12:59 - 00000000 ____D () C:\Users\Patrick\Desktop\DownThemAll 2014-02-10 11:53 - 2013-03-08 18:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-10 11:53 - 2013-03-08 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-10 11:52 - 2010-05-26 17:47 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-02-08 16:26 - 2014-02-08 15:40 - 2121412933 _____ () C:\Users\Patrick\Desktop\2033.mp4 2014-02-07 17:03 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-02-06 19:04 - 2011-01-23 17:00 - 00012809 _____ () C:\Users\Patrick\Documents\Gerburtstage.xlsx 2014-02-06 13:16 - 2014-02-14 17:06 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 12:30 - 2014-02-14 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 12:30 - 2014-02-14 17:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 12:12 - 2014-02-14 17:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 12:07 - 2014-02-14 17:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 12:06 - 2014-02-14 17:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 11:57 - 2014-02-14 17:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 11:56 - 2014-02-14 17:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 11:52 - 2014-02-14 17:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 11:49 - 2014-02-14 17:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 11:48 - 2014-02-14 17:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 11:48 - 2014-02-14 17:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 11:38 - 2014-02-14 17:05 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-06 11:32 - 2014-02-14 17:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 11:20 - 2014-02-14 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-06 11:17 - 2014-02-14 17:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 11:11 - 2014-02-14 17:05 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 11:01 - 2014-02-14 17:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-06 11:00 - 2014-02-14 17:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-14 17:06 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-06 10:57 - 2014-02-14 17:06 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 10:52 - 2014-02-14 17:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-06 10:52 - 2014-02-14 17:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-06 10:50 - 2014-02-14 17:05 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 10:49 - 2014-02-14 17:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-06 10:47 - 2014-02-14 17:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-06 10:46 - 2014-02-14 17:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-06 10:25 - 2014-02-14 17:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-06 10:25 - 2014-02-14 17:05 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-06 10:24 - 2014-02-14 17:06 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 10:22 - 2014-02-14 17:05 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 10:13 - 2014-02-14 17:06 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-06 10:09 - 2014-02-14 17:06 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-06 10:03 - 2014-02-14 17:05 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-06 09:55 - 2014-02-14 17:06 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 09:41 - 2014-02-14 17:06 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-06 09:40 - 2014-02-14 17:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-06 09:36 - 2014-02-14 17:06 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-06 09:34 - 2014-02-14 17:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-04 00:52 - 2013-03-08 17:34 - 00002368 _____ () C:\Users\Patrick\Desktop\Google Chrome.lnk 2014-01-31 17:56 - 2010-05-03 11:26 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\DAEMON Tools Lite 2014-01-31 16:49 - 2010-05-03 17:36 - 00000000 ____D () C:\Tactical Ops 2014-01-25 07:24 - 2014-01-25 06:40 - 00000000 ____D () C:\Users\Patrick\Desktop\WWM dick dich 2014-01-25 00:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-01-18 12:13 - 2013-07-29 17:12 - 00000000 ____D () C:\Windows\system32\MRT 2014-01-18 12:10 - 2010-05-03 17:08 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-18 08:33 - 2010-10-03 11:28 - 00000113 _____ () C:\Windows\Podcasts.INI 2014-01-16 10:56 - 2010-05-02 21:38 - 00118328 _____ () C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT Files to move or delete: ==================== C:\ProgramData\dsgsdgdsgdsgw.pad Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2010-09-30 11:19 ==================== End Of Log ============================ --- --- --- --- --- --- Hier ein schneller Malwarebytes Anti-Malware Log Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.15.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Patrick :: PATRICK-PC [Administrator] 15.02.2014 12:57:02 MBAM-log-2014-02-15 (13-05-46).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 309487 Laufzeit: 6 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\Patrick\Downloads\topbreaksnookerzip_downloader_by_OneOnlineGames.exe (PUP.Optional.Somoto) -> Keine Aktion durchgeführt. C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Keine Aktion durchgeführt. (Ende) Wie soll ich vorgehen und sieht man aus dem FRST log noch andere Unstimmigkeiten? edit: Hatte schon ein Thema in einem anderen Unterforum. Sollte hier ein neues eröffnen Quelle:http://www.trojaner-board.de/149648-...ows-start.html Kriege irgendwie kein HyperLink hin  Entschuldige Scheint doch zu klappen:P Geändert von nOOb@pc (15.02.2014 um 15:12 Uhr) |
|
15.02.2014, 17:46
| #2 |
| /// the machine /// TB-Ausbilder    | Treiber Probleme mit leichten Systembeinträchtigungen hi,
__________________welche infizierten? Deinstallere Avast oder GDATA, 2 AV = Rechner schrott. Deinstalliere alles von Deamon Tools und Co, dann sind auch deine Probleme weg.
__________________ |
|
15.02.2014, 17:50
| #3 |
| | Treiber Probleme mit leichten Systembeinträchtigungen aus dem Malewarebytes Log
__________________Code:
ATTFilter Infizierte Dateien: 2
C:\Users\Patrick\Downloads\topbreaksnookerzip_downloader_by_OneOnlineGames.exe (PUP.Optional.Somoto) -> Keine Aktion durchgeführt.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Keine Aktion durchgeführt.
|
|
16.02.2014, 07:53
| #4 |
| /// the machine /// TB-Ausbilder | Treiber Probleme mit leichten Systembeinträchtigungen ja die kannste löschen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Treiber Probleme mit leichten Systembeinträchtigungen |
| acedrv05.sys, adobe, antivir, antivirus, browser, ccsetup, desktop, firefox, focus, ftp, google, helper, hijack, hijackthis, home, installation, maleware, mozilla, musik, port, problem, realtek, registry, scan, security, services.exe, svchost.exe, windows |
Linear-Darstellung
