Trojaner-Board - E-Mail Account versendet Spam-Mails

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - E-Mail Account versendet Spam-Mails (https://www.trojaner-board.de/139590-e-mail-account-versendet-spam-mails.html)

E-Mail Account versendet Spam-Mails

Hallo liebes Forum,
heute bekam ich die E-Mail von meinem Vater, das ich ihm Spam verschickt hätte und das schon das 2. Mal.
Ich konnte in meinem Gesendet Postfach leider nichts davon vorfinden und bin auch absoluter Anfänger in Sache Viren, Rootkits etc.
Was mir ebenfalls aufgefallen ist, ist das mein Google Chrome Browser seltsamerweise des öfteren ein leeres Graues Fenster öffnet das in der Mitte der Seite erscheint. Mit einem Adblocker kann ich diese Löschen aber ein verhindern ist nicht möglich.
Ich habe nun einige Programm laufen lassen und poste euch nun die Logfiles.
Hoffe mir kann jemand helfen!
PS: Da ich Anfänger bin, bitte melden falls etwas fehlt!
Danke

Mfg Kai

Addition

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version 08-08-2013 02

Ran by Kai at 2013-08-09 143155

Running from CUsersKaiDownloads

Boot Mode Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

Acrobat.com (x32 Version 0.0.0)

Acrobat.com (x32 Version 1.1.377)

Adblock IE 2.3 (Version 2.3.1756)

Adobe AIR (x32 Version 1.0.4990)

Adobe AIR (x32 Version 1.0.8.4990)

Adobe Creative Cloud (x32 Version 2.0.2.189)

Adobe Flash Player 11 ActiveX (x32 Version 11.8.800.94)

Adobe Flash Player 11 Plugin (x32 Version 11.7.700.224)

Adobe Photoshop CC (x32 Version 14.0)

Adobe Reader XI (11.0.03) - Deutsch (x32 Version 11.0.03)

Alien Swarm (x32)

AMD OverDrive (x32 Version 4.2.6.0638)

AMD USB Filter Driver (x32 Version 1.0.14.91)

Apple Application Support (x32 Version 2.3.4)

Apple Mobile Device Support (Version 6.1.0.13)

Apple Software Update (x32 Version 2.1.3.127)

Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version 1.10.1.0)

ASRock eXtreme Tuner v0.1.91 (x32)

ASRock InstantBoot v1.28 (x32)

ATI Catalyst Install Manager (Version 3.0.762.0)

Avira Free Antivirus (x32 Version 13.0.0.3885)

Bonjour (Version 3.0.0.10)

Call of Duty Black Ops II - Multiplayer (x32)

Call of Duty Black Ops II - Zombies (x32)

Call of Duty Modern Warfare 3 - Multiplayer (x32)

Call of Duty Modern Warfare 3 (x32)

CameraHelperMsi (x32 Version 13.51.815.0)

Counter-Strike Global Offensive (x32)

Counter-Strike Source (x32)

DAEMON Tools Lite (x32 Version 4.47.1.0333)

Diablo III (x32 Version 1.0.8.16603)

erLT (x32 Version 1.20.138.34)

EVEREST Ultimate Edition v5.50 (x32 Version 5.50)

Free YouTube Download version 3.2.5.628 (x32 Version 3.2.5.628)

GameTracker Lite (x32)

Google Chrome (x32 Version 28.0.1500.95)

Google Chrome Frame (x32 Version 65.107.16500)

Google Update Helper (x32 Version 1.3.21.153)

Grand Theft Auto IV (x32)

HTC Driver Installer (x32 Version 4.2.0.001)

HTC Sync Manager (x32 Version 2.0.61.0)

IPTInstaller (x32 Version 4.0.8)

iTunes (Version 11.0.4.4)

Java 7 Update 21 (64-bit) (Version 7.0.210)

Java 7 Update 25 (x32 Version 7.0.250)

Java Auto Updater (x32 Version 2.1.9.5)

JDownloader 0.9 (x32 Version 0.9)

League of Legends (x32 Version 1.3)

LogicCircuit (x32 Version 1.9.0915)

Logitech Gaming Software (Version 8.45.88)

Logitech Gaming Software 8.46 (Version 8.46.27)

Logitech Webcam-Software (x32 Version 2.51)

LWS Facebook (x32 Version 13.50.854.0)

LWS Gallery (x32 Version 13.51.827.0)

LWS Help_main (x32 Version 13.51.828.0)

LWS Launcher (x32 Version 13.51.828.0)

LWS Motion Detection (x32 Version 13.51.815.0)

LWS Pictures And Video (x32 Version 13.51.815.0)

LWS Twitter (x32 Version 13.30.1346.0)

LWS Webcam Software (x32 Version 13.51.815.0)

LWS WLM Plugin (x32 Version 1.30.1201.0)

LWS YouTube Plugin (x32 Version 13.31.1038.0)

Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version 1.75.0.1300)

Microsoft .NET Framework 4 Client Profile (Version 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version 4.0.30319)

Microsoft .NET Framework 4 Extended (Version 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version 4.0.30319)

Microsoft Application Error Reporting (Version 12.0.6015.5000)

Microsoft Games for Windows - LIVE Redistributable (x32 Version 3.5.92.0)

Microsoft Games for Windows Marketplace (x32 Version 3.5.50.0)

Microsoft Silverlight (Version 5.1.20513.0)

Microsoft Visual C++ 2005 Redistributable (x32 Version 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version 10.0.40219)

Microsoft_VC80_CRT_x86 (x32 Version 8.0.50727.4053)

Microsoft_VC90_CRT_x86 (x32 Version 1.00.0000)

MSXML 4.0 SP2 (KB954430) (x32 Version 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version 4.20.9876.0)

Nero 12 (x32 Version 12.5.01900)

Nero Audio Pack 1 (x32 Version 11.0.11500.110.0)

Nero BackItUp (x32 Version 12.5.1000)

Nero BackItUp Help (CHM) (x32 Version 12.0.13000)

Nero Blu-ray Player (x32 Version 12.0.20014)

Nero Blu-ray Player Help (CHM) (x32 Version 12.0.9000)

Nero Burning ROM (x32 Version 12.5.5001)

Nero Burning ROM Help (CHM) (x32 Version 12.0.3000)

Nero ControlCenter (x32 Version 11.0.15600)

Nero ControlCenter Help (CHM) (x32 Version 12.0.12000)

Nero Core Components (x32 Version 11.0.20200)

Nero Disc Menus Basic (x32 Version 12.0.11500)

Nero Effects Basic (x32 Version 12.0.11500)

Nero Express (x32 Version 12.5.5002)

Nero Express Help (CHM) (x32 Version 12.0.13000)

Nero Kwik Media (x32 Version 1.18.20100)

Nero Kwik Media Help (CHM) (x32 Version 12.0.12000)

Nero Kwik Themes Basic (x32 Version 12.0.11500)

Nero PiP Effects Basic (x32 Version 12.0.11500)

Nero Recode (x32 Version 12.5.6000)

Nero Recode Help (CHM) (x32 Version 12.0.12000)

Nero RescueAgent (x32 Version 12.0.10002)

Nero RescueAgent Help (CHM) (x32 Version 12.0.7000)

Nero SharedVideoCodecs (x32 Version 1.0.12100.2.0)

Nero Update (x32 Version 11.0.11800.31.0)

Nero Video (x32 Version 12.5.2001)

Nero Video Help (CHM) (x32 Version 12.0.12000)

neroxml (x32 Version 1.0.0)

NVIDIA 3D Vision Controller-Treiber 320.49 (Version 320.49)

NVIDIA 3D Vision Treiber 320.49 (Version 320.49)

NVIDIA GeForce Experience 1.6 (Version 1.6)

NVIDIA Grafiktreiber 320.49 (Version 320.49)

NVIDIA HD-Audiotreiber 1.3.24.2 (Version 1.3.24.2)

NVIDIA Install Application (Version 2.1002.131.854)

NVIDIA PhysX (x32 Version 9.13.0604)

NVIDIA PhysX-Systemsoftware 9.13.0604 (Version 9.13.0604)

NVIDIA Stereoscopic 3D Driver (x32 Version 7.17.13.2049)

NVIDIA Systemsteuerung 320.49 (Version 320.49)

NVIDIA Update 7.2.17 (Version 7.2.17)

NVIDIA Update Components (Version 7.2.17)

NVIDIA Virtual Audio 1.2.1 (Version 1.2.1)

ock App Charger v1.0.5

OpenOffice.org 3.4.1 (x32 Version 3.41.9593)

Origin (x32 Version 9.1.15.109)

Pando Media Booster (x32 Version 2.6.0.9)

PDF Settings CC (x32 Version 12.0)

PiccShare (HKCU Version 2.0)

Prerequisite installer (x32 Version 12.0.0003)

Rage (x32)

Realtek Ethernet Controller Driver (x32 Version 7.44.421.2011)

Realtek High Definition Audio Driver (x32 Version 6.0.1.6378)

SHIELD Streaming (Version 1.05.19)

Skype™ 6.6 (x32 Version 6.6.106)

Spybot - Search & Destroy (x32 Version 2.1.21)

StarCraft II (x32 Version 2.0.8.25604)

Steam (x32 Version 1.0.0.0)

Team Fortress 2 (x32)

TeamSpeak 3 Client (Version 3.0.10)

THX TruStudio (x32 Version 1.00.01)

TrueCrypt (x32 Version 7.1a)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version 1)

VLC media player 2.0.7 (Version 2.0.7)

Welcome App (Start-up experience) (x32 Version 12.0.15000)

Winamp (x32 Version 5.7 Beta)

Winamp Erkennungs-Plug-in (HKCU Version 1.0.0.1)

Windows Live ID Sign-in Assistant (Version 6.500.3165.0)

Windows Mobile Device Updater Component (Version 04.08.2345.00)

WinRAR 4.20 (64-Bit) (Version 4.20.0)

XFastUsb (x32)

Zune (Version 04.08.2345.00)

Zune Language Pack (CHS) (Version 04.08.2345.00)

Zune Language Pack (CHT) (Version 04.08.2345.00)

Zune Language Pack (CSY) (Version 04.08.2345.00)

Zune Language Pack (DAN) (Version 04.08.2345.00)

Zune Language Pack (DEU) (Version 04.08.2345.00)

Zune Language Pack (ELL) (Version 04.08.2345.00)

Zune Language Pack (ESP) (Version 04.08.2345.00)

Zune Language Pack (FIN) (Version 04.08.2345.00)

Zune Language Pack (FRA) (Version 04.08.2345.00)

Zune Language Pack (HUN) (Version 04.08.2345.00)

Zune Language Pack (IND) (Version 04.08.2345.00)

Zune Language Pack (ITA) (Version 04.08.2345.00)

Zune Language Pack (JPN) (Version 04.08.2345.00)

Zune Language Pack (KOR) (Version 04.08.2345.00)

Zune Language Pack (MSL) (Version 04.08.2345.00)

Zune Language Pack (NLD) (Version 04.08.2345.00)

Zune Language Pack (NOR) (Version 04.08.2345.00)

Zune Language Pack (PLK) (Version 04.08.2345.00)

Zune Language Pack (PTB) (Version 04.08.2345.00)

Zune Language Pack (PTG) (Version 04.08.2345.00)

Zune Language Pack (RUS) (Version 04.08.2345.00)

Zune Language Pack (SVE) (Version 04.08.2345.00)
 

==================== Restore Points  =========================
 

26-07-2013 094453 Installed Nero 12.

27-07-2013 181254 Windows Update

08-08-2013 152603 Geplanter Prüfpunkt
 

==================== Hosts content ==========================
 

2009-07-14 0434 - 2009-06-10 2300 - 00000824 ____A CWindowssystem32Driversetchosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task {200F5894-D473-4BDC-856A-2C5C2624E4A9} - System32TasksMicrosoftWindowsMUILpksetup = CWindowsSystem32lpksetup.exe [2010-11-21] (Microsoft Corporation)

Task {7100F970-2B8B-420E-A8E9-CC51E0F1CC72} - System32TasksSafer-NetworkingSpybot - Search and DestroyScan the system = CProgram Files (x86)Spybot - Search &amp; Destroy 2SDScan.exe No File

Task {97B0F082-8488-4A72-BE78-29976E302B55} - System32TasksGoogleUpdateTaskMachineCore = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2013-05-22] (Google Inc.)

Task {BDA58606-C7E3-435C-BB58-5C839D96A28B} - System32TasksAdobeAAMUpdater-1.0-Kai-PC-Kai = CProgram Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)

Task {CCA2B57E-C49C-43D4-9F2F-FCD59FC1E610} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2013-05-22] (Google Inc.)

Task {CDC6AC0C-F17F-44BD-B5E7-7997B1164873} - System32TasksSafer-NetworkingSpybot - Search and DestroyRefresh immunization = CProgram Files (x86)Spybot - Search &amp; Destroy 2SDImmunize.exe No File

Task {D005F59E-BE0F-4695-A732-2137537FD408} - System32TasksAdobe Flash Player Updater = CWindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated)

Task {D5B0A1A7-529E-4460-9133-5DE821ECBAD1} - System32TasksSafer-NetworkingSpybot - Search and DestroyCheck for updates = CProgram Files (x86)Spybot - Search &amp; Destroy 2SDUpdate.exe No File

Task {EE7F45A1-12EC-47FA-ACD9-9C87A6A3FAD7} - System32TasksAppleAppleSoftwareUpdate = CProgram Files (x86)Apple Software UpdateSoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task CWindowsTasksAdobe Flash Player Updater.job = CWindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe

Task CWindowsTasksGoogleUpdateTaskMachineCore.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe

Task CWindowsTasksGoogleUpdateTaskMachineUA.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors =========================
 

Application errors

==================

Error (08092013 014056 PM) (Source WinMgmt) (User )

Description .rootCIMV2SELECT  FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage  990x80041003
 

Error (08092013 014022 PM) (Source NvStreamSvc) (User )

Description NvStreamSvcUnregistering VAD endpoint [0]
 

Error (08092013 014020 PM) (Source NvStreamSvc) (User )

Description NvStreamSvcNvVAD endpoint registered successfully [0]
 

Error (08082013 021633 PM) (Source SideBySide) (User )

Description Fehler beim Generieren des Aktivierungskontextes für assemblyIdentity1. Fehler in Manifest- oder Richtliniendatei assemblyIdentity2 in Zeile assemblyIdentity3.

Der Wert MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR des version-Attributs im assemblyIdentity-Element ist ungültig.
 

Error (08082013 113158 AM) (Source WinMgmt) (User )

Description .rootCIMV2SELECT  FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage  990x80041003
 

Error (08082013 113133 AM) (Source NvStreamSvc) (User )

Description NvStreamSvcUnregistering VAD endpoint [0]
 

Error (08082013 113129 AM) (Source NvStreamSvc) (User )

Description NvStreamSvcNvVAD endpoint registered successfully [0]
 

Error (08072013 073620 PM) (Source Application Error) (User )

Description Name der fehlerhaften Anwendung daemonu.exe, Version 7.2.17.0, Zeitstempel 0x51f38419

Name des fehlerhaften Moduls ntdll.dll, Version 6.1.7601.17725, Zeitstempel 0x4ec49b8f

Ausnahmecode 0xc0000374

Fehleroffset 0x000ce6c3

ID des fehlerhaften Prozesses 0x878

Startzeit der fehlerhaften Anwendung 0xdaemonu.exe0

Pfad der fehlerhaften Anwendung daemonu.exe1

Pfad des fehlerhaften Moduls daemonu.exe2

Berichtskennung daemonu.exe3
 

Error (08072013 010911 PM) (Source Bonjour Service) (User )

Description Task Scheduling Error m-NextScheduledSPRetry 5008
 

Error (08072013 010911 PM) (Source Bonjour Service) (User )

Description Task Scheduling Error m-NextScheduledEvent 5008
 
 

System errors

=============

Error (08092013 014051 PM) (Source Service Control Manager) (User )

Description Der Dienst Spybot-S&D 2 Scanner Service wurde aufgrund folgenden Fehlers nicht gestartet 

%%1053
 

Error (08092013 014051 PM) (Source Service Control Manager) (User )

Description Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
 

Error (08072013 113715 PM) (Source DCOM) (User )

Description {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 

Error (08072013 073621 PM) (Source Service Control Manager) (User )

Description Dienst NVIDIA Update Service Daemon wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error (08072013 103817 AM) (Source Service Control Manager) (User )

Description Der Dienst Spybot-S&D 2 Scanner Service wurde aufgrund folgenden Fehlers nicht gestartet 

%%1053
 

Error (08072013 103817 AM) (Source Service Control Manager) (User )

Description Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
 

Error (08062013 043153 PM) (Source DCOM) (User )

Description {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 

Error (08042013 071936 PM) (Source Service Control Manager) (User )

Description Der Dienst Steam Client Service wurde aufgrund folgenden Fehlers nicht gestartet 

%%1053
 

Error (08042013 071936 PM) (Source Service Control Manager) (User )

Description Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
 

Error (07252013 090152 PM) (Source Disk) (User )

Description Der Treiber hat einen Controllerfehler auf DeviceHarddisk2DR4 gefunden.
 
 

Microsoft Office Sessions

=========================

Error (08092013 014056 PM) (Source WinMgmt)(User )

Description .rootCIMV2SELECT  FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage  990x80041003
 

Error (08092013 014022 PM) (Source NvStreamSvc)(User )

Description NvStreamSvcUnregistering VAD endpoint [0]
 

Error (08092013 014020 PM) (Source NvStreamSvc)(User )

Description NvStreamSvcNvVAD endpoint registered successfully [0]
 

Error (08082013 021633 PM) (Source SideBySide)(User )

Description assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORCProgram Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR.dllCProgram Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR.dll3
 

Error (08082013 113158 AM) (Source WinMgmt)(User )

Description .rootCIMV2SELECT  FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA Win32_Processor AND TargetInstance.LoadPercentage  990x80041003
 

Error (08082013 113133 AM) (Source NvStreamSvc)(User )

Description NvStreamSvcUnregistering VAD endpoint [0]
 

Error (08082013 113129 AM) (Source NvStreamSvc)(User )

Description NvStreamSvcNvVAD endpoint registered successfully [0]
 

Error (08072013 073620 PM) (Source Application Error)(User )

Description daemonu.exe7.2.17.051f38419ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c387801ce934af664c95bCProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exeCWindowsSysWOW64ntdll.dllde68f364-ff87-11e2-a9ee-bc5ff477dfe1
 

Error (08072013 010911 PM) (Source Bonjour Service)(User )

Description Task Scheduling Error m-NextScheduledSPRetry 5008
 

Error (08072013 010911 PM) (Source Bonjour Service)(User )

Description Task Scheduling Error m-NextScheduledEvent 5008
 
 

CodeIntegrity Errors

===================================

  Date 2013-05-22 141057.571

  Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2UsersKaiAppDataLocalTempEverestDriver.sys nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date 2013-05-22 141057.563

  Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2UsersKaiAppDataLocalTempEverestDriver.sys nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date 2013-05-22 141057.162

  Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2Program Files (x86)LavalysEVEREST Home Editionkerneld.amd64 nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date 2013-05-22 141057.157

  Description Windows konnte die Abbildintegrität der Datei DeviceHarddiskVolume2Program Files (x86)LavalysEVEREST Home Editionkerneld.amd64 nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use 36%

Total physical RAM 8149.69 MB

Available physical RAM 5163.69 MB

Total Pagefile 16297.57 MB

Available Pagefile 12509.56 MB

Total Virtual 8192 MB

Available Virtual 8191.82 MB
 

==================== Drives ================================
 

Drive c () (Fixed) (Total390.62 GB) (Free190.81 GB) NTFS (Disk=1 Partition=2) ==[Drive with boot components (obtained from BCD)]

Drive d () (Fixed) (Total540.89 GB) (Free262.91 GB) NTFS (Disk=1 Partition=1)

Drive f (Datenträger) (Fixed) (Total443.13 GB) (Free443 GB) NTFS (Disk=0 Partition=1)

Drive h (Datenträger) (Fixed) (Total488.28 GB) (Free488.14 GB) NTFS (Disk=0 Partition=2)

Drive j (Expansion Drive) (Fixed) (Total1863.01 GB) (Free1184.22 GB) NTFS (Disk=2 Partition=1)
 

==================== MBR & Partition Table ==================
 

========================================================

Disk 0 (MBR Code Windows 7 or 8) (Size 932 GB) (Disk ID 132CEDD9)

Partition 1 (Active) - (Size=443 GB) - (Type=07 NTFS)

Partition 2 (Not Active) - (Size=488 GB) - (Type=07 NTFS)
 

========================================================

Disk 1 (MBR Code Windows 7 or 8) (Size 932 GB) (Disk ID 7BAFA82D)

Partition 1 (Not Active) - (Size=541 GB) - (Type=07 NTFS)

Partition 2 (Active) - (Size=391 GB) - (Type=07 NTFS)
 

========================================================

Disk 2 (Size 1863 GB) (Disk ID 06215959)

Partition 1 (Not Active) - (Size=-198626966528) - (Type=07 NTFS)
 

==================== End Of Log ============================

FRST

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version 08-08-2013 02

Ran by Kai (administrator) on 09-08-2013 143011

Running from CUsersKaiDownloads

Windows 7 Professional Service Pack 1 (X64) OS Language German Standard

Internet Explorer Version 10

Boot Mode Normal
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) CWindowssystem32nvvsvc.exe

(NVIDIA Corporation) CProgram Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe

(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopsched.exe

(NVIDIA Corporation) CProgram FilesNVIDIA CorporationDisplaynvxdsync.exe

(NVIDIA Corporation) CWindowssystem32nvvsvc.exe

(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopavguard.exe

(Apple Inc.) CProgram Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe

(Apple Inc.) CProgram FilesBonjourmDNSResponder.exe

(ClanServers Hosting LLC) CProgram Files (x86)GameTrackerGSInGameService.exe

(Nero AG) CProgram Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe

(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe

(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembamservice.exe

(NVIDIA Corporation) CProgram FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe

(NVIDIA Corporation) CProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe

() CProgram Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe

(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembamgui.exe

(NVIDIA Corporation) CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreComUpdatus.exe

(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopavshadow.exe

(Realtek Semiconductor) CProgram FilesRealtekAudioHDARAVCpl64.exe

(NVIDIA Corporation) CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe

(NVIDIA Corporation) CProgram FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe

(Google Inc.) CProgram Files (x86)GoogleUpdate1.3.21.153GoogleCrashHandler.exe

(Google Inc.) CProgram Files (x86)GoogleUpdate1.3.21.153GoogleCrashHandler64.exe

() CProgram Files (x86)HTCHTC Sync ManagerHTC Syncadb.exe

(NVIDIA Corporation) CProgram FilesNVIDIA CorporationDisplaynvtray.exe

(Microsoft Corporation) CProgram FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe

(Microsoft Corporation) CProgram FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe

(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe

(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareLCore.exe

(ClanServers Hosting LLC) CProgram Files (x86)GameTrackerGTLite.exe

(Avira Operations GmbH & Co. KG) CProgram Files (x86)AviraAntiVir Desktopavgnt.exe

(Oracle Corporation) CProgram Files (x86)Common FilesJavaJava Updatejusched.exe

(Logitech Inc.) CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe

() CProgram Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe

(Safer-Networking Ltd.) CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe

(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDRSS.exe

(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDClock.exe

(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDPop3.exe

(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDCountdown.exe

(Logitech Inc.) CProgram FilesLogitech Gaming SoftwareAppletsLCDMedia.exe

(Nero AG) CProgram Files (x86)NeroUpdateNASvc.exe

(Adobe Systems Incorporated) CProgram Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe

(Valve Corporation) CProgram Files (x86)SteamSteam.exe

(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe

(Valve Corporation) CProgram Files (x86)Common FilesSteamSteamService.exe

(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) CProgram Files (x86)GoogleChromeApplicationchrome.exe

(Avira Operations GmbH & Co. KG) Cprogram files (x86)aviraantivir desktopavscan.exe

(Malwarebytes Corporation) CProgram Files (x86)Malwarebytes' Anti-Malwarembam.exe

() CUsersKaiDesktopDefogger.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM...Run [RTHDVCPL] - CProgram FilesRealtekAudioHDARAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)

HKLM...Run [Nvtmru] - CProgram Files (x86)NVIDIA CorporationNVIDIA Update Corenvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)

HKLM...Run [Launch LCore] - CProgram FilesLogitech Gaming SoftwareLCore.exe [7477016 2013-04-25] (Logitech Inc.)

HKCU...Run [ASRockXTU] -  [x]

HKCU...Run [zASRockInstantBoot] -  [x]

HKCU...Run [GameTracker] - CProgram Files (x86)GameTrackerGTLite.exe [4019992 2013-03-08] (ClanServers Hosting LLC)

MountPoints2 {48aa80dc-f786-11e2-ba6b-bc5ff477dfe1} - GHTC_Sync_Manager_PC.exe

MountPoints2 {5b535c8d-c2b3-11e2-8920-bc5ff477dfe1} - ILaunchU3.exe -a

MountPoints2 {9e576e33-f842-11e2-9f93-bc5ff477dfe1} - GHTC_Sync_Manager_PC.exe

HKLM-x32...Run [avgnt] - CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)

HKLM-x32...Run [SunJavaUpdateSched] - CProgram Files (x86)Common FilesJavaJava Updatejusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM-x32...Run [APSDaemon] - CProgram Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32...Run [LWS] - CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32...Run [SDTray] - CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)

AppInit_DLLs CPROGRA~1NVIDIA~1NVSTRE~1rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)

AppInit_DLLs-x32 CPROGRA~2NVIDIA~1NVSTRE~1rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)

BootExecute autocheck autochk  sdnclean64.exe
 

==================== Internet (Whitelisted) ====================
 

HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = httpwww.dell.com

SearchScopes HKLM - DefaultScope value is missing.

SearchScopes HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = httpde.search.yahoo.comsearchp={searchTerms}&fr=chr-devicevm&type=ASRK

BHO Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - CProgram FilesMGTEKAdblock IEadblockie.dll (MGTEK)

BHO Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - CProgram FilesJavajre7binssv.dll (Oracle Corporation)

BHO Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - CProgram FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)

BHO Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - CProgram FilesJavajre7binjp2ssv.dll (Oracle Corporation)

BHO-x32 PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - CUsersKaiAppDataLocalext_piccshareext_piccshare.dll (HTTO Group, Ltd)

BHO-x32 Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - CProgram Files (x86)MGTEKAdblock IEadblockie.dll (MGTEK)

BHO-x32 Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - CProgram Files (x86)Javajre7binssv.dll (Oracle Corporation)

BHO-x32 Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - CProgram Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32 Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - CProgram Files (x86)Javajre7binjp2ssv.dll (Oracle Corporation)

BHO-x32 ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - CProgram Files (x86)GoogleChrome FrameApplication28.0.1500.95npchrome_frame.dll (Google Inc.)

Toolbar HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Handler gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File

Handler-x32 gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - CProgram Files (x86)GoogleChrome FrameApplication28.0.1500.95npchrome_frame.dll (Google Inc.)

Handler-x32 skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CPROGRA~2COMMON~1SkypeSKYPE4~1.DLL (Skype Technologies)

TcpipParameters [DhcpNameServer] 192.168.2.1
 

Chrome 

=======

CHR HomePage hxxpwww.google.com

CHR DefaultSearchURL (Google) - {googlebaseURL}searchq={searchTerms}&{googleRLZ}{googleoriginalQueryForSuggestion}{googleassistedQueryStats}{googlesearchFieldtrialParameter}{googlesearchClient}{googlesourceId}{googleinstantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL (Google) - {googlebaseSuggestURL}search{googlesearchFieldtrialParameter}client=chrome&q={searchTerms}&{googlecursorPosition}{googlezeroPrefixUrl}sugkey={googlesuggestAPIKeyParameter}

CHR Plugin (Shockwave Flash) - CProgram Files (x86)GoogleChromeApplication28.0.1500.95PepperFlashpepflashplayer.dll ()

CHR Plugin (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin (Native Client) - CProgram Files (x86)GoogleChromeApplication28.0.1500.95ppGoogleNaClPluginChrome.dll ()

CHR Plugin (Chrome PDF Viewer) - CProgram Files (x86)GoogleChromeApplication28.0.1500.95pdf.dll ()

CHR Plugin (Adobe Acrobat) - CProgram Files (x86)AdobeReader 11.0ReaderBrowsernppdf32.dll (Adobe Systems Inc.)

CHR Plugin (Nero Kwik Media Helper) - CPROGRA~2COMMON~1NeroBROWSE~1NPBROW~1.DLL (Nero AG)

CHR Plugin (AdobeAAMDetect) - CProgram Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll (Adobe Systems)

CHR Plugin (Google Update) - CProgram Files (x86)GoogleUpdate1.3.21.153npGoogleUpdate3.dll (Google Inc.)

CHR Plugin (Java(TM) Platform SE 7 U25) - CProgram Files (x86)Javajre7binplugin2npjp2.dll (Oracle Corporation)

CHR Plugin (Silverlight Plug-In) - CProgram Files (x86)Microsoft Silverlight5.1.20513.0npctrl.dll ( Microsoft Corporation)

CHR Plugin (NVIDIA 3D Vision) - CProgram Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation)

CHR Plugin (NVIDIA 3D VISION) - CProgram Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin (Pando Web Plugin) - CProgram Files (x86)Pando NetworksMedia BoosternpPandoWebPlugin.dll (Pando Networks)

CHR Plugin (iTunes Application Detector) - CProgram Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

CHR Plugin (Shockwave Flash) - CWindowsSysWOW64MacromedFlashNPSWF32_11_7_700_224.dll ()

CHR Plugin (Java Deployment Toolkit 7.0.250.16) - CWindowsSysWOW64npDeployJava1.dll (Oracle Corporation)

CHR Extension (Google Docs) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake0.5_0

CHR Extension (Google Drive) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0

CHR Extension (YouTube) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0

CHR Extension (Google Search) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf0.0.0.20_0

CHR Extension (PiccShare) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsdocfnddcclkgokdfpnmngpiliiachclb2.0_0

CHR Extension (OfferMosquito) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionsgbmdkmlcnbapgegninelmjbfibaghdmk0.5_0

CHR Extension (Gmail) - CUsersKaiAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_0

CHR StartMenuInternet Google Chrome - CProgram Files (x86)GoogleChromeApplicationchrome.exe
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; CProgram Files (x86)AviraAntiVir Desktopsched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; CProgram Files (x86)AviraAntiVir Desktopavguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)

S4 AODService; CProgram Files (x86)AMDOverDriveAODAssist.exe [137096 2013-02-06] ()

R2 HTCMonitorService; CProgram Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe [87368 2013-01-29] (Nero AG)

R2 MBAMScheduler; CProgram Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; CProgram Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 NvStreamSvc; CProgram FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)

R2 PassThru Service; CProgram Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe [167424 2012-12-07] ()

R2 SDScannerService; CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)

R2 SDUpdateService; CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)

R2 SDWSCService; CProgram Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
 

==================== Drivers (Whitelisted) ====================
 

R2 AODDriver4.2.0; CProgram Files (x86)AMDOverDriveamd64AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)

R2 AODDriver4.2.0; CProgram Files (x86)AMDOverDriveamd64AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)

R2 avgntflt; CWindowsSystem32DRIVERSavgntflt.sys [100712 2013-05-22] (Avira Operations GmbH & Co. KG)

R1 avipbb; CWindowsSystem32DRIVERSavipbb.sys [130016 2013-05-22] (Avira Operations GmbH & Co. KG)

R1 avkmgr; CWindowsSystem32DRIVERSavkmgr.sys [28600 2013-05-22] (Avira Operations GmbH & Co. KG)

S3 cleanhlp; CEEKRuncleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)

S3 cleanhlp; CEEKRuncleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)

R1 dtsoftbus01; CWindowsSystem32DRIVERSdtsoftbus01.sys [283200 2013-07-25] (DT Soft Ltd)

R3 FNETTBOH_305; CWindowsSystem32driversFNETTBOH_305.SYS [31808 2013-05-22] (FNet Co., Ltd.)

R1 FNETURPX; CWindowsSystem32driversFNETURPX.SYS [15936 2013-05-22] (FNet Co., Ltd.)

R3 MBAMProtector; CWindowssystem32driversmbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 MBAMProtector; CWindowssystem32driversmbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; CWindowsSystem32driversnvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-09 1429 - 2013-08-09 1429 - 00000468 _____ CUsersKaiDesktopdefogger_disable.log

2013-08-09 1428 - 2013-08-09 1428 - 00000000 _____ CUsersKaidefogger_reenable

2013-08-09 1427 - 2013-08-09 1427 - 00377856 _____ CUsersKaiDownloadsgmer_2.1.19163.exe

2013-08-09 1426 - 2013-08-09 1427 - 01790169 _____ (Farbar) CUsersKaiDownloadsFRST64.exe

2013-08-09 1426 - 2013-08-09 1425 - 00050477 _____ CUsersKaiDesktopDefogger.exe

2013-08-09 1425 - 2013-08-09 1425 - 00050477 _____ CUsersKaiDownloadsDefogger.exe

2013-08-07 2049 - 2013-08-07 2050 - 1138838405 _____ CUsersKaiDownloadsElysium2.rar

2013-08-07 1850 - 2013-08-07 1905 - 1425489052 _____ CUsersKaiDownloadsCryENGINE_PC_v3_4_5_6666_freesdk.zip

2013-08-07 1041 - 2013-08-07 1041 - 00002259 _____ CUsersPublicDesktopGoogle Chrome.lnk

2013-08-07 1038 - 2013-08-07 1046 - 00000000 ____D CProgramDataSpybot - Search & Destroy

2013-08-07 1038 - 2013-08-07 1038 - 00000000 ____D CWindowsSystem32TasksSafer-Networking

2013-08-07 1037 - 2013-08-07 1037 - 00001383 _____ CUsersPublicDesktopSpybot-S&D Start Center.lnk

2013-08-07 1037 - 2013-08-07 1037 - 00000000 ____D CProgram Files (x86)Spybot - Search & Destroy 2

2013-08-07 1037 - 2009-01-25 1314 - 00017272 _____ (Safer Networking Limited) CWindowssystem32sdnclean64.exe

2013-08-04 2008 - 2013-08-09 1341 - 00000000 ____D CUsersKaiAppDataRoamingGameTracker

2013-08-04 2008 - 2013-08-04 2008 - 00001020 _____ CUsersKaiDesktopGameTracker Lite.lnk

2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsGameTracker Lite

2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CProgram Files (x86)GameTracker

2013-08-04 1921 - 2013-08-04 1921 - 00000000 ____D CNvidiaLogging

2013-08-04 1919 - 2013-05-14 2128 - 00039712 _____ (NVIDIA Corporation) CWindowssystem32Driversnvvad64v.sys

2013-08-04 1919 - 2013-05-14 2127 - 00029984 _____ (NVIDIA Corporation) CWindowssystem32nvaudcap64v.dll

2013-08-04 1919 - 2013-05-14 2127 - 00028448 _____ (NVIDIA Corporation) CWindowsSysWOW64nvaudcap32v.dll

2013-07-29 1607 - 2013-08-09 1340 - 00000000 ____D CUsersKaiAppDataLocalHTC MediaHub

2013-07-29 1607 - 2013-07-29 1607 - 00002031 _____ CUsersPublicDesktopHTC Sync Manager.lnk

2013-07-29 1607 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataRoamingHTC Sync

2013-07-29 1603 - 2013-07-29 1603 - 00000005 _____ CWindowsSysWOW64lMMLDeleteUserData42107612FX.tmp

2013-07-29 1522 - 2013-07-29 1523 - 00000000 ____D CUsersKaiDesktopDavid Guetta - Nothing But The Beat

2013-07-28 2309 - 2013-07-28 2309 - 00003302 _____ CWindowsSystem32Tasks{E9E56819-4421-4B16-A380-71F0D5C648A5}

2013-07-28 2254 - 2013-07-28 2254 - 00000219 _____ CUsersKaiDesktopAlien Swarm.url

2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram FilesMicrosoft Silverlight

2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram Files (x86)Microsoft Silverlight

2013-07-28 2113 - 2013-07-28 2113 - 00000219 _____ CUsersKaiDesktopTeam Fortress 2.url

2013-07-28 1935 - 2013-07-28 1935 - 00000222 _____ CUsersKaiDesktopCall of Duty Black Ops II - Zombies.url

2013-07-28 1822 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataRoamingHTC

2013-07-28 1821 - 2013-07-28 1822 - 00000000 ____D CUsersKaiDocumentsHTC

2013-07-28 1821 - 2013-07-28 1821 - 00000000 ____D CProgramDataMotorola

2013-07-28 1820 - 2013-07-28 1820 - 00000000 ____D CProgram Files (x86)Spirent Communications

2013-07-28 1817 - 2013-07-29 1607 - 00000000 ____D CProgramDataHTC

2013-07-28 1817 - 2013-07-29 1607 - 00000000 ____D CProgram Files (x86)HTC

2013-07-28 1817 - 2009-11-02 1216 - 00033736 _____ (HTC, Corporation) CWindowssystem32DriversANDROIDUSB.sys

2013-07-28 1817 - 2009-06-09 1541 - 01122664 _____ (Microsoft Corporation) CWindowssystem32WdfCoInstaller01007.dll

2013-07-27 2013 - 2013-07-27 2013 - 00287600 _____ CWindowsmsxml4-KB954430-enu.LOG

2013-07-27 2013 - 2013-07-27 2013 - 00283814 _____ CWindowsmsxml4-KB973688-enu.LOG

2013-07-27 2013 - 2013-07-27 2013 - 00000000 ____D CProgram Files (x86)MSXML 4.0

2013-07-26 1922 - 2013-07-26 1922 - 00000000 ____D CUsersKaiAppDataLocalNero_AG

2013-07-26 1921 - 2013-07-26 1922 - 00000000 ____D CUsersKaiAppDataLocalNero

2013-07-26 1148 - 2013-07-26 1149 - 00000000 ____D CUsersKaiAppDataRoamingNero

2013-07-26 1147 - 2013-07-26 1147 - 00002797 _____ CUsersPublicDesktopNero Video 12.lnk

2013-07-26 1145 - 2013-07-26 1148 - 00000000 ____D CProgramDataNero

2013-07-26 1145 - 2013-07-26 1148 - 00000000 ____D CProgram Files (x86)Nero

2013-07-26 1127 - 2011-10-24 2126 - 00001524 _____ CUsersKaiDesktopBabyDevelop.lnk

2013-07-25 2129 - 2013-07-25 2130 - 00000000 ____D CProgram FilesTrueCrypt

2013-07-25 2129 - 2013-07-25 2129 - 00231376 _____ (TrueCrypt Foundation) CWindowssystem32Driverstruecrypt.sys

2013-07-25 2129 - 2013-07-25 2129 - 00000875 _____ CUsersPublicDesktopTrueCrypt.lnk

2013-07-25 2126 - 2013-07-25 2126 - 00000000 ____D CUsersKaiAppDataLocalLogicCircuit

2013-07-25 2125 - 2013-07-25 2125 - 00001506 _____ CUsersKaiDesktopLogicCircuit - Verknüpfung.lnk

2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsLogic Circuit

2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CProgram Files (x86)LogicCircuit

2013-07-25 2112 - 2013-07-25 2112 - 00000000 ____D Copt

2013-07-25 1449 - 2013-07-25 1449 - 00002056 _____ CUsersPublicDesktopRage.lnk

2013-07-25 1432 - 2013-07-25 1432 - 00000000 ____D CProgram Files (x86)Bethesda Softworks

2013-07-25 1431 - 2013-07-25 1431 - 00001954 _____ CUsersPublicDesktopDAEMON Tools Lite.lnk

2013-07-25 1430 - 2013-07-25 1432 - 00000000 ____D CUsersKaiAppDataRoamingDAEMON Tools Lite

2013-07-25 1430 - 2013-07-25 1432 - 00000000 ____D CProgramDataDAEMON Tools Lite

2013-07-25 1430 - 2013-07-25 1430 - 00283200 _____ (DT Soft Ltd) CWindowssystem32Driversdtsoftbus01.sys

2013-07-25 1430 - 2013-07-25 1430 - 00000000 ____D CProgram Files (x86)DAEMON Tools Lite

2013-07-25 1414 - 2013-07-25 1414 - 00000871 _____ CUsersPublicDesktopVLC media player.lnk

2013-07-25 1156 - 2013-08-09 1340 - 00012214 _____ CWindowssetupact.log

2013-07-25 1156 - 2013-07-25 1156 - 00000000 _____ CWindowssetuperr.log

2013-07-25 0954 - 2013-07-25 0954 - 00000000 ____D CWindowspss

2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CUsersKaiAppDataRoamingPDAppFlex

2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CProgramDataregid.1986-12.com.adobe

2013-07-24 1323 - 2013-07-24 1323 - 00000000 ____D CProgram FilesAdobe

2013-07-24 1316 - 2013-07-24 1323 - 00000000 ____D CProgram FilesCommon FilesAdobe

2013-07-24 1254 - 2013-07-24 1254 - 00003494 _____ CWindowsSystem32TasksAdobeAAMUpdater-1.0-Kai-PC-Kai

2013-07-24 1253 - 2013-07-24 1253 - 00001074 _____ CUsersPublicDesktopAdobe Creative Cloud.lnk

2013-07-24 1221 - 2013-07-24 1221 - 00000546 _____ CUsersKaiDesktopEmsisoft Emergency Kit.lnk

2013-07-24 1221 - 2013-07-24 1221 - 00000000 ____D CEEK

2013-07-23 1711 - 2013-07-23 1711 - 00000219 _____ CUsersKaiDesktopCounter-Strike Global Offensive.url

2013-07-22 1927 - 2013-07-22 1940 - 00000000 ____D CUsersKaiAppDataRoamingTrueCrypt

2013-07-22 1908 - 2013-07-22 1907 - 00666633 _____ CUsersKaiDesktopAdwCleaner.exe

2013-07-22 1537 - 2013-07-22 1537 - 00001113 _____ CUsersPublicDesktopMalwarebytes Anti-Malware.lnk

2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CUsersKaiAppDataRoamingMalwarebytes

2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgramDataMalwarebytes

2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgram Files (x86)Malwarebytes' Anti-Malware

2013-07-22 1537 - 2013-04-04 1450 - 00025928 _____ (Malwarebytes Corporation) CWindowssystem32Driversmbam.sys

2013-07-21 2030 - 2013-07-21 2030 - 00000000 ____D CUsersKaiAppDataRoamingSnz

2013-07-18 1915 - 2013-07-18 1915 - 00000000 ____D CUsersKaiDocumentsGames for Windows - LIVE Demos

2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CWindowsSysWOW64xlive

2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CProgram Files (x86)Microsoft Games for Windows - LIVE

2013-07-18 1907 - 2013-07-18 1907 - 00000000 ____D CUsersKaiDocumentsRockstar Games

2013-07-18 1848 - 2013-07-18 1848 - 00000000 __SHD CProgramDataSecuROM

2013-07-18 1845 - 2013-07-18 1845 - 00178800 _____ (Sony DADC Austria AG.) CWindowsSysWOW64CmdLineExt_x64.dll

2013-07-18 1845 - 2013-07-18 1845 - 00000000 __RHD CUsersKaiAppDataRoamingSecuROM

2013-07-18 1845 - 2013-07-18 1845 - 00000000 ____D CUsersKaiAppDataLocalRockstar Games

2013-07-12 1340 - 2013-07-12 1340 - 00000000 ____D CUsersKaiAppDataLocalDeutscheBahn

2013-07-11 2202 - 2013-06-12 0143 - 14329856 _____ (Microsoft Corporation) CWindowsSysWOW64mshtml.dll

2013-07-11 2202 - 2013-06-12 0143 - 02877440 _____ (Microsoft Corporation) CWindowsSysWOW64jscript9.dll

2013-07-11 2202 - 2013-06-12 0143 - 01767936 _____ (Microsoft Corporation) CWindowsSysWOW64wininet.dll

2013-07-11 2202 - 2013-06-12 0143 - 01141248 _____ (Microsoft Corporation) CWindowsSysWOW64urlmon.dll

2013-07-11 2202 - 2013-06-12 0143 - 00690688 _____ (Microsoft Corporation) CWindowsSysWOW64jscript.dll

2013-07-11 2202 - 2013-06-12 0143 - 00493056 _____ (Microsoft Corporation) CWindowsSysWOW64msfeeds.dll

2013-07-11 2202 - 2013-06-12 0143 - 00039424 _____ (Microsoft Corporation) CWindowsSysWOW64jsproxy.dll

2013-07-11 2202 - 2013-06-12 0142 - 13760512 _____ (Microsoft Corporation) CWindowsSysWOW64ieframe.dll

2013-07-11 2202 - 2013-06-12 0142 - 02046976 _____ (Microsoft Corporation) CWindowsSysWOW64iertutil.dll

2013-07-11 2202 - 2013-06-12 0142 - 00391168 _____ (Microsoft Corporation) CWindowsSysWOW64ieui.dll

2013-07-11 2202 - 2013-06-12 0142 - 00109056 _____ (Microsoft Corporation) CWindowsSysWOW64iesysprep.dll

2013-07-11 2202 - 2013-06-12 0142 - 00061440 _____ (Microsoft Corporation) CWindowsSysWOW64iesetup.dll

2013-07-11 2202 - 2013-06-12 0142 - 00033280 _____ (Microsoft Corporation) CWindowsSysWOW64iernonce.dll

2013-07-11 2202 - 2013-06-12 0126 - 02241024 _____ (Microsoft Corporation) CWindowssystem32wininet.dll

2013-07-11 2202 - 2013-06-12 0126 - 01365504 _____ (Microsoft Corporation) CWindowssystem32urlmon.dll

2013-07-11 2202 - 2013-06-12 0126 - 00051712 _____ (Microsoft Corporation) CWindowssystem32ie4uinit.exe

2013-07-11 2202 - 2013-06-12 0125 - 19238912 _____ (Microsoft Corporation) CWindowssystem32mshtml.dll

2013-07-11 2202 - 2013-06-12 0125 - 15404032 _____ (Microsoft Corporation) CWindowssystem32ieframe.dll

2013-07-11 2202 - 2013-06-12 0125 - 03958784 _____ (Microsoft Corporation) CWindowssystem32jscript9.dll

2013-07-11 2202 - 2013-06-12 0125 - 02648576 _____ (Microsoft Corporation) CWindowssystem32iertutil.dll

2013-07-11 2202 - 2013-06-12 0125 - 00855552 _____ (Microsoft Corporation) CWindowssystem32jscript.dll

2013-07-11 2202 - 2013-06-12 0125 - 00603136 _____ (Microsoft Corporation) CWindowssystem32msfeeds.dll

2013-07-11 2202 - 2013-06-12 0125 - 00526336 _____ (Microsoft Corporation) CWindowssystem32ieui.dll

2013-07-11 2202 - 2013-06-12 0125 - 00136704 _____ (Microsoft Corporation) CWindowssystem32iesysprep.dll

2013-07-11 2202 - 2013-06-12 0125 - 00067072 _____ (Microsoft Corporation) CWindowssystem32iesetup.dll

2013-07-11 2202 - 2013-06-12 0125 - 00053248 _____ (Microsoft Corporation) CWindowssystem32jsproxy.dll

2013-07-11 2202 - 2013-06-12 0125 - 00039936 _____ (Microsoft Corporation) CWindowssystem32iernonce.dll

2013-07-11 2202 - 2013-06-12 0051 - 00071680 _____ (Microsoft Corporation) CWindowsSysWOW64RegisterIEPKEYs.exe

2013-07-11 2202 - 2013-06-12 0050 - 00089600 _____ (Microsoft Corporation) CWindowssystem32RegisterIEPKEYs.exe

2013-07-11 2202 - 2013-06-07 0522 - 02706432 _____ (Microsoft Corporation) CWindowssystem32mshtml.tlb

2013-07-11 2202 - 2013-06-07 0437 - 02706432 _____ (Microsoft Corporation) CWindowsSysWOW64mshtml.tlb

2013-07-11 2139 - 2013-06-05 0534 - 03153920 _____ (Microsoft Corporation) CWindowssystem32win32k.sys

2013-07-11 2139 - 2013-06-04 0800 - 00624128 _____ (Microsoft Corporation) CWindowssystem32qedit.dll

2013-07-11 2139 - 2013-06-04 0653 - 00509440 _____ (Microsoft Corporation) CWindowsSysWOW64qedit.dll

2013-07-11 2139 - 2013-05-06 0803 - 01887744 _____ (Microsoft Corporation) CWindowssystem32WMVDECOD.DLL

2013-07-11 2139 - 2013-05-06 0656 - 01620480 _____ (Microsoft Corporation) CWindowsSysWOW64WMVDECOD.DLL

2013-07-11 2139 - 2013-04-10 0134 - 01247744 _____ (Microsoft Corporation) CWindowsSysWOW64DWrite.dll

2013-07-11 2139 - 2013-04-03 0051 - 01643520 _____ (Microsoft Corporation) CWindowssystem32DWrite.dll

2013-07-11 2102 - 2013-07-11 2102 - 00001306 _____ CUsersPublicDesktopFree YouTube Download.lnk

2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CUsersKaiAppDataRoamingDVDVideoSoft

2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CProgram Files (x86)DVDVideoSoft
 

==================== One Month Modified Files and Folders =======
 

2013-08-09 1430 - 2013-08-09 1430 - 00000000 ____D CFRST

2013-08-09 1429 - 2013-08-09 1429 - 00000468 _____ CUsersKaiDesktopdefogger_disable.log

2013-08-09 1428 - 2013-08-09 1428 - 00000000 _____ CUsersKaidefogger_reenable

2013-08-09 1428 - 2013-05-21 2355 - 00000000 ____D CUsersKai

2013-08-09 1427 - 2013-08-09 1427 - 00377856 _____ CUsersKaiDownloadsgmer_2.1.19163.exe

2013-08-09 1427 - 2013-08-09 1426 - 01790169 _____ (Farbar) CUsersKaiDownloadsFRST64.exe

2013-08-09 1425 - 2013-08-09 1426 - 00050477 _____ CUsersKaiDesktopDefogger.exe

2013-08-09 1425 - 2013-08-09 1425 - 00050477 _____ CUsersKaiDownloadsDefogger.exe

2013-08-09 1411 - 2013-05-22 0958 - 00000000 ____D CProgram Files (x86)Steam

2013-08-09 1408 - 2013-05-22 1552 - 00000884 _____ CWindowsTasksAdobe Flash Player Updater.job

2013-08-09 1350 - 2013-05-22 1831 - 00000000 ____D CUsersKaiAppDataLocalAdobe

2013-08-09 1348 - 2009-07-14 0645 - 00025680 ____H CWindowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-09 1348 - 2009-07-14 0645 - 00025680 ____H CWindowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-09 1346 - 2013-05-22 0947 - 00696620 _____ CWindowssystem32perfh007.dat

2013-08-09 1346 - 2013-05-22 0947 - 00147916 _____ CWindowssystem32perfc007.dat

2013-08-09 1346 - 2009-07-14 0713 - 01612484 _____ CWindowssystem32PerfStringBackup.INI

2013-08-09 1345 - 2013-05-22 0930 - 00001104 _____ CWindowsTasksGoogleUpdateTaskMachineUA.job

2013-08-09 1341 - 2013-08-04 2008 - 00000000 ____D CUsersKaiAppDataRoamingGameTracker

2013-08-09 1340 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataLocalHTC MediaHub

2013-08-09 1340 - 2013-07-25 1156 - 00012214 _____ CWindowssetupact.log

2013-08-09 1340 - 2013-05-22 0940 - 00000000 ____D CProgramDataNVIDIA

2013-08-09 1340 - 2013-05-22 0930 - 00001100 _____ CWindowsTasksGoogleUpdateTaskMachineCore.job

2013-08-09 1340 - 2009-07-14 0708 - 00000006 ____H CWindowsTasksSA.DAT

2013-08-08 1807 - 2013-05-21 2351 - 01158810 _____ CWindowsWindowsUpdate.log

2013-08-07 2337 - 2013-05-22 0937 - 00000000 ____D CUsersKaiAppDataRoamingSkype

2013-08-07 2323 - 2013-05-22 0947 - 00000000 ____D CUsersKaiAppDataLocalPMB Files

2013-08-07 2323 - 2013-05-22 0947 - 00000000 ____D CProgramDataPMB Files

2013-08-07 2050 - 2013-08-07 2049 - 1138838405 _____ CUsersKaiDownloadsElysium2.rar

2013-08-07 1936 - 2013-05-22 1945 - 00000000 ____D CUsersUpdatusUserAppDataLocalCrashDumps

2013-08-07 1905 - 2013-08-07 1850 - 1425489052 _____ CUsersKaiDownloadsCryENGINE_PC_v3_4_5_6666_freesdk.zip

2013-08-07 1048 - 2010-11-21 0547 - 00254788 _____ CWindowsPFRO.log

2013-08-07 1047 - 2013-07-08 2116 - 00000000 ____D CUsersKaiAppDataRoamingCommon

2013-08-07 1046 - 2013-08-07 1038 - 00000000 ____D CProgramDataSpybot - Search & Destroy

2013-08-07 1041 - 2013-08-07 1041 - 00002259 _____ CUsersPublicDesktopGoogle Chrome.lnk

2013-08-07 1041 - 2013-05-22 1110 - 00000000 ____D CProgram Files (x86)Mozilla Firefox

2013-08-07 1038 - 2013-08-07 1038 - 00000000 ____D CWindowsSystem32TasksSafer-Networking

2013-08-07 1037 - 2013-08-07 1037 - 00001383 _____ CUsersPublicDesktopSpybot-S&D Start Center.lnk

2013-08-07 1037 - 2013-08-07 1037 - 00000000 ____D CProgram Files (x86)Spybot - Search & Destroy 2

2013-08-04 2008 - 2013-08-04 2008 - 00001020 _____ CUsersKaiDesktopGameTracker Lite.lnk

2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsGameTracker Lite

2013-08-04 2008 - 2013-08-04 2008 - 00000000 ____D CProgram Files (x86)GameTracker

2013-08-04 1921 - 2013-08-04 1921 - 00000000 ____D CNvidiaLogging

2013-08-04 1920 - 2013-05-22 0939 - 00000000 ____D CProgram FilesNVIDIA Corporation

2013-08-04 1920 - 2013-05-22 0939 - 00000000 ____D CProgram Files (x86)NVIDIA Corporation

2013-07-30 2333 - 2013-05-23 1501 - 00000000 ____D CUsersKaiAppDataRoamingvlc

2013-07-29 1844 - 2009-07-14 0645 - 04990416 _____ CWindowssystem32FNTCACHE.DAT

2013-07-29 1607 - 2013-07-29 1607 - 00002031 _____ CUsersPublicDesktopHTC Sync Manager.lnk

2013-07-29 1607 - 2013-07-29 1607 - 00000000 ____D CUsersKaiAppDataRoamingHTC Sync

2013-07-29 1607 - 2013-07-28 1822 - 00000000 ____D CUsersKaiAppDataRoamingHTC

2013-07-29 1607 - 2013-07-28 1817 - 00000000 ____D CProgramDataHTC

2013-07-29 1607 - 2013-07-28 1817 - 00000000 ____D CProgram Files (x86)HTC

2013-07-29 1607 - 2013-05-22 1321 - 00000000 ____D CUsersKaiAppDataLocalDownloaded Installations

2013-07-29 1607 - 2013-05-22 0930 - 00064792 _____ CUsersKaiAppDataLocalGDIPFONTCACHEV1.DAT

2013-07-29 1603 - 2013-07-29 1603 - 00000005 _____ CWindowsSysWOW64lMMLDeleteUserData42107612FX.tmp

2013-07-29 1523 - 2013-07-29 1522 - 00000000 ____D CUsersKaiDesktopDavid Guetta - Nothing But The Beat

2013-07-28 2309 - 2013-07-28 2309 - 00003302 _____ CWindowsSystem32Tasks{E9E56819-4421-4B16-A380-71F0D5C648A5}

2013-07-28 2254 - 2013-07-28 2254 - 00000219 _____ CUsersKaiDesktopAlien Swarm.url

2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram FilesMicrosoft Silverlight

2013-07-28 2140 - 2013-07-28 2140 - 00000000 ____D CProgram Files (x86)Microsoft Silverlight

2013-07-28 2113 - 2013-07-28 2113 - 00000219 _____ CUsersKaiDesktopTeam Fortress 2.url

2013-07-28 1935 - 2013-07-28 1935 - 00000222 _____ CUsersKaiDesktopCall of Duty Black Ops II - Zombies.url

2013-07-28 1822 - 2013-07-28 1821 - 00000000 ____D CUsersKaiDocumentsHTC

2013-07-28 1821 - 2013-07-28 1821 - 00000000 ____D CProgramDataMotorola

2013-07-28 1821 - 2013-05-23 1329 - 00000000 ____D CUsersKaiAppDataRoamingApple Computer

2013-07-28 1821 - 2013-05-23 1329 - 00000000 ____D CUsersKaiAppDataLocalApple Computer

2013-07-28 1820 - 2013-07-28 1820 - 00000000 ____D CProgram Files (x86)Spirent Communications

2013-07-28 1820 - 2013-05-22 0924 - 00035414 _____ CWindowsDPINST.LOG

2013-07-27 2013 - 2013-07-27 2013 - 00287600 _____ CWindowsmsxml4-KB954430-enu.LOG

2013-07-27 2013 - 2013-07-27 2013 - 00283814 _____ CWindowsmsxml4-KB973688-enu.LOG

2013-07-27 2013 - 2013-07-27 2013 - 00000000 ____D CProgram Files (x86)MSXML 4.0

2013-07-26 1922 - 2013-07-26 1922 - 00000000 ____D CUsersKaiAppDataLocalNero_AG

2013-07-26 1922 - 2013-07-26 1921 - 00000000 ____D CUsersKaiAppDataLocalNero

2013-07-26 1150 - 2013-05-22 0927 - 00000000 ____D CUsersKaiAppDataRoamingAdobe

2013-07-26 1149 - 2013-07-26 1148 - 00000000 ____D CUsersKaiAppDataRoamingNero

2013-07-26 1148 - 2013-07-26 1145 - 00000000 ____D CProgramDataNero

2013-07-26 1148 - 2013-07-26 1145 - 00000000 ____D CProgram Files (x86)Nero

2013-07-26 1148 - 2009-07-14 0520 - 00000000 ____D CWindowsCursors

2013-07-26 1147 - 2013-07-26 1147 - 00002797 _____ CUsersPublicDesktopNero Video 12.lnk

2013-07-25 2130 - 2013-07-25 2129 - 00000000 ____D CProgram FilesTrueCrypt

2013-07-25 2129 - 2013-07-25 2129 - 00231376 _____ (TrueCrypt Foundation) CWindowssystem32Driverstruecrypt.sys

2013-07-25 2129 - 2013-07-25 2129 - 00000875 _____ CUsersPublicDesktopTrueCrypt.lnk

2013-07-25 2126 - 2013-07-25 2126 - 00000000 ____D CUsersKaiAppDataLocalLogicCircuit

2013-07-25 2125 - 2013-07-25 2125 - 00001506 _____ CUsersKaiDesktopLogicCircuit - Verknüpfung.lnk

2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsLogic Circuit

2013-07-25 2124 - 2013-07-25 2124 - 00000000 ____D CProgram Files (x86)LogicCircuit

2013-07-25 2112 - 2013-07-25 2112 - 00000000 ____D Copt

2013-07-25 1913 - 2013-06-23 1924 - 00000000 ____D CUsersKaiDesktopGfs Religion Sterbehilfe

2013-07-25 1651 - 2013-07-07 1703 - 00008788 _____ CUsersKaiDesktopSharePod.log

2013-07-25 1449 - 2013-07-25 1449 - 00002056 _____ CUsersPublicDesktopRage.lnk

2013-07-25 1432 - 2013-07-25 1432 - 00000000 ____D CProgram Files (x86)Bethesda Softworks

2013-07-25 1432 - 2013-07-25 1430 - 00000000 ____D CUsersKaiAppDataRoamingDAEMON Tools Lite

2013-07-25 1432 - 2013-07-25 1430 - 00000000 ____D CProgramDataDAEMON Tools Lite

2013-07-25 1431 - 2013-07-25 1431 - 00001954 _____ CUsersPublicDesktopDAEMON Tools Lite.lnk

2013-07-25 1430 - 2013-07-25 1430 - 00283200 _____ (DT Soft Ltd) CWindowssystem32Driversdtsoftbus01.sys

2013-07-25 1430 - 2013-07-25 1430 - 00000000 ____D CProgram Files (x86)DAEMON Tools Lite

2013-07-25 1414 - 2013-07-25 1414 - 00000871 _____ CUsersPublicDesktopVLC media player.lnk

2013-07-25 1156 - 2013-07-25 1156 - 00000000 _____ CWindowssetuperr.log

2013-07-25 0954 - 2013-07-25 0954 - 00000000 ____D CWindowspss

2013-07-25 0954 - 2013-05-21 2355 - 00000000 ___RD CUsersKaiAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

2013-07-24 1453 - 2013-05-30 1238 - 00001708 _____ CUsersKaiDesktopPhotoshop - Verknüpfung.lnk

2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CUsersKaiAppDataRoamingPDAppFlex

2013-07-24 1441 - 2013-07-24 1441 - 00000000 ____D CProgramDataregid.1986-12.com.adobe

2013-07-24 1323 - 2013-07-24 1323 - 00000000 ____D CProgram FilesAdobe

2013-07-24 1323 - 2013-07-24 1316 - 00000000 ____D CProgram FilesCommon FilesAdobe

2013-07-24 1318 - 2013-05-22 0927 - 00000000 ____D CProgram Files (x86)Adobe

2013-07-24 1316 - 2013-05-22 0927 - 00000000 ____D CProgramDataAdobe

2013-07-24 1254 - 2013-07-24 1254 - 00003494 _____ CWindowsSystem32TasksAdobeAAMUpdater-1.0-Kai-PC-Kai

2013-07-24 1253 - 2013-07-24 1253 - 00001074 _____ CUsersPublicDesktopAdobe Creative Cloud.lnk

2013-07-24 1235 - 2013-05-22 1030 - 00000000 ____D CUsersKaiAppDataLocalCrashDumps

2013-07-24 1221 - 2013-07-24 1221 - 00000546 _____ CUsersKaiDesktopEmsisoft Emergency Kit.lnk

2013-07-24 1221 - 2013-07-24 1221 - 00000000 ____D CEEK

2013-07-24 1207 - 2009-07-14 0520 - 00000000 ____D CWindowssystem32NDF

2013-07-23 1747 - 2013-05-22 1439 - 00062244 _____ CWindowsDirectX.log

2013-07-23 1711 - 2013-07-23 1711 - 00000219 _____ CUsersKaiDesktopCounter-Strike Global Offensive.url

2013-07-23 1640 - 2009-07-14 0520 - 00000000 ____D CWindowsregistration

2013-07-22 1940 - 2013-07-22 1927 - 00000000 ____D CUsersKaiAppDataRoamingTrueCrypt

2013-07-22 1907 - 2013-07-22 1908 - 00666633 _____ CUsersKaiDesktopAdwCleaner.exe

2013-07-22 1537 - 2013-07-22 1537 - 00001113 _____ CUsersPublicDesktopMalwarebytes Anti-Malware.lnk

2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CUsersKaiAppDataRoamingMalwarebytes

2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgramDataMalwarebytes

2013-07-22 1537 - 2013-07-22 1537 - 00000000 ____D CProgram Files (x86)Malwarebytes' Anti-Malware

2013-07-21 2031 - 2013-07-08 2117 - 00000000 ____D CUsersKaiAppDataRoamingIntermediate

2013-07-21 2030 - 2013-07-21 2030 - 00000000 ____D CUsersKaiAppDataRoamingSnz

2013-07-18 1915 - 2013-07-18 1915 - 00000000 ____D CUsersKaiDocumentsGames for Windows - LIVE Demos

2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CWindowsSysWOW64xlive

2013-07-18 1914 - 2013-07-18 1914 - 00000000 ____D CProgram Files (x86)Microsoft Games for Windows - LIVE

2013-07-18 1907 - 2013-07-18 1907 - 00000000 ____D CUsersKaiDocumentsRockstar Games

2013-07-18 1854 - 2009-07-14 0520 - 00000000 ____D CProgram FilesCommon FilesMicrosoft Shared

2013-07-18 1848 - 2013-07-18 1848 - 00000000 __SHD CProgramDataSecuROM

2013-07-18 1845 - 2013-07-18 1845 - 00178800 _____ (Sony DADC Austria AG.) CWindowsSysWOW64CmdLineExt_x64.dll

2013-07-18 1845 - 2013-07-18 1845 - 00000000 __RHD CUsersKaiAppDataRoamingSecuROM

2013-07-18 1845 - 2013-07-18 1845 - 00000000 ____D CUsersKaiAppDataLocalRockstar Games

2013-07-18 1540 - 2013-05-22 0930 - 00004100 _____ CWindowsSystem32TasksGoogleUpdateTaskMachineUA

2013-07-18 1540 - 2013-05-22 0930 - 00003848 _____ CWindowsSystem32TasksGoogleUpdateTaskMachineCore

2013-07-18 1518 - 2013-05-22 1128 - 00000000 ____D CProgram Files (x86)JDownloader

2013-07-18 1507 - 2013-05-22 0952 - 00001351 _____ CUsersPublicDesktopGeForce Experience.lnk

2013-07-18 1504 - 2013-05-22 0937 - 00000000 ___RD CProgram Files (x86)Skype

2013-07-18 1504 - 2013-05-22 0937 - 00000000 ____D CProgramDataSkype

2013-07-12 1340 - 2013-07-12 1340 - 00000000 ____D CUsersKaiAppDataLocalDeutscheBahn

2013-07-12 1338 - 2010-11-21 0917 - 00000000 ____D CProgram FilesWindows Journal

2013-07-12 1338 - 2009-07-14 0732 - 00000000 ____D CProgram FilesWindows Defender

2013-07-12 1338 - 2009-07-14 0732 - 00000000 ____D CProgram Files (x86)Windows Defender

2013-07-11 2203 - 2013-05-22 1756 - 78185248 _____ (Microsoft Corporation) CWindowssystem32MRT.exe

2013-07-11 2102 - 2013-07-11 2102 - 00001306 _____ CUsersPublicDesktopFree YouTube Download.lnk

2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CUsersKaiAppDataRoamingDVDVideoSoft

2013-07-11 2102 - 2013-07-11 2102 - 00000000 ____D CProgram Files (x86)DVDVideoSoft

2013-07-11 0658 - 2013-05-22 1552 - 00692104 _____ (Adobe Systems Incorporated) CWindowsSysWOW64FlashPlayerApp.exe

2013-07-11 0658 - 2013-05-22 1552 - 00071048 _____ (Adobe Systems Incorporated) CWindowsSysWOW64FlashPlayerCPLApp.cpl

2013-07-11 0658 - 2013-05-22 1552 - 00003822 _____ CWindowsSystem32TasksAdobe Flash Player Updater
 

==================== Bamital & volsnap Check =================
 

CWindowsSystem32winlogon.exe = MD5 is legit

CWindowsSystem32wininit.exe = MD5 is legit

CWindowsSysWOW64wininit.exe = MD5 is legit

CWindowsexplorer.exe = MD5 is legit

CWindowsSysWOW64explorer.exe = MD5 is legit

CWindowsSystem32svchost.exe = MD5 is legit

CWindowsSysWOW64svchost.exe = MD5 is legit

CWindowsSystem32services.exe = MD5 is legit

CWindowsSystem32User32.dll = MD5 is legit

CWindowsSysWOW64User32.dll = MD5 is legit

CWindowsSystem32userinit.exe = MD5 is legit

CWindowsSysWOW64userinit.exe = MD5 is legit

CWindowsSystem32Driversvolsnap.sys = MD5 is legit
 
 

LastRegBack 2013-08-08 1414
 

==================== End Of Log ============================

defogger_disable

Code:

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 1429 on 09082013 (Kai)
 

Checking for autostart values...

HKCU~Run values retrieved.

HKLM~Run values retrieved.
 

Checking for servicesdrivers...
 
 

-=E.O.F=-

Gmer

Code:

GMER 2.1.19163 - httpwww.gmer.net

Rootkit scan 2013-08-09 145929

Windows 6.1.7601 Service Pack 1 x64 DeviceHarddisk1DR1 - DeviceIdeIdeDeviceP1T0L0-1 ST1000DM003-1CH162 rev.CC46 931,51GB

Running gmer_2.1.19163.exe; Driver CUsersKaiAppDataLocalTempuwldqpow.sys
 
 

---- Kernel code sections - GMER 2.1 ----
 

INITKDBG  CWindowssystem32ntoskrnl.exe!ExDeleteNPagedLookasideList + 560                                                                                    fffff800033b3000 4 bytes [CC, 05, ED, FF]

INITKDBG  CWindowssystem32ntoskrnl.exe!ExDeleteNPagedLookasideList + 565                                                                                    fffff800033b3005 12 bytes {MOV [RSP+0x28], RBX; LEA R12, [RSP+0x20]; JMP 0x22}
 

---- User code sections - GMER 2.1 ----
 

.text     CProgram Files (x86)GameTrackerGSInGameService.exe[1180] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                                  0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)GameTrackerGSInGameService.exe[1180] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155                                 00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe[2228] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe[2228] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155               00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe[2204] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                 0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe[2204] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155                00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe[3860] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                         0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe[3860] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155                        00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe[3316] CWindowssyswow64psapi.dll!GetModuleInformation + 69                          0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe[3316] CWindowssyswow64psapi.dll!GetModuleInformation + 155                         00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)GameTrackerGTLite.exe[4668] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                                           0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)GameTrackerGTLite.exe[4668] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155                                          00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe[4308] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                             0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)LogitechLWSWebcam SoftwareLWS.exe[4308] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155                            00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe[4664] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69               0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe[4664] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155              00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe[4716] CWindowssyswow64psapi.dll!GetModuleInformation + 69                           0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)Spybot - Search & Destroy 2SDTray.exe[4716] CWindowssyswow64psapi.dll!GetModuleInformation + 155                          00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram FilesLogitech Gaming SoftwareAppletsLCDMedia.exe[4928] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                          0000000075661465 2 bytes [66, 75]

.text     CProgram FilesLogitech Gaming SoftwareAppletsLCDMedia.exe[4928] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155                         00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

.text     CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!FreeLibrary                                                             00000000753534a8 5 bytes JMP 000000016efd2170

.text     CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryExA                                                          00000000753548fb 5 bytes JMP 000000016efd1fe0

.text     CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryW                                                            0000000075354913 5 bytes JMP 000000016efd1f20

.text     CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryExW                                                          0000000075354945 5 bytes JMP 000000016efd20a0

.text     CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64kernel32.dll!LoadLibraryA                                                            00000000753549bf 5 bytes JMP 000000016efd1e70

.text     CProgram Files (x86)SteamSteam.exe[3452] CWindowssyswow64KERNELBASE.dll!HeapCreate                                                            0000000076e9549c 5 bytes JMP 00000001000a0800

.text     CProgram Files (x86)Common FilesSteamSteamService.exe[4900] CWindowssyswow64KERNELBASE.dll!HeapCreate                                        0000000076e9549c 5 bytes JMP 00000001001c0800

.text     CProgram Files (x86)Common FilesSteamSteamService.exe[4900] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 69                              0000000075661465 2 bytes [66, 75]

.text     CProgram Files (x86)Common FilesSteamSteamService.exe[4900] CWindowssyswow64PSAPI.DLL!GetModuleInformation + 155                             00000000756614bb 2 bytes [66, 75]

.text     ...                                                                                                                                                    2

---- Processes - GMER 2.1 ----
 

Library   CProgram Files (x86)AviraAntiVir Desktopsched.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]           0000000000bf0000

Library   CProgram Files (x86)AviraAntiVir Desktopgrdcore.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]         0000000072a80000

Library   cprogram files (x86)aviraantivir desktopcfglib.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]          00000000723e0000

Library   cprogram files (x86)aviraantivir desktopgpipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]           00000000723a0000

Library   cprogram files (x86)aviraantivir desktopgpgen.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]           0000000072340000

Library   cprogram files (x86)aviraantivir desktopgpschd.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]          0000000072310000

Library   CProgram Files (x86)AviraAntiVir Desktopavevtlog.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]        0000000072250000

Library   CProgram Files (x86)AviraAntiVir Desktopschedr.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]          0000000072240000

Library   CProgram Files (x86)AviraAntiVir Desktopsqlite3.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]         00000000721d0000

Library   CProgram Files (x86)AviraAntiVir Desktopavipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopsched.exe [1496]           00000000728c0000

Library   CProgram Files (x86)AviraAntiVir Desktopavguard.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavguard.exe [1860]       0000000000b10000

Library   CProgram Files (x86)AviraAntiVir Desktopavshadow.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavshadow.exe [1544]     000000013f560000

Library   CProgram Files (x86)AviraAntiVir Desktopavipc64.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavshadow.exe [1544]      000007fef74c0000

Library   CProgram Files (x86)AviraAntiVir Desktopavgnt.exe ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]           00000000012b0000

Library   CProgram Files (x86)AviraAntiVir Desktopccwkrlib.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]        0000000073770000

Library   cprogram files (x86)aviraantivir desktopcfglib.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]          00000000723e0000

Library   cprogram files (x86)aviraantivir desktopccguard.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]         00000000736b0000

Library   cprogram files (x86)aviraantivir desktopccgrdrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]         0000000073d20000

Library   cprogram files (x86)aviraantivir desktopccgrdw.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]          0000000073730000

Library   CProgram Files (x86)AviraAntiVir Desktopgrdcore.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]         0000000072a80000

Library   cprogram files (x86)aviraantivir desktopgpipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]           00000000723a0000

Library   CProgram Files (x86)AviraAntiVir Desktopavipc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]           00000000728c0000

Library   cprogram files (x86)aviraantivir desktopccwgrd.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]          00000000734a0000

Library   cprogram files (x86)aviraantivir desktopccgen.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]           00000000730a0000

Library   cprogram files (x86)aviraantivir desktopccgenrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]         0000000073d30000

Library   cprogram files (x86)aviraantivir desktopccupdate.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]        0000000073410000

Library   cprogram files (x86)aviraantivir desktopccupdrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]         0000000073c80000

Library   cprogram files (x86)aviraantivir desktopcclic.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]           0000000073710000

Library   cprogram files (x86)aviraantivir desktopcclicrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]         00000000733c0000

Library   cprogram files (x86)aviraantivir desktopccmsg.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]           0000000072e90000

Library   cprogram files (x86)aviraantivir desktopccmsgrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]         0000000073840000

Library   cprogram files (x86)aviraantivir desktopccmainrc.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]        00000000736a0000

Library   CProgram Files (x86)AviraAntiVir Desktopccupdw.dll ( suspicious ) @ CProgram Files (x86)AviraAntiVir Desktopavgnt.exe [4184]          000000006e030000

Library   Cprogram files (x86)aviraantivir desktopavscan.exe ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         0000000001200000

Library   Cprogram files (x86)aviraantivir desktopavlode.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         0000000068cd0000

Library   Cprogram files (x86)aviraantivir desktopapcfile.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]        0000000069880000

Library   Cprogram files (x86)aviraantivir desktoplibcurl.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]        0000000068c80000

Library   Cprogram files (x86)aviraantivir desktopLIBEAY32.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       0000000068720000

Library   Cprogram files (x86)aviraantivir desktopSSLEAY32.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       0000000068c30000

Library   Cprogram files (x86)aviraantivir desktoplibaprutil-1.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]   000000006ee60000

Library   Cprogram files (x86)aviraantivir desktoplibapriconv-1.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]  000000006ee50000

Library   Cprogram files (x86)aviraantivir desktoplibapr-1.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       000000006eec0000

Library   Cprogram files (x86)aviraantivir desktopAVSCANRC.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       000000006f860000

Library   Cprogram files (x86)aviraantivir desktopAVWINLL.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]        000000006f6b0000

Library   Cprogram files (x86)aviraantivir desktopLUKE.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]           000000006e530000

Library   Cprogram files (x86)aviraantivir desktopExtDlgFw.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       0000000069840000

Library   Cprogram files (x86)aviraantivir desktopccwkrlib.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       0000000073770000

Library   cprogram files (x86)aviraantivir desktopcfglib.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         00000000723e0000

Library   cprogram files (x86)aviraantivir desktopccavscanex.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]     0000000068bd0000

Library   cprogram files (x86)aviraantivir desktopccavscanexrc.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]   000000006e080000

Library   Cprogram files (x86)aviraantivir desktopAVREP.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          00000000696f0000

Library   cprogram files (x86)aviraantivir desktopAVPREF.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         0000000071ed0000

Library   cprogram files (x86)aviraantivir desktopaecore.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         0000000071e90000

Library   cprogram files (x86)aviraantivir desktopaevdf.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          0000000071e70000

Library   cprogram files (x86)aviraantivir desktopaescript.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       0000000071df0000

Library   cprogram files (x86)aviraantivir desktopaescn.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          0000000071dc0000

Library   cprogram files (x86)aviraantivir desktopaesbx.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          0000000071c90000

Library   cprogram files (x86)aviraantivir desktopaerdl.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          0000000071be0000

Library   cprogram files (x86)aviraantivir desktopaepack.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         0000000071b20000

Library   cprogram files (x86)aviraantivir desktopaeoffice.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       0000000071ae0000

Library   cprogram files (x86)aviraantivir desktopaeheur.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         0000000071500000

Library   cprogram files (x86)aviraantivir desktopaehelp.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]         00000000714b0000

Library   cprogram files (x86)aviraantivir desktopaegen.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          0000000071440000

Library   cprogram files (x86)aviraantivir desktopaeexp.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          00000000713f0000

Library   cprogram files (x86)aviraantivir desktopaeemu.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          0000000010000000

Library   cprogram files (x86)aviraantivir desktopaebb.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]           0000000000c60000

Library   Cprogram files (x86)aviraantivir desktopavevtlog.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]       0000000072250000

Library   Cprogram files (x86)aviraantivir desktopsqlite3.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]        00000000721d0000

Library   Cprogram files (x86)aviraantivir desktopAVSCPLR.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]        000000006c640000

Library   Cprogram files (x86)aviraantivir desktopAVREG.DLL ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          000000006fab0000

Library   Cprogram files (x86)aviraantivir desktopavipc.dll ( suspicious ) @ Cprogram files (x86)aviraantivir desktopavscan.exe [5452]          00000000728c0000
 

---- EOF - GMER 2.1 ----

Emsisoft Anti-Malware

Code:

Emsisoft Anti-Malware - Version 8.0

Letztes Update 09.08.2013 153230

Benutzerkonto Kai-PCKai
 

Scan Einstellungen
 

Scan Methode Detail Scan

Objekte Rootkits, Speicher, Traces, C, D, F, H
 

Riskware-Erkennung Aus

Archiv Scan An

ADS Scan An

Dateitypen-Filter Aus

Erweitertes Caching An

Direkter Festplattenzugriff Aus
 

Scan Beginn        09.08.2013 161637
 

Gescannt        515635

Gefunden        0
 

Scan Ende        09.08.2013 174354

Scan Zeit        12717

Malwarebytes Anti-Malware

Code:

Malwarebytes Anti-Malware (Test) 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version v2013.07.22.05
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16635

Kai  KAI-PC [Administrator]
 

Schutz Aktiviert
 

22.07.2013 161109

mbam-log-2013-07-22 (16-11-09).txt
 

Art des Suchlaufs Vollständiger Suchlauf (CDFGH)

Aktivierte Suchlaufeinstellungen Speicher  Autostart  Registrierung  Dateisystem  HeuristiksExtra  HeuristiKsShuriken  PUP  PUM

Deaktivierte Suchlaufeinstellungen P2P

Durchsuchte Objekte 408410

Laufzeit 1 Stunde(n), 30 Sekunde(n)
 

Infizierte Speicherprozesse 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Avira Free Antivirus

Code:

Exportierte Ereignisse:
 

09.08.2013 19:35 [System-Scanner] Malware gefunden

      Die Datei 'C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\File 

      System\000\t\00\00000002'

      enthielt einen Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan].

      Durchgeführte Aktion(en):

      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1e16f293.qua' 

      verschoben!
 

09.08.2013 19:23 [Echtzeit-Scanner] Malware gefunden

      In der Datei 'C:\ProgramData\Avira\AntiVir 

      Desktop\TEMP\AVSCAN-20130809-181905-6072A14C\00000003-8D62B22E'

      wurde ein Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan] 

      gefunden.

      Ausgeführte Aktion: Zugriff verweigern
 

09.08.2013 19:23 [Echtzeit-Scanner] Malware gefunden

      In der Datei 'C:\ProgramData\Avira\AntiVir 

      Desktop\TEMP\AVSCAN-20130809-181905-6072A14C\00000003-876E4D48'

      wurde ein Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan] 

      gefunden.

      Ausgeführte Aktion: Zugriff verweigern
 

09.08.2013 18:58 [Echtzeit-Scanner] Malware gefunden

      In der Datei 'C:\ProgramData\Avira\AntiVir 

      Desktop\TEMP\AVSCAN-20130809-181905-6072A14C\00000002-4AED024B'

      wurde ein Virus oder unerwünschtes Programm 'TR/Graftor.77030' [trojan] 

      gefunden.

      Ausgeführte Aktion: Zugriff verweigern

hi,

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hallo schrauber,
vielen Dank für deine schnelle Antwort!
Ich habe sofort Combofix gestartet und folgender Logfile kam dabei heraus:

Code:

Combofix Logfile:
 

        Code:


        
ComboFix 13-08-09.02 - Kai 10.08.2013  12:01:18.1.8 - x64

Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8150.5772 [GMT 2:00]

ausgeführt von:: c:\users\Kai\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}

AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Kai\AppData\Local\ext_piccshare_uninst.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-07-10 bis 2013-08-10  ))))))))))))))))))))))))))))))

.

.

2013-08-10 10:08 . 2013-08-10 10:08        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2013-08-10 10:08 . 2013-08-10 10:08        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-08-09 16:18 . 2013-08-09 16:18        83672        ----a-w-        c:\windows\system32\drivers\avnetflt.sys

2013-08-09 16:18 . 2013-08-09 16:18        --------        d-----w-        c:\programdata\AskPartnerNetwork

2013-08-09 16:18 . 2013-08-09 16:18        --------        d-----w-        c:\program files (x86)\AskPartnerNetwork

2013-08-09 16:18 . 2013-08-09 16:18        --------        d-----w-        c:\users\Kai\AppData\Roaming\Avira

2013-08-09 16:17 . 2013-08-09 16:17        --------        d-----w-        c:\programdata\APN

2013-08-09 16:16 . 2013-08-09 16:16        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2013-08-09 16:16 . 2013-08-09 16:16        130016        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2013-08-09 16:16 . 2013-08-09 16:16        100712        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2013-08-09 16:16 . 2013-08-09 16:17        --------        d-----w-        c:\programdata\Avira

2013-08-09 16:16 . 2013-08-09 16:16        --------        d-----w-        c:\program files (x86)\Avira

2013-08-09 14:11 . 2013-08-09 14:11        --------        d-----w-        c:\users\Kai\AppData\Local\ESET

2013-08-09 13:09 . 2013-08-09 13:09        --------        d-----w-        c:\program files\ESET

2013-08-09 13:05 . 2013-08-10 09:57        --------        d-----w-        c:\program files (x86)\Emsisoft Anti-Malware

2013-08-09 12:30 . 2013-08-09 12:30        --------        d-----w-        C:\FRST

2013-08-07 08:38 . 2013-08-07 08:46        --------        d-----w-        c:\programdata\Spybot - Search & Destroy

2013-08-07 08:37 . 2013-08-10 09:59        --------        d-----w-        c:\program files (x86)\Spybot - Search & Destroy 2

2013-08-04 18:08 . 2013-08-10 09:52        --------        d-----w-        c:\users\Kai\AppData\Roaming\GameTracker

2013-08-04 18:08 . 2013-08-04 18:08        --------        d-----w-        c:\program files (x86)\GameTracker

2013-08-04 17:21 . 2013-08-04 17:21        --------        d-----w-        C:\NvidiaLogging

2013-08-04 17:19 . 2013-05-14 19:28        39712        ----a-w-        c:\windows\system32\drivers\nvvad64v.sys

2013-08-04 17:19 . 2013-05-14 19:27        29984        ----a-w-        c:\windows\system32\nvaudcap64v.dll

2013-08-04 17:19 . 2013-05-14 19:27        28448        ----a-w-        c:\windows\SysWow64\nvaudcap32v.dll

2013-07-29 14:07 . 2013-07-29 14:07        --------        d-----w-        c:\users\Kai\AppData\Roaming\HTC Sync

2013-07-29 14:07 . 2013-08-10 09:50        --------        d-----w-        c:\users\Kai\AppData\Local\HTC MediaHub

2013-07-29 14:03 . 2013-07-29 14:03        5        ----a-w-        c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp

2013-07-28 19:40 . 2013-07-28 19:40        --------        d-----w-        c:\program files\Microsoft Silverlight

2013-07-28 19:40 . 2013-07-28 19:40        --------        d-----w-        c:\program files (x86)\Microsoft Silverlight

2013-07-28 16:22 . 2013-07-29 14:07        --------        d-----w-        c:\users\Kai\AppData\Roaming\HTC

2013-07-28 16:21 . 2013-07-28 16:21        --------        d-----w-        c:\programdata\Motorola

2013-07-28 16:20 . 2013-07-28 16:20        --------        d-----w-        c:\program files (x86)\Spirent Communications

2013-07-28 16:17 . 2013-07-29 14:07        --------        d-----w-        c:\program files (x86)\HTC

2013-07-28 16:17 . 2009-06-09 13:41        1122664        ----a-w-        c:\windows\system32\WdfCoInstaller01007.dll

2013-07-28 16:17 . 2013-07-29 14:07        --------        d-----w-        c:\programdata\HTC

2013-07-28 16:17 . 2009-11-02 10:16        33736        ----a-w-        c:\windows\system32\drivers\ANDROIDUSB.sys

2013-07-28 16:17 . 2013-07-28 16:18        --------        d-----w-        C:\Temp

2013-07-27 18:13 . 2013-07-27 18:13        --------        d-----w-        c:\program files (x86)\MSXML 4.0

2013-07-26 17:21 . 2013-07-26 17:22        --------        d-----w-        c:\users\Kai\AppData\Local\Nero

2013-07-26 09:48 . 2013-07-26 09:49        --------        d-----w-        c:\users\Kai\AppData\Roaming\Nero

2013-07-26 09:45 . 2013-07-29 14:07        --------        d-----w-        c:\program files (x86)\Common Files\Nero

2013-07-26 09:45 . 2013-07-26 09:48        --------        d-----w-        c:\program files (x86)\Nero

2013-07-26 09:45 . 2013-07-26 09:48        --------        d-----w-        c:\programdata\Nero

2013-07-25 19:29 . 2013-07-25 19:29        231376        ----a-w-        c:\windows\system32\drivers\truecrypt.sys

2013-07-25 19:29 . 2013-07-25 19:30        --------        d-----w-        c:\program files\TrueCrypt

2013-07-25 19:26 . 2013-07-25 19:26        --------        d-----w-        c:\users\Kai\AppData\Local\LogicCircuit

2013-07-25 19:24 . 2013-07-25 19:24        --------        d-----w-        c:\program files (x86)\LogicCircuit

2013-07-25 19:12 . 2013-07-25 19:12        --------        d-----w-        C:\opt

2013-07-25 12:32 . 2013-07-25 12:32        --------        d-----w-        c:\program files (x86)\Bethesda Softworks

2013-07-25 12:30 . 2013-07-25 12:30        283200        ----a-w-        c:\windows\system32\drivers\dtsoftbus01.sys

2013-07-25 12:30 . 2013-07-25 12:32        --------        d-----w-        c:\users\Kai\AppData\Roaming\DAEMON Tools Lite

2013-07-25 12:30 . 2013-07-25 12:30        --------        d-----w-        c:\program files (x86)\DAEMON Tools Lite

2013-07-25 12:30 . 2013-07-25 12:32        --------        d-----w-        c:\programdata\DAEMON Tools Lite

2013-07-24 12:41 . 2013-07-24 12:41        --------        d-----w-        c:\users\Kai\AppData\Roaming\PDAppFlex

2013-07-24 12:41 . 2013-07-24 12:41        --------        d-----w-        c:\programdata\regid.1986-12.com.adobe

2013-07-24 11:23 . 2013-07-24 11:23        --------        d-----w-        c:\program files\Adobe

2013-07-24 11:16 . 2013-07-24 11:23        --------        d-----w-        c:\program files\Common Files\Adobe

2013-07-24 10:21 . 2013-07-24 10:21        --------        d-----w-        C:\EEK

2013-07-22 17:27 . 2013-07-22 17:40        --------        d-----w-        c:\users\Kai\AppData\Roaming\TrueCrypt

2013-07-22 13:37 . 2013-07-22 13:37        --------        d-----w-        c:\users\Kai\AppData\Roaming\Malwarebytes

2013-07-22 13:37 . 2013-07-22 13:37        --------        d-----w-        c:\programdata\Malwarebytes

2013-07-22 13:37 . 2013-07-22 13:37        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2013-07-22 13:37 . 2013-04-04 12:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2013-07-22 13:37 . 2013-07-22 13:37        --------        d-----w-        c:\users\Kai\AppData\Local\Programs

2013-07-21 18:30 . 2013-07-21 18:30        --------        d-----w-        c:\users\Kai\AppData\Roaming\Snz

2013-07-18 17:14 . 2013-07-18 17:14        --------        d-----w-        c:\windows\SysWow64\xlive

2013-07-18 17:14 . 2013-07-18 17:14        --------        d-----w-        c:\program files (x86)\Microsoft Games for Windows - LIVE

2013-07-18 16:48 . 2013-07-18 16:48        --------        d-sh--w-        c:\programdata\SecuROM

2013-07-18 16:45 . 2013-07-18 16:45        --------        d-----w-        c:\users\Kai\AppData\Local\Rockstar Games

2013-07-18 16:45 . 2013-07-18 16:45        --------        d--h--r-        c:\users\Kai\AppData\Roaming\SecuROM

2013-07-18 16:45 . 2013-07-18 16:45        178800        ----a-w-        c:\windows\SysWow64\CmdLineExt_x64.dll

2013-07-12 11:40 . 2013-07-12 11:40        --------        d-----w-        c:\users\Kai\AppData\Local\DeutscheBahn

2013-07-11 19:39 . 2013-05-27 05:50        1011712        ----a-w-        c:\program files\Windows Defender\MpSvc.dll

2013-07-11 19:02 . 2013-07-11 19:02        --------        d-----w-        c:\users\Kai\AppData\Roaming\DVDVideoSoft

2013-07-11 19:02 . 2013-07-11 19:02        --------        d-----w-        c:\program files (x86)\DVDVideoSoft

2013-07-11 19:02 . 2013-07-11 19:02        --------        d-----w-        c:\program files (x86)\Common Files\DVDVideoSoft

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-18 17:04 . 2009-08-18 09:24        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-07-11 20:03 . 2013-05-22 15:56        78185248        ----a-w-        c:\windows\system32\MRT.exe

2013-07-11 04:58 . 2013-05-22 13:52        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-11 04:58 . 2013-05-22 13:52        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-06-21 12:06 . 2013-07-01 19:19        925648        ----a-w-        c:\windows\SysWow64\nvumdshim.dll

2013-06-21 12:06 . 2013-07-01 19:19        9239344        ----a-w-        c:\windows\system32\nvcuda.dll

2013-06-21 12:06 . 2013-07-01 19:19        7687592        ----a-w-        c:\windows\SysWow64\nvcuda.dll

2013-06-21 12:06 . 2013-07-01 19:19        7641832        ----a-w-        c:\windows\system32\nvopencl.dll

2013-06-21 12:06 . 2013-07-01 19:19        6324360        ----a-w-        c:\windows\SysWow64\nvopencl.dll

2013-06-21 12:06 . 2013-07-01 19:19        572704        ----a-w-        c:\windows\system32\NvFBC64.dll

2013-06-21 12:06 . 2013-07-01 19:19        570656        ----a-w-        c:\windows\system32\NvIFR64.dll

2013-06-21 12:06 . 2013-07-01 19:19        467232        ----a-w-        c:\windows\SysWow64\NvIFR.dll

2013-06-21 12:06 . 2013-07-01 19:19        465184        ----a-w-        c:\windows\SysWow64\NvFBC.dll

2013-06-21 12:06 . 2013-07-01 19:19        2953504        ----a-w-        c:\windows\system32\nvcuvid.dll

2013-06-21 12:06 . 2013-07-01 19:19        2777888        ----a-w-        c:\windows\SysWow64\nvcuvid.dll

2013-06-21 12:06 . 2013-07-01 19:19        266448        ----a-w-        c:\windows\system32\nvinitx.dll

2013-06-21 12:06 . 2013-07-01 19:19        25256224        ----a-w-        c:\windows\system32\nvcompiler.dll

2013-06-21 12:06 . 2013-07-01 19:19        2363680        ----a-w-        c:\windows\system32\nvcuvenc.dll

2013-06-21 12:06 . 2013-07-01 19:19        218592        ----a-w-        c:\windows\system32\nvoglshim64.dll

2013-06-21 12:06 . 2013-07-01 19:19        214448        ----a-w-        c:\windows\SysWow64\nvinit.dll

2013-06-21 12:06 . 2013-07-01 19:19        21102368        ----a-w-        c:\windows\SysWow64\nvoglv32.dll

2013-06-21 12:06 . 2013-07-01 19:19        2002720        ----a-w-        c:\windows\SysWow64\nvcuvenc.dll

2013-06-21 12:06 . 2013-07-01 19:19        1832224        ----a-w-        c:\windows\system32\nvdispco6432049.dll

2013-06-21 12:06 . 2013-07-01 19:19        181488        ----a-w-        c:\windows\SysWow64\nvoglshim32.dll

2013-06-21 12:06 . 2013-07-01 19:19        17560352        ----a-w-        c:\windows\SysWow64\nvcompiler.dll

2013-06-21 12:06 . 2013-07-01 19:19        15144928        ----a-w-        c:\windows\system32\nvd3dumx.dll

2013-06-21 12:06 . 2013-07-01 19:19        1511712        ----a-w-        c:\windows\system32\nvdispgenco6432049.dll

2013-06-21 12:06 . 2013-07-01 19:19        13411896        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll

2013-06-21 12:06 . 2013-07-01 19:19        11235104        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys

2013-06-21 12:06 . 2013-05-22 07:39        61216        ----a-w-        c:\windows\system32\OpenCL.dll

2013-06-21 12:06 . 2013-05-22 07:39        53024        ----a-w-        c:\windows\SysWow64\OpenCL.dll

2013-06-21 12:06 . 2013-05-22 07:39        2936208        ----a-w-        c:\windows\system32\nvapi64.dll

2013-06-21 12:06 . 2013-05-22 07:39        27781920        ----a-w-        c:\windows\system32\nvoglv64.dll

2013-06-21 12:06 . 2013-05-22 07:39        2597856        ----a-w-        c:\windows\SysWow64\nvapi.dll

2013-06-21 12:06 . 2013-05-22 07:39        15920536        ----a-w-        c:\windows\system32\nvwgf2umx.dll

2013-06-21 12:06 . 2013-05-22 07:39        12427240        ----a-w-        c:\windows\SysWow64\nvd3dum.dll

2013-06-21 12:06 . 2013-05-22 07:39        1059560        ----a-w-        c:\windows\system32\nvumdshimx.dll

2013-06-21 10:23 . 2013-05-22 07:40        6496544        ----a-w-        c:\windows\system32\nvcpl.dll

2013-06-21 10:23 . 2013-05-22 07:40        3514656        ----a-w-        c:\windows\system32\nvsvc64.dll

2013-06-21 10:23 . 2013-05-22 07:40        884512        ----a-w-        c:\windows\system32\nvvsvc.exe

2013-06-21 10:23 . 2013-05-22 07:40        63776        ----a-w-        c:\windows\system32\nvshext.dll

2013-06-21 10:23 . 2013-05-22 07:40        2555680        ----a-w-        c:\windows\system32\nvsvcr.dll

2013-06-21 10:23 . 2013-05-22 07:40        237856        ----a-w-        c:\windows\system32\nvmctray.dll

2013-06-21 03:16 . 2013-06-21 03:16        566048        ----a-w-        c:\windows\SysWow64\nvStreaming.exe

2013-06-20 04:17 . 2013-05-22 07:40        3253909        ----a-w-        c:\windows\system32\nvcoproc.bin

2013-06-12 19:48 . 2013-05-22 17:14        867240        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll

2013-06-12 19:48 . 2013-05-22 17:14        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2013-06-12 19:47 . 2013-06-21 13:19        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-10 14:48 . 2013-06-10 14:48        53248        ----a-r-        c:\users\Kai\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2013-05-22 16:30 . 2013-05-22 16:30        226304        ----a-w-        c:\windows\system32\elshyph.dll

2013-05-22 16:30 . 2013-05-22 16:30        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll

2013-05-22 16:30 . 2013-05-22 16:30        158720        ----a-w-        c:\windows\SysWow64\msls31.dll

2013-05-22 16:30 . 2013-05-22 16:30        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe

2013-05-22 16:30 . 2013-05-22 16:30        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2013-05-22 16:30 . 2013-05-22 16:30        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll

2013-05-22 16:30 . 2013-05-22 16:30        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll

2013-05-22 16:30 . 2013-05-22 16:30        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2013-05-22 16:30 . 2013-05-22 16:30        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll

2013-05-22 16:30 . 2013-05-22 16:30        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe

2013-05-22 16:30 . 2013-05-22 16:30        138752        ----a-w-        c:\windows\SysWow64\wextract.exe

2013-05-22 16:30 . 2013-05-22 16:30        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2013-05-22 16:30 . 2013-05-22 16:30        12800        ----a-w-        c:\windows\SysWow64\mshta.exe

2013-05-22 16:30 . 2013-05-22 16:30        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2013-05-22 16:30 . 2013-05-22 16:30        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx

2013-05-22 16:30 . 2013-05-22 16:30        361984        ----a-w-        c:\windows\SysWow64\html.iec

2013-05-22 16:30 . 2013-05-22 16:30        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2013-05-22 16:30 . 2013-05-22 16:30        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl

2013-05-22 16:30 . 2013-05-22 16:30        452096        ----a-w-        c:\windows\system32\dxtmsft.dll

2013-05-22 16:30 . 2013-05-22 16:30        441856        ----a-w-        c:\windows\system32\html.iec

2013-05-22 16:30 . 2013-05-22 16:30        281600        ----a-w-        c:\windows\system32\dxtrans.dll

2013-05-22 16:30 . 2013-05-22 16:30        216064        ----a-w-        c:\windows\system32\msls31.dll

2013-05-22 16:30 . 2013-05-22 16:30        197120        ----a-w-        c:\windows\system32\msrating.dll

2013-05-22 16:30 . 2013-05-22 16:30        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat

2013-05-22 16:30 . 2013-05-22 16:30        97280        ----a-w-        c:\windows\system32\mshtmled.dll

2013-05-22 16:30 . 2013-05-22 16:30        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll

2013-05-22 16:30 . 2013-05-22 16:30        81408        ----a-w-        c:\windows\system32\icardie.dll

2013-05-22 16:30 . 2013-05-22 16:30        762368        ----a-w-        c:\windows\system32\ieapfltr.dll

2013-05-22 16:30 . 2013-05-22 16:30        599552        ----a-w-        c:\windows\system32\vbscript.dll

2013-05-22 16:30 . 2013-05-22 16:30        27648        ----a-w-        c:\windows\system32\licmgr10.dll

2013-05-22 16:30 . 2013-05-22 16:30        270848        ----a-w-        c:\windows\system32\iedkcs32.dll

2013-05-22 16:30 . 2013-05-22 16:30        247296        ----a-w-        c:\windows\system32\webcheck.dll

2013-05-22 16:30 . 2013-05-22 16:30        235008        ----a-w-        c:\windows\system32\url.dll

2013-05-22 16:30 . 2013-05-22 16:30        167424        ----a-w-        c:\windows\system32\iexpress.exe

2013-05-22 16:30 . 2013-05-22 16:30        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-05-22 16:30 . 2013-05-22 16:30        144896        ----a-w-        c:\windows\system32\wextract.exe

2013-05-22 16:30 . 2013-05-22 16:30        102912        ----a-w-        c:\windows\system32\inseng.dll

2013-05-22 16:30 . 2013-05-22 16:30        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2013-05-22 16:30 . 2013-05-22 16:30        62976        ----a-w-        c:\windows\system32\pngfilt.dll

2013-05-22 16:30 . 2013-05-22 16:30        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll

2013-05-22 16:30 . 2013-05-22 16:30        51200        ----a-w-        c:\windows\system32\imgutil.dll

2013-05-22 16:30 . 2013-05-22 16:30        173568        ----a-w-        c:\windows\system32\ieUnatt.exe

2013-05-22 16:30 . 2013-05-22 16:30        149504        ----a-w-        c:\windows\system32\occache.dll

2013-05-22 16:30 . 2013-05-22 16:30        13824        ----a-w-        c:\windows\system32\mshta.exe

2013-05-22 16:30 . 2013-05-22 16:30        136192        ----a-w-        c:\windows\system32\iepeers.dll

2013-05-22 16:30 . 2013-05-22 16:30        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll

2013-05-22 16:30 . 2013-05-22 16:30        12800        ----a-w-        c:\windows\system32\msfeedssync.exe

2013-05-22 16:30 . 2013-05-22 16:30        77312        ----a-w-        c:\windows\system32\tdc.ocx

2013-05-22 16:30 . 2013-05-22 16:30        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2013-05-22 16:25 . 2013-05-22 16:25        9728        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-22 16:25 . 2013-05-22 16:25        9728        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]

2013-07-26 20:30        12240        ----a-w-        c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}]

2013-06-26 06:53        119184        ----a-w-        c:\users\Kai\AppData\Local\ext_piccshare\ext_piccshare.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-07-26 12240]

.

[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GameTracker"="c:\program files (x86)\GameTracker\GTLite.exe" [2013-03-08 4019992]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]

"emsisoft anti-malware"="c:\program files (x86)\emsisoft anti-malware\a2guard.exe" [2013-07-02 2928040]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-08-09 345144]

"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-07-26 1558480]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           autocheck autochk *\0\0sdnclean64.exe

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]

R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]

R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]

R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]

R4 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]

R4 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]

R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [x]

S1 a2injectiondriver;a2injectiondriver;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys [x]

S1 a2util;a-squared Malware-IDS utility driver;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys [x]

S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]

S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]

S2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]

S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]

S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]

S2 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe;c:\program files (x86)\GameTracker\GSInGameService.exe [x]

S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]

S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]

S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [x]

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]

S3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]

S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-08-07 08:41        1173456        ----a-w-        c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe

.

Inhalt des "geplante Tasks" Ordners

.

2013-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-22 04:58]

.

2013-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 07:30]

.

2013-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 07:30]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]

@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"

[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]

2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]

@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"

[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]

2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]

@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"

[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]

2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-18 11855976]

"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-03-21 6330568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll

TCP: DhcpNameServer = 192.168.2.1

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKCU-Run-ASRockXTU - (no file)

Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)

SafeBoot-CleanHlp

SafeBoot-CleanHlp.sys

AddRemove-PiccShare - c:\users\Kai\AppData\Local\ext_piccshare_uninst.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1962676326-1203905899-2725302876-1000\Software\SecuROM\License information*]

"datasecu"=hex:45,13,aa,bc,29,94,5c,d7,cb,c3,d2,78,b2,f2,18,4c,8a,88,f5,29,33,

   08,9a,e3,c2,4a,c3,a8,ab,d7,9f,6a,53,1d,f1,72,14,81,65,19,21,79,1a,f1,9f,cd,\

"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2013-08-10  12:11:41

ComboFix-quarantined-files.txt  2013-08-10 10:11

.

Vor Suchlauf: 15 Verzeichnis(se), 219.295.678.464 Bytes frei

Nach Suchlauf: 19 Verzeichnis(se), 219.130.355.712 Bytes frei

.

- - End Of File - - 8255CC04868B4B039E226033C21711DB

 
--- --- ---

A36C5E4F47E84449FF07ED3517B43A31

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hallo schrauber,
ich war leider einige Tage im Urlaub und konnte erst jetzt die oben genannten Prozesse durchführen.

Malwarebytes Anti-Malware:

Code:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.08.14.06
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16635

Kai :: KAI-PC [Administrator]
 

Schutz: Aktiviert
 

14.08.2013 20:43:29

mbam-log-2013-08-14 (20-43-29).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 241605

Laufzeit: 4 Minute(n), 10 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

AdwCleaner:

AdwCleaner Logfile:

Code:

# AdwCleaner v2.306 - Datei am 14/08/2013 um 20:49:58 erstellt

# Aktualisiert am 19/07/2013 von Xplode

# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)

# Benutzer : Kai - KAI-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Kai\Desktop\AdwCleaner.exe

# Option [Suche]
 
 

**** [Dienste] ****
 

Gefunden : APNMCP
 

***** [Dateien / Ordner] *****
 

Ordner Gefunden : C:\Program Files (x86)\AskPartnerNetwork

Ordner Gefunden : C:\ProgramData\APN

Ordner Gefunden : C:\ProgramData\AskPartnerNetwork

Ordner Gefunden : C:\Users\Kai\AppData\Local\Temp\APN
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gefunden : HKCU\Software\AskPartnerNetwork

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Schlüssel Gefunden : HKLM\Software\AskPartnerNetwork

Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v10.0.9200.16635
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Google Chrome v28.0.1500.95
 

Datei : C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[R4].txt - [1370 octets] - [14/08/2013 20:49:58]
 

########## EOF - C:\AdwCleaner[R4].txt - [1430 octets] ##########

--- --- ---

[/CODE]

Junkware Removal Tool:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.5 (08.13.2013:1)

OS: Windows 7 Professional x64

Ran by Kai on 14.08.2013 at 20:54:01,61

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon

Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{553318DA-D010-469E-84B1-496563CAE1C0}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\httogroup

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\piccshare

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}
 
 
 

~~~ Files
 

Failed to delete: [File] "C:\Users\Kai\appdata\local\google\chrome\user data\default\ext_piccshare"

Successfully deleted: [File] "C:\Windows\wininit.ini"
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\ProgramData\apn"

Successfully deleted: [Folder] "C:\Users\Kai\AppData\Roaming\intermediate"

Successfully deleted: [Folder] "C:\Users\Kai\AppData\Roaming\scheck"

Successfully deleted: [Folder] "C:\Users\Kai\AppData\Roaming\ssync"

Successfully deleted: [Folder] "C:\Users\Kai\appdata\local\ext_piccshare"
 
 
 

~~~ Chrome
 

Successfully deleted: [Folder] C:\Users\Kai\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh

Successfully deleted: [Folder] C:\Users\Kai\appdata\local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\docfnddcclkgokdfpnmngpiliiachclb
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 14.08.2013 at 21:06:03,68

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Frische FRST:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013 01

Ran by Kai (administrator) on 14-08-2013 21:08:51

Running from C:\Users\Kai\Desktop

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GTLite.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NANotify.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)

HKCU\...\Run: [GameTracker] - C:\Program Files (x86)\GameTracker\GTLite.exe [4019992 2013-03-08] (ClanServers Hosting LLC)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [2928040 2013-07-02] (Emsisoft GmbH)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-09] (Avira Operations GmbH & Co. KG)

AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)

BootExecute: autocheck autochk * sdnclean64.exe
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK

BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)

BHO-x32: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)

Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File

Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Extension: (Google Docs) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Gmail) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 

==================== Services (Whitelisted) =================
 

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-09] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-09] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-09] (Avira Operations GmbH & Co. KG)

S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137096 2013-02-06] ()

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
 

==================== Drivers (Whitelisted) ====================
 

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)

R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)

R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)

R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [44688 2012-04-30] (Emsisoft GmbH)

R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [44688 2012-04-30] (Emsisoft GmbH)

R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)

R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)

R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)

R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-08-09] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-08-09] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-09] (Avira Operations GmbH & Co. KG)

R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-02] (Emsisoft GmbH)

R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-02] (Emsisoft GmbH)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-07-25] (DT Soft Ltd)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)

R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)

R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)

S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2013-05-22] (FNet Co., Ltd.)

R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-05-22] (FNet Co., Ltd.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-14 20:55 - 2013-08-14 21:06 - 00000000 ____D C:\Users\Kai\Desktop\Neue Logfiles. 14.08

2013-08-14 20:55 - 2013-08-14 20:55 - 00000000 ____D C:\Users\Kai\Desktop\Alte Logfiles. 09.08-10.08

2013-08-14 20:54 - 2013-08-14 20:54 - 00000000 ____D C:\Windows\ERUNT

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Downloads\JRT.exe

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe

2013-08-14 20:49 - 2013-08-14 20:50 - 00001499 _____ C:\AdwCleaner[R4].txt

2013-08-14 20:39 - 2013-08-14 20:39 - 00000000 _____ C:\Users\Kai\AppData\Roaming\.NANotifyHere

2013-08-10 12:11 - 2013-08-10 12:11 - 00034996 _____ C:\ComboFix.txt

2013-08-10 11:57 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2013-08-10 11:57 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2013-08-10 11:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2013-08-10 11:54 - 2013-08-10 12:11 - 00000000 ____D C:\Qoobox

2013-08-10 11:53 - 2013-08-10 12:09 - 00000000 ____D C:\Windows\erdnt

2013-08-10 11:53 - 2013-08-10 11:52 - 05102523 ____R (Swearware) C:\Users\Kai\Desktop\ComboFix.exe

2013-08-10 11:51 - 2013-08-10 11:52 - 05102523 _____ (Swearware) C:\Users\Kai\Downloads\ComboFix.exe

2013-08-09 18:18 - 2013-08-09 18:18 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Mozilla

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Avira

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\ProgramData\AskPartnerNetwork

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork

2013-08-09 18:17 - 2013-08-09 18:17 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-08-09 18:16 - 2013-08-09 18:17 - 00000000 ____D C:\ProgramData\Avira

2013-08-09 18:16 - 2013-08-09 18:16 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-09 18:10 - 2013-08-10 12:03 - 00084294 _____ C:\Users\Kai\Desktop\Neues Textdokument.txt

2013-08-09 16:11 - 2013-08-09 16:11 - 00000000 ____D C:\Users\Kai\AppData\Local\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\ProgramData\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\Program Files\ESET

2013-08-09 15:06 - 2013-08-09 15:06 - 00001095 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk

2013-08-09 15:05 - 2013-08-14 20:38 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware

2013-08-09 15:05 - 2013-08-09 15:05 - 00000000 ____D C:\Users\Kai\Documents\Anti-Malware

2013-08-09 15:04 - 2013-08-09 15:05 - 01415824 _____ (ESET) C:\Users\Kai\Downloads\eset_nod32_antivirus_live_installer.exe

2013-08-09 15:03 - 2013-08-09 15:05 - 187509536 _____ (Emsisoft GmbH                                               ) C:\Users\Kai\Downloads\EmsisoftAntiMalwareSetup.exe

2013-08-09 15:02 - 2013-08-09 15:02 - 02092792 _____ C:\Users\Kai\Downloads\avira_free_antivirus.exe

2013-08-09 14:30 - 2013-08-09 14:30 - 00000000 ____D C:\FRST

2013-08-09 14:28 - 2013-08-09 14:28 - 00000000 _____ C:\Users\Kai\defogger_reenable

2013-08-09 14:27 - 2013-08-09 14:27 - 00377856 _____ C:\Users\Kai\Downloads\gmer_2.1.19163.exe

2013-08-09 14:26 - 2013-08-14 21:08 - 01575570 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe

2013-08-09 14:26 - 2013-08-09 14:25 - 00050477 _____ C:\Users\Kai\Desktop\Defogger.exe

2013-08-09 14:25 - 2013-08-09 14:25 - 00050477 _____ C:\Users\Kai\Downloads\Defogger.exe

2013-08-07 20:49 - 2013-08-07 20:50 - 1138838405 _____ C:\Users\Kai\Downloads\Elysium2.rar

2013-08-07 18:50 - 2013-08-07 19:05 - 1425489052 _____ C:\Users\Kai\Downloads\CryENGINE_PC_v3_4_5_6666_freesdk.zip

2013-08-07 10:41 - 2013-08-07 10:41 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-08-07 10:38 - 2013-08-07 10:46 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-07 10:38 - 2013-08-07 10:38 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-04 20:08 - 2013-08-14 20:38 - 00000000 ____D C:\Users\Kai\AppData\Roaming\GameTracker

2013-08-04 20:08 - 2013-08-04 20:08 - 00001020 _____ C:\Users\Kai\Desktop\GameTracker Lite.lnk

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Program Files (x86)\GameTracker

2013-08-04 19:21 - 2013-08-04 19:21 - 00000000 ____D C:\NvidiaLogging

2013-08-04 19:19 - 2013-05-14 21:28 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-08-04 19:19 - 2013-05-14 21:27 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2013-08-04 19:19 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-07-29 16:07 - 2013-08-14 20:38 - 00000000 ____D C:\Users\Kai\AppData\Local\HTC MediaHub

2013-07-29 16:07 - 2013-07-29 16:07 - 00002031 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk

2013-07-29 16:07 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC Sync

2013-07-29 16:03 - 2013-07-29 16:03 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp

2013-07-29 15:22 - 2013-07-29 15:23 - 00000000 ____D C:\Users\Kai\Desktop\David Guetta - Nothing But The Beat

2013-07-28 23:09 - 2013-07-28 23:09 - 00003302 _____ C:\Windows\System32\Tasks\{E9E56819-4421-4B16-A380-71F0D5C648A5}

2013-07-28 22:54 - 2013-07-28 22:54 - 00000219 _____ C:\Users\Kai\Desktop\Alien Swarm.url

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-07-28 21:13 - 2013-07-28 21:13 - 00000219 _____ C:\Users\Kai\Desktop\Team Fortress 2.url

2013-07-28 19:35 - 2013-07-28 19:35 - 00000222 _____ C:\Users\Kai\Desktop\Call of Duty Black Ops II - Zombies.url

2013-07-28 18:22 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC

2013-07-28 18:21 - 2013-07-28 18:22 - 00000000 ____D C:\Users\Kai\Documents\HTC

2013-07-28 18:21 - 2013-07-28 18:21 - 00000000 ____D C:\ProgramData\Motorola

2013-07-28 18:20 - 2013-07-28 18:20 - 00000000 ____D C:\Program Files (x86)\Spirent Communications

2013-07-28 18:17 - 2013-07-29 16:07 - 00000000 ____D C:\ProgramData\HTC

2013-07-28 18:17 - 2013-07-29 16:07 - 00000000 ____D C:\Program Files (x86)\HTC

2013-07-28 18:17 - 2009-11-02 12:16 - 00033736 _____ (HTC, Corporation) C:\Windows\system32\Drivers\ANDROIDUSB.sys

2013-07-28 18:17 - 2009-06-09 15:41 - 01122664 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll

2013-07-27 20:13 - 2013-07-27 20:13 - 00287600 _____ C:\Windows\msxml4-KB954430-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00283814 _____ C:\Windows\msxml4-KB973688-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0

2013-07-26 19:22 - 2013-07-26 19:22 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero_AG

2013-07-26 19:21 - 2013-07-26 19:22 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero

2013-07-26 11:48 - 2013-07-26 11:49 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Nero

2013-07-26 11:47 - 2013-07-26 11:47 - 00002797 _____ C:\Users\Public\Desktop\Nero Video 12.lnk

2013-07-26 11:45 - 2013-07-26 11:48 - 00000000 ____D C:\ProgramData\Nero

2013-07-26 11:45 - 2013-07-26 11:48 - 00000000 ____D C:\Program Files (x86)\Nero

2013-07-26 11:27 - 2011-10-24 21:26 - 00001524 _____ C:\Users\Kai\Desktop\BabyDevelop.lnk

2013-07-25 21:29 - 2013-07-25 21:30 - 00000000 ____D C:\Program Files\TrueCrypt

2013-07-25 21:29 - 2013-07-25 21:29 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys

2013-07-25 21:29 - 2013-07-25 21:29 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk

2013-07-25 21:26 - 2013-07-25 21:26 - 00000000 ____D C:\Users\Kai\AppData\Local\LogicCircuit

2013-07-25 21:25 - 2013-07-25 21:25 - 00001506 _____ C:\Users\Kai\Desktop\LogicCircuit - Verknüpfung.lnk

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logic Circuit

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Program Files (x86)\LogicCircuit

2013-07-25 21:12 - 2013-07-25 21:12 - 00000000 ____D C:\opt

2013-07-25 14:49 - 2013-07-25 14:49 - 00002056 _____ C:\Users\Public\Desktop\Rage.lnk

2013-07-25 14:32 - 2013-07-25 14:32 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks

2013-07-25 14:31 - 2013-07-25 14:31 - 00001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk

2013-07-25 14:30 - 2013-07-25 14:32 - 00000000 ____D C:\Users\Kai\AppData\Roaming\DAEMON Tools Lite

2013-07-25 14:30 - 2013-07-25 14:32 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

2013-07-25 14:30 - 2013-07-25 14:30 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys

2013-07-25 14:30 - 2013-07-25 14:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite

2013-07-25 14:14 - 2013-07-25 14:14 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-07-25 11:56 - 2013-08-14 20:36 - 00012830 _____ C:\Windows\setupact.log

2013-07-25 11:56 - 2013-07-25 11:56 - 00000000 _____ C:\Windows\setuperr.log

2013-07-25 09:54 - 2013-07-25 09:54 - 00000000 ____D C:\Windows\pss

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\Users\Kai\AppData\Roaming\PDAppFlex

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-07-24 13:23 - 2013-07-24 13:23 - 00000000 ____D C:\Program Files\Adobe

2013-07-24 13:16 - 2013-07-24 13:23 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-07-24 12:54 - 2013-07-24 12:54 - 00003494 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Kai-PC-Kai

2013-07-24 12:53 - 2013-07-24 12:53 - 00001074 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2013-07-24 12:21 - 2013-07-24 12:21 - 00000546 _____ C:\Users\Kai\Desktop\Emsisoft Emergency Kit.lnk

2013-07-24 12:21 - 2013-07-24 12:21 - 00000000 ____D C:\EEK

2013-07-23 17:11 - 2013-07-23 17:11 - 00000219 _____ C:\Users\Kai\Desktop\Counter-Strike Global Offensive.url

2013-07-22 19:27 - 2013-07-22 19:40 - 00000000 ____D C:\Users\Kai\AppData\Roaming\TrueCrypt

2013-07-22 19:08 - 2013-07-22 19:07 - 00666633 _____ C:\Users\Kai\Desktop\AdwCleaner.exe

2013-07-22 15:37 - 2013-07-22 15:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-22 15:37 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-07-21 20:30 - 2013-07-21 20:30 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Snz

2013-07-18 19:15 - 2013-07-18 19:15 - 00000000 ____D C:\Users\Kai\Documents\Games for Windows - LIVE Demos

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Windows\SysWOW64\xlive

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2013-07-18 19:07 - 2013-07-18 19:07 - 00000000 ____D C:\Users\Kai\Documents\Rockstar Games

2013-07-18 18:48 - 2013-07-18 18:48 - 00000000 __SHD C:\ProgramData\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 __RHD C:\Users\Kai\AppData\Roaming\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 ____D C:\Users\Kai\AppData\Local\Rockstar Games
 

==================== One Month Modified Files and Folders =======
 

2013-08-14 21:08 - 2013-08-14 21:08 - 01575570 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe

2013-08-14 21:08 - 2013-08-09 14:26 - 01575570 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe

2013-08-14 21:08 - 2013-05-22 15:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-14 21:06 - 2013-08-14 20:55 - 00000000 ____D C:\Users\Kai\Desktop\Neue Logfiles. 14.08

2013-08-14 20:55 - 2013-08-14 20:55 - 00000000 ____D C:\Users\Kai\Desktop\Alte Logfiles. 09.08-10.08

2013-08-14 20:54 - 2013-08-14 20:54 - 00000000 ____D C:\Windows\ERUNT

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Downloads\JRT.exe

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe

2013-08-14 20:50 - 2013-08-14 20:49 - 00001499 _____ C:\AdwCleaner[R4].txt

2013-08-14 20:46 - 2013-05-22 18:31 - 00000000 ____D C:\Users\Kai\AppData\Local\Adobe

2013-08-14 20:45 - 2013-05-22 09:30 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-14 20:43 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-14 20:43 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-14 20:42 - 2013-05-22 09:47 - 00696620 _____ C:\Windows\system32\perfh007.dat

2013-08-14 20:42 - 2013-05-22 09:47 - 00147916 _____ C:\Windows\system32\perfc007.dat

2013-08-14 20:42 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-14 20:40 - 2013-05-21 23:51 - 01354156 _____ C:\Windows\WindowsUpdate.log

2013-08-14 20:39 - 2013-08-14 20:39 - 00000000 _____ C:\Users\Kai\AppData\Roaming\.NANotifyHere

2013-08-14 20:38 - 2013-08-09 15:05 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware

2013-08-14 20:38 - 2013-08-04 20:08 - 00000000 ____D C:\Users\Kai\AppData\Roaming\GameTracker

2013-08-14 20:38 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Local\HTC MediaHub

2013-08-14 20:37 - 2013-05-22 09:30 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-14 20:36 - 2013-07-25 11:56 - 00012830 _____ C:\Windows\setupact.log

2013-08-14 20:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-14 20:35 - 2013-05-22 09:40 - 00000000 ____D C:\ProgramData\NVIDIA

2013-08-14 20:35 - 2010-11-21 05:47 - 00260234 _____ C:\Windows\PFRO.log

2013-08-10 13:50 - 2013-05-22 09:58 - 00000000 ____D C:\Program Files (x86)\Steam

2013-08-10 12:11 - 2013-08-10 12:11 - 00034996 _____ C:\ComboFix.txt

2013-08-10 12:11 - 2013-08-10 11:54 - 00000000 ____D C:\Qoobox

2013-08-10 12:11 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default

2013-08-10 12:09 - 2013-08-10 11:53 - 00000000 ____D C:\Windows\erdnt

2013-08-10 12:09 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini

2013-08-10 12:03 - 2013-08-09 18:10 - 00084294 _____ C:\Users\Kai\Desktop\Neues Textdokument.txt

2013-08-10 11:52 - 2013-08-10 11:53 - 05102523 ____R (Swearware) C:\Users\Kai\Desktop\ComboFix.exe

2013-08-10 11:52 - 2013-08-10 11:51 - 05102523 _____ (Swearware) C:\Users\Kai\Downloads\ComboFix.exe

2013-08-09 20:38 - 2013-05-22 11:28 - 00000000 ____D C:\Program Files (x86)\JDownloader

2013-08-09 18:18 - 2013-08-09 18:18 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Mozilla

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Avira

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\ProgramData\AskPartnerNetwork

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork

2013-08-09 18:17 - 2013-08-09 18:17 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-08-09 18:17 - 2013-08-09 18:16 - 00000000 ____D C:\ProgramData\Avira

2013-08-09 18:16 - 2013-08-09 18:16 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-09 16:11 - 2013-08-09 16:11 - 00000000 ____D C:\Users\Kai\AppData\Local\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\ProgramData\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\Program Files\ESET

2013-08-09 15:06 - 2013-08-09 15:06 - 00001095 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk

2013-08-09 15:05 - 2013-08-09 15:05 - 00000000 ____D C:\Users\Kai\Documents\Anti-Malware

2013-08-09 15:05 - 2013-08-09 15:04 - 01415824 _____ (ESET) C:\Users\Kai\Downloads\eset_nod32_antivirus_live_installer.exe

2013-08-09 15:05 - 2013-08-09 15:03 - 187509536 _____ (Emsisoft GmbH                                               ) C:\Users\Kai\Downloads\EmsisoftAntiMalwareSetup.exe

2013-08-09 15:02 - 2013-08-09 15:02 - 02092792 _____ C:\Users\Kai\Downloads\avira_free_antivirus.exe

2013-08-09 14:30 - 2013-08-09 14:30 - 00000000 ____D C:\FRST

2013-08-09 14:28 - 2013-08-09 14:28 - 00000000 _____ C:\Users\Kai\defogger_reenable

2013-08-09 14:28 - 2013-05-21 23:55 - 00000000 ____D C:\Users\Kai

2013-08-09 14:27 - 2013-08-09 14:27 - 00377856 _____ C:\Users\Kai\Downloads\gmer_2.1.19163.exe

2013-08-09 14:25 - 2013-08-09 14:26 - 00050477 _____ C:\Users\Kai\Desktop\Defogger.exe

2013-08-09 14:25 - 2013-08-09 14:25 - 00050477 _____ C:\Users\Kai\Downloads\Defogger.exe

2013-08-07 23:37 - 2013-05-22 09:37 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Skype

2013-08-07 23:23 - 2013-05-22 09:47 - 00000000 ____D C:\Users\Kai\AppData\Local\PMB Files

2013-08-07 23:23 - 2013-05-22 09:47 - 00000000 ____D C:\ProgramData\PMB Files

2013-08-07 20:50 - 2013-08-07 20:49 - 1138838405 _____ C:\Users\Kai\Downloads\Elysium2.rar

2013-08-07 19:36 - 2013-05-22 19:45 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\CrashDumps

2013-08-07 19:05 - 2013-08-07 18:50 - 1425489052 _____ C:\Users\Kai\Downloads\CryENGINE_PC_v3_4_5_6666_freesdk.zip

2013-08-07 10:47 - 2013-07-08 21:16 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Common

2013-08-07 10:46 - 2013-08-07 10:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-07 10:41 - 2013-08-07 10:41 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-08-07 10:41 - 2013-05-22 11:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-08-07 10:38 - 2013-08-07 10:38 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-04 20:08 - 2013-08-04 20:08 - 00001020 _____ C:\Users\Kai\Desktop\GameTracker Lite.lnk

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Program Files (x86)\GameTracker

2013-08-04 19:21 - 2013-08-04 19:21 - 00000000 ____D C:\NvidiaLogging

2013-08-04 19:20 - 2013-05-22 09:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-08-04 19:20 - 2013-05-22 09:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-07-30 23:33 - 2013-05-23 15:01 - 00000000 ____D C:\Users\Kai\AppData\Roaming\vlc

2013-07-29 18:44 - 2009-07-14 06:45 - 04990416 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-29 16:07 - 2013-07-29 16:07 - 00002031 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk

2013-07-29 16:07 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC Sync

2013-07-29 16:07 - 2013-07-28 18:22 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC

2013-07-29 16:07 - 2013-07-28 18:17 - 00000000 ____D C:\ProgramData\HTC

2013-07-29 16:07 - 2013-07-28 18:17 - 00000000 ____D C:\Program Files (x86)\HTC

2013-07-29 16:07 - 2013-05-22 13:21 - 00000000 ____D C:\Users\Kai\AppData\Local\Downloaded Installations

2013-07-29 16:07 - 2013-05-22 09:30 - 00064792 _____ C:\Users\Kai\AppData\Local\GDIPFONTCACHEV1.DAT

2013-07-29 16:03 - 2013-07-29 16:03 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp

2013-07-29 15:23 - 2013-07-29 15:22 - 00000000 ____D C:\Users\Kai\Desktop\David Guetta - Nothing But The Beat

2013-07-28 23:09 - 2013-07-28 23:09 - 00003302 _____ C:\Windows\System32\Tasks\{E9E56819-4421-4B16-A380-71F0D5C648A5}

2013-07-28 22:54 - 2013-07-28 22:54 - 00000219 _____ C:\Users\Kai\Desktop\Alien Swarm.url

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-07-28 21:13 - 2013-07-28 21:13 - 00000219 _____ C:\Users\Kai\Desktop\Team Fortress 2.url

2013-07-28 19:35 - 2013-07-28 19:35 - 00000222 _____ C:\Users\Kai\Desktop\Call of Duty Black Ops II - Zombies.url

2013-07-28 18:22 - 2013-07-28 18:21 - 00000000 ____D C:\Users\Kai\Documents\HTC

2013-07-28 18:21 - 2013-07-28 18:21 - 00000000 ____D C:\ProgramData\Motorola

2013-07-28 18:21 - 2013-05-23 13:29 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Apple Computer

2013-07-28 18:21 - 2013-05-23 13:29 - 00000000 ____D C:\Users\Kai\AppData\Local\Apple Computer

2013-07-28 18:20 - 2013-07-28 18:20 - 00000000 ____D C:\Program Files (x86)\Spirent Communications

2013-07-28 18:20 - 2013-05-22 09:24 - 00035414 _____ C:\Windows\DPINST.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00287600 _____ C:\Windows\msxml4-KB954430-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00283814 _____ C:\Windows\msxml4-KB973688-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0

2013-07-26 19:22 - 2013-07-26 19:22 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero_AG

2013-07-26 19:22 - 2013-07-26 19:21 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero

2013-07-26 11:50 - 2013-05-22 09:27 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Adobe

2013-07-26 11:49 - 2013-07-26 11:48 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Nero

2013-07-26 11:48 - 2013-07-26 11:45 - 00000000 ____D C:\ProgramData\Nero

2013-07-26 11:48 - 2013-07-26 11:45 - 00000000 ____D C:\Program Files (x86)\Nero

2013-07-26 11:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors

2013-07-26 11:47 - 2013-07-26 11:47 - 00002797 _____ C:\Users\Public\Desktop\Nero Video 12.lnk

2013-07-25 21:30 - 2013-07-25 21:29 - 00000000 ____D C:\Program Files\TrueCrypt

2013-07-25 21:29 - 2013-07-25 21:29 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys

2013-07-25 21:29 - 2013-07-25 21:29 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk

2013-07-25 21:26 - 2013-07-25 21:26 - 00000000 ____D C:\Users\Kai\AppData\Local\LogicCircuit

2013-07-25 21:25 - 2013-07-25 21:25 - 00001506 _____ C:\Users\Kai\Desktop\LogicCircuit - Verknüpfung.lnk

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logic Circuit

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Program Files (x86)\LogicCircuit

2013-07-25 21:12 - 2013-07-25 21:12 - 00000000 ____D C:\opt

2013-07-25 19:13 - 2013-06-23 19:24 - 00000000 ____D C:\Users\Kai\Desktop\Gfs Religion Sterbehilfe

2013-07-25 16:51 - 2013-07-07 17:03 - 00008788 _____ C:\Users\Kai\Desktop\SharePod.log

2013-07-25 14:49 - 2013-07-25 14:49 - 00002056 _____ C:\Users\Public\Desktop\Rage.lnk

2013-07-25 14:32 - 2013-07-25 14:32 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks

2013-07-25 14:32 - 2013-07-25 14:30 - 00000000 ____D C:\Users\Kai\AppData\Roaming\DAEMON Tools Lite

2013-07-25 14:32 - 2013-07-25 14:30 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

2013-07-25 14:31 - 2013-07-25 14:31 - 00001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk

2013-07-25 14:30 - 2013-07-25 14:30 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys

2013-07-25 14:30 - 2013-07-25 14:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite

2013-07-25 14:14 - 2013-07-25 14:14 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-07-25 11:56 - 2013-07-25 11:56 - 00000000 _____ C:\Windows\setuperr.log

2013-07-25 09:54 - 2013-07-25 09:54 - 00000000 ____D C:\Windows\pss

2013-07-25 09:54 - 2013-05-21 23:55 - 00000000 ___RD C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-07-24 14:53 - 2013-05-30 12:38 - 00001708 _____ C:\Users\Kai\Desktop\Photoshop - Verknüpfung.lnk

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\Users\Kai\AppData\Roaming\PDAppFlex

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-07-24 13:23 - 2013-07-24 13:23 - 00000000 ____D C:\Program Files\Adobe

2013-07-24 13:23 - 2013-07-24 13:16 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-07-24 13:18 - 2013-05-22 09:27 - 00000000 ____D C:\Program Files (x86)\Adobe

2013-07-24 13:16 - 2013-05-22 09:27 - 00000000 ____D C:\ProgramData\Adobe

2013-07-24 12:54 - 2013-07-24 12:54 - 00003494 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Kai-PC-Kai

2013-07-24 12:53 - 2013-07-24 12:53 - 00001074 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2013-07-24 12:35 - 2013-05-22 10:30 - 00000000 ____D C:\Users\Kai\AppData\Local\CrashDumps

2013-07-24 12:21 - 2013-07-24 12:21 - 00000546 _____ C:\Users\Kai\Desktop\Emsisoft Emergency Kit.lnk

2013-07-24 12:21 - 2013-07-24 12:21 - 00000000 ____D C:\EEK

2013-07-24 12:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

2013-07-23 17:47 - 2013-05-22 14:39 - 00062244 _____ C:\Windows\DirectX.log

2013-07-23 17:11 - 2013-07-23 17:11 - 00000219 _____ C:\Users\Kai\Desktop\Counter-Strike Global Offensive.url

2013-07-23 16:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

2013-07-22 19:40 - 2013-07-22 19:27 - 00000000 ____D C:\Users\Kai\AppData\Roaming\TrueCrypt

2013-07-22 19:07 - 2013-07-22 19:08 - 00666633 _____ C:\Users\Kai\Desktop\AdwCleaner.exe

2013-07-22 15:37 - 2013-07-22 15:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-21 20:30 - 2013-07-21 20:30 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Snz

2013-07-18 19:15 - 2013-07-18 19:15 - 00000000 ____D C:\Users\Kai\Documents\Games for Windows - LIVE Demos

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Windows\SysWOW64\xlive

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2013-07-18 19:07 - 2013-07-18 19:07 - 00000000 ____D C:\Users\Kai\Documents\Rockstar Games

2013-07-18 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-07-18 18:48 - 2013-07-18 18:48 - 00000000 __SHD C:\ProgramData\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 __RHD C:\Users\Kai\AppData\Roaming\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 ____D C:\Users\Kai\AppData\Local\Rockstar Games

2013-07-18 15:40 - 2013-05-22 09:30 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-07-18 15:40 - 2013-05-22 09:30 - 00003848 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-07-18 15:07 - 2013-05-22 09:52 - 00001351 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-07-18 15:04 - 2013-05-22 09:37 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-07-18 15:04 - 2013-05-22 09:37 - 00000000 ____D C:\ProgramData\Skype
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-08 14:14
 

==================== End Of Log ============================

--- --- ---

Du musst AdwCleaner schon löschen lassen :)

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Hallo,

Ich habe nun wieder alle Schritte befolgt, jedoch möchte ich anmerken, das mein Computer sehr langsam geworden ist, seitdem ich diese Bekämpfung durchführe. Liegt das an den vielen Bekämpfungsprogrammen die im Hintergrund laufen?`
Ob die Probleme noch vorhanden sind lässt sich erst die Tage beweisen.

Hier die alte AdwCleaner Logfile mit gelöschten Daten:

AdwCleaner Logfile:

Code:

# AdwCleaner v2.306 - Datei am 15/08/2013 um 11:19:56 erstellt

# Aktualisiert am 19/07/2013 von Xplode

# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)

# Benutzer : Kai - KAI-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Kai\Desktop\AdwCleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 

Gestoppt & Gelöscht : APNMCP
 

***** [Dateien / Ordner] *****
 

Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork

Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork

Ordner Gelöscht : C:\Users\Kai\AppData\Local\AskPartnerNetwork

Ordner Gelöscht : C:\Users\Kai\AppData\Local\Temp\APN
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v10.0.9200.16635
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Google Chrome v28.0.1500.95
 

Datei : C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[R4].txt - [1499 octets] - [14/08/2013 20:49:58]

AdwCleaner[R5].txt - [1506 octets] - [15/08/2013 11:18:15]

AdwCleaner[R6].txt - [1566 octets] - [15/08/2013 11:19:34]

AdwCleaner[S3].txt - [1510 octets] - [15/08/2013 11:19:56]
 

########## EOF - C:\AdwCleaner[S3].txt - [1570 octets] ##########

--- --- ---

Eset Smartinstaller:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=62b429891223f64b85f2d07f927f68da

# engine=14779

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-08-15 09:19:06

# local_time=2013-08-15 11:19:06 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=1799 16775165 100 94 176 493491 0 0

# compatibility_mode=5893 16776574 100 94 2929209 128188196 0 0

# compatibility_mode=8217 16776701 100 87 504557 126571298 0 0

# scanned=1

# found=0

# cleaned=0

# scan_time=0

# nod_component=V3 Build:0x30000000

SecurityCheck:

Code:

 Results of screen317's Security Check version 0.99.72  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 10  
 ``````````````Antivirus/Firewall Check:`````````````` 

ESET NOD32 Antivirus 6.0   

Emsisoft Anti-Malware      

Avira Desktop              

 Antivirus up to date!  (On Access scanning disabled!) 
 `````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware Version 1.75.0.1300  

 Java 7 Update 25  

 Adobe Flash Player 11.7.700.224  

 Adobe Reader XI  

 Google Chrome 28.0.1500.95  
 ````````Process Check: objlist.exe by Laurent````````  

 ESET NOD32 Antivirus egui.exe  

 ESET NOD32 Antivirus ekrn.exe  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Avira Antivir avgnt.exe 

 Avira Antivir avguard.exe 

 Emsisoft Anti-Malware a2service.exe   

 Malwarebytes' Anti-Malware mbamscheduler.exe   
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  
 ````````````````````End of Log``````````````````````

Neue FRST:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013 01

Ran by Kai (administrator) on 15-08-2013 11:40:03

Running from C:\Users\Kai\Desktop

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)

HKCU\...\Run: [GameTracker] - C:\Program Files (x86)\GameTracker\GTLite.exe [4019992 2013-03-08] (ClanServers Hosting LLC)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [2928040 2013-07-02] (Emsisoft GmbH)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-09] (Avira Operations GmbH & Co. KG)

AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)

BootExecute: autocheck autochk * sdnclean64.exe
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK

BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

BHO-x32: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)

Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File

Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Extension: (Google Docs) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Gmail) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 

==================== Services (Whitelisted) =================
 

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-09] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-09] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-09] (Avira Operations GmbH & Co. KG)

S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137096 2013-02-06] ()

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
 

==================== Drivers (Whitelisted) ====================
 

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)

R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)

R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)

R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [44688 2012-04-30] (Emsisoft GmbH)

R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [44688 2012-04-30] (Emsisoft GmbH)

R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)

R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)

R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)

R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-08-09] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-08-09] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-09] (Avira Operations GmbH & Co. KG)

R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-02] (Emsisoft GmbH)

R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-02] (Emsisoft GmbH)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-07-25] (DT Soft Ltd)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)

R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)

R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)

R3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2013-05-22] (FNet Co., Ltd.)

R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-05-22] (FNet Co., Ltd.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-15 11:36 - 2013-08-15 11:36 - 00891115 _____ C:\Users\Kai\Desktop\SecurityCheck.exe

2013-08-15 11:19 - 2013-08-15 11:20 - 00001639 _____ C:\AdwCleaner[S3].txt

2013-08-15 11:19 - 2013-08-15 11:19 - 00001566 _____ C:\AdwCleaner[R6].txt

2013-08-15 11:18 - 2013-08-15 11:18 - 00001506 _____ C:\AdwCleaner[R5].txt

2013-08-15 11:17 - 2013-08-15 11:17 - 00000000 ____D C:\Program Files (x86)\ESET

2013-08-15 11:15 - 2013-08-15 11:19 - 00000000 ____D C:\Windows\system32\MRT

2013-08-15 11:13 - 2013-08-15 11:13 - 02347384 _____ (ESET) C:\Users\Kai\Downloads\esetsmartinstaller_enu.exe

2013-08-15 11:13 - 2013-08-15 11:13 - 02347384 _____ (ESET) C:\Users\Kai\Desktop\esetsmartinstaller_enu.exe

2013-08-14 21:08 - 2013-08-14 21:08 - 01575570 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe

2013-08-14 20:55 - 2013-08-14 21:10 - 00000000 ____D C:\Users\Kai\Desktop\Neue Logfiles. 14.08

2013-08-14 20:55 - 2013-08-14 20:55 - 00000000 ____D C:\Users\Kai\Desktop\Alte Logfiles. 09.08-10.08

2013-08-14 20:54 - 2013-08-14 20:54 - 00000000 ____D C:\Windows\ERUNT

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Downloads\JRT.exe

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe

2013-08-14 20:49 - 2013-08-14 20:50 - 00001499 _____ C:\AdwCleaner[R4].txt

2013-08-10 12:11 - 2013-08-10 12:11 - 00034996 _____ C:\ComboFix.txt

2013-08-10 11:57 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2013-08-10 11:57 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2013-08-10 11:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2013-08-10 11:57 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2013-08-10 11:54 - 2013-08-10 12:11 - 00000000 ____D C:\Qoobox

2013-08-10 11:53 - 2013-08-10 12:09 - 00000000 ____D C:\Windows\erdnt

2013-08-10 11:53 - 2013-08-10 11:52 - 05102523 ____R (Swearware) C:\Users\Kai\Desktop\ComboFix.exe

2013-08-10 11:51 - 2013-08-10 11:52 - 05102523 _____ (Swearware) C:\Users\Kai\Downloads\ComboFix.exe

2013-08-09 18:18 - 2013-08-09 18:18 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Mozilla

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Avira

2013-08-09 18:17 - 2013-08-09 18:17 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-08-09 18:16 - 2013-08-09 18:17 - 00000000 ____D C:\ProgramData\Avira

2013-08-09 18:16 - 2013-08-09 18:16 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-09 18:10 - 2013-08-10 12:03 - 00084294 _____ C:\Users\Kai\Desktop\Neues Textdokument.txt

2013-08-09 16:11 - 2013-08-09 16:11 - 00000000 ____D C:\Users\Kai\AppData\Local\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\ProgramData\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\Program Files\ESET

2013-08-09 15:06 - 2013-08-09 15:06 - 00001095 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk

2013-08-09 15:05 - 2013-08-15 11:31 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware

2013-08-09 15:05 - 2013-08-09 15:05 - 00000000 ____D C:\Users\Kai\Documents\Anti-Malware

2013-08-09 15:04 - 2013-08-09 15:05 - 01415824 _____ (ESET) C:\Users\Kai\Downloads\eset_nod32_antivirus_live_installer.exe

2013-08-09 15:03 - 2013-08-09 15:05 - 187509536 _____ (Emsisoft GmbH                                               ) C:\Users\Kai\Downloads\EmsisoftAntiMalwareSetup.exe

2013-08-09 15:02 - 2013-08-09 15:02 - 02092792 _____ C:\Users\Kai\Downloads\avira_free_antivirus.exe

2013-08-09 14:30 - 2013-08-09 14:30 - 00000000 ____D C:\FRST

2013-08-09 14:28 - 2013-08-09 14:28 - 00000000 _____ C:\Users\Kai\defogger_reenable

2013-08-09 14:27 - 2013-08-09 14:27 - 00377856 _____ C:\Users\Kai\Downloads\gmer_2.1.19163.exe

2013-08-09 14:26 - 2013-08-14 21:08 - 01575570 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe

2013-08-09 14:26 - 2013-08-09 14:25 - 00050477 _____ C:\Users\Kai\Desktop\Defogger.exe

2013-08-09 14:25 - 2013-08-09 14:25 - 00050477 _____ C:\Users\Kai\Downloads\Defogger.exe

2013-08-07 20:49 - 2013-08-07 20:50 - 1138838405 _____ C:\Users\Kai\Downloads\Elysium2.rar

2013-08-07 18:50 - 2013-08-07 19:05 - 1425489052 _____ C:\Users\Kai\Downloads\CryENGINE_PC_v3_4_5_6666_freesdk.zip

2013-08-07 10:41 - 2013-08-07 10:41 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-08-07 10:38 - 2013-08-07 10:46 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-07 10:38 - 2013-08-07 10:38 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-04 20:08 - 2013-08-15 11:31 - 00000000 ____D C:\Users\Kai\AppData\Roaming\GameTracker

2013-08-04 20:08 - 2013-08-04 20:08 - 00001020 _____ C:\Users\Kai\Desktop\GameTracker Lite.lnk

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Program Files (x86)\GameTracker

2013-08-04 19:21 - 2013-08-04 19:21 - 00000000 ____D C:\NvidiaLogging

2013-08-04 19:19 - 2013-05-14 21:28 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-08-04 19:19 - 2013-05-14 21:27 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2013-08-04 19:19 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-07-29 16:07 - 2013-08-15 11:31 - 00000000 ____D C:\Users\Kai\AppData\Local\HTC MediaHub

2013-07-29 16:07 - 2013-07-29 16:07 - 00002031 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk

2013-07-29 16:07 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC Sync

2013-07-29 16:03 - 2013-07-29 16:03 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp

2013-07-29 15:22 - 2013-07-29 15:23 - 00000000 ____D C:\Users\Kai\Desktop\David Guetta - Nothing But The Beat

2013-07-28 23:09 - 2013-07-28 23:09 - 00003302 _____ C:\Windows\System32\Tasks\{E9E56819-4421-4B16-A380-71F0D5C648A5}

2013-07-28 22:54 - 2013-07-28 22:54 - 00000219 _____ C:\Users\Kai\Desktop\Alien Swarm.url

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-07-28 21:13 - 2013-07-28 21:13 - 00000219 _____ C:\Users\Kai\Desktop\Team Fortress 2.url

2013-07-28 19:35 - 2013-07-28 19:35 - 00000222 _____ C:\Users\Kai\Desktop\Call of Duty Black Ops II - Zombies.url

2013-07-28 18:22 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC

2013-07-28 18:21 - 2013-07-28 18:22 - 00000000 ____D C:\Users\Kai\Documents\HTC

2013-07-28 18:21 - 2013-07-28 18:21 - 00000000 ____D C:\ProgramData\Motorola

2013-07-28 18:20 - 2013-07-28 18:20 - 00000000 ____D C:\Program Files (x86)\Spirent Communications

2013-07-28 18:17 - 2013-07-29 16:07 - 00000000 ____D C:\ProgramData\HTC

2013-07-28 18:17 - 2013-07-29 16:07 - 00000000 ____D C:\Program Files (x86)\HTC

2013-07-28 18:17 - 2009-11-02 12:16 - 00033736 _____ (HTC, Corporation) C:\Windows\system32\Drivers\ANDROIDUSB.sys

2013-07-28 18:17 - 2009-06-09 15:41 - 01122664 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll

2013-07-27 20:13 - 2013-07-27 20:13 - 00287600 _____ C:\Windows\msxml4-KB954430-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00283814 _____ C:\Windows\msxml4-KB973688-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0

2013-07-26 19:22 - 2013-07-26 19:22 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero_AG

2013-07-26 19:21 - 2013-07-26 19:22 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero

2013-07-26 11:48 - 2013-07-26 11:49 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Nero

2013-07-26 11:47 - 2013-07-26 11:47 - 00002797 _____ C:\Users\Public\Desktop\Nero Video 12.lnk

2013-07-26 11:45 - 2013-07-26 11:48 - 00000000 ____D C:\ProgramData\Nero

2013-07-26 11:45 - 2013-07-26 11:48 - 00000000 ____D C:\Program Files (x86)\Nero

2013-07-26 11:27 - 2011-10-24 21:26 - 00001524 _____ C:\Users\Kai\Desktop\BabyDevelop.lnk

2013-07-25 21:29 - 2013-07-25 21:30 - 00000000 ____D C:\Program Files\TrueCrypt

2013-07-25 21:29 - 2013-07-25 21:29 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys

2013-07-25 21:29 - 2013-07-25 21:29 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk

2013-07-25 21:26 - 2013-07-25 21:26 - 00000000 ____D C:\Users\Kai\AppData\Local\LogicCircuit

2013-07-25 21:25 - 2013-07-25 21:25 - 00001506 _____ C:\Users\Kai\Desktop\LogicCircuit - Verknüpfung.lnk

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logic Circuit

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Program Files (x86)\LogicCircuit

2013-07-25 21:12 - 2013-07-25 21:12 - 00000000 ____D C:\opt

2013-07-25 14:49 - 2013-07-25 14:49 - 00002056 _____ C:\Users\Public\Desktop\Rage.lnk

2013-07-25 14:32 - 2013-07-25 14:32 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks

2013-07-25 14:31 - 2013-07-25 14:31 - 00001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk

2013-07-25 14:30 - 2013-07-25 14:32 - 00000000 ____D C:\Users\Kai\AppData\Roaming\DAEMON Tools Lite

2013-07-25 14:30 - 2013-07-25 14:32 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

2013-07-25 14:30 - 2013-07-25 14:30 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys

2013-07-25 14:30 - 2013-07-25 14:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite

2013-07-25 14:14 - 2013-07-25 14:14 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-07-25 11:56 - 2013-08-15 11:30 - 00014443 _____ C:\Windows\setupact.log

2013-07-25 11:56 - 2013-07-25 11:56 - 00000000 _____ C:\Windows\setuperr.log

2013-07-25 09:54 - 2013-07-25 09:54 - 00000000 ____D C:\Windows\pss

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\Users\Kai\AppData\Roaming\PDAppFlex

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-07-24 13:23 - 2013-07-24 13:23 - 00000000 ____D C:\Program Files\Adobe

2013-07-24 13:16 - 2013-07-24 13:23 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-07-24 12:54 - 2013-07-24 12:54 - 00003494 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Kai-PC-Kai

2013-07-24 12:53 - 2013-07-24 12:53 - 00001074 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2013-07-24 12:21 - 2013-07-24 12:21 - 00000546 _____ C:\Users\Kai\Desktop\Emsisoft Emergency Kit.lnk

2013-07-24 12:21 - 2013-07-24 12:21 - 00000000 ____D C:\EEK

2013-07-23 17:11 - 2013-07-23 17:11 - 00000219 _____ C:\Users\Kai\Desktop\Counter-Strike Global Offensive.url

2013-07-22 19:27 - 2013-07-22 19:40 - 00000000 ____D C:\Users\Kai\AppData\Roaming\TrueCrypt

2013-07-22 19:08 - 2013-07-22 19:07 - 00666633 _____ C:\Users\Kai\Desktop\AdwCleaner.exe

2013-07-22 15:37 - 2013-07-22 15:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-22 15:37 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-07-21 20:30 - 2013-07-21 20:30 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Snz

2013-07-18 19:15 - 2013-07-18 19:15 - 00000000 ____D C:\Users\Kai\Documents\Games for Windows - LIVE Demos

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Windows\SysWOW64\xlive

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2013-07-18 19:07 - 2013-07-18 19:07 - 00000000 ____D C:\Users\Kai\Documents\Rockstar Games

2013-07-18 18:48 - 2013-07-18 18:48 - 00000000 __SHD C:\ProgramData\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 __RHD C:\Users\Kai\AppData\Roaming\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 ____D C:\Users\Kai\AppData\Local\Rockstar Games
 

==================== One Month Modified Files and Folders =======
 

2013-08-15 11:37 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-15 11:37 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-15 11:36 - 2013-08-15 11:36 - 00891115 _____ C:\Users\Kai\Downloads\SecurityCheck.exe

2013-08-15 11:36 - 2013-08-15 11:36 - 00891115 _____ C:\Users\Kai\Desktop\SecurityCheck.exe

2013-08-15 11:33 - 2013-05-22 09:47 - 00696620 _____ C:\Windows\system32\perfh007.dat

2013-08-15 11:33 - 2013-05-22 09:47 - 00147916 _____ C:\Windows\system32\perfc007.dat

2013-08-15 11:33 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-15 11:32 - 2013-05-21 23:51 - 01591437 _____ C:\Windows\WindowsUpdate.log

2013-08-15 11:31 - 2013-08-09 15:05 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware

2013-08-15 11:31 - 2013-08-04 20:08 - 00000000 ____D C:\Users\Kai\AppData\Roaming\GameTracker

2013-08-15 11:31 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Local\HTC MediaHub

2013-08-15 11:31 - 2013-05-22 09:30 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-15 11:30 - 2013-07-25 11:56 - 00014443 _____ C:\Windows\setupact.log

2013-08-15 11:29 - 2013-05-22 09:40 - 00000000 ____D C:\ProgramData\NVIDIA

2013-08-15 11:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-15 11:20 - 2013-08-15 11:19 - 00001639 _____ C:\AdwCleaner[S3].txt

2013-08-15 11:19 - 2013-08-15 11:19 - 00001566 _____ C:\AdwCleaner[R6].txt

2013-08-15 11:19 - 2013-08-15 11:15 - 00000000 ____D C:\Windows\system32\MRT

2013-08-15 11:18 - 2013-08-15 11:18 - 00001506 _____ C:\AdwCleaner[R5].txt

2013-08-15 11:17 - 2013-08-15 11:17 - 00000000 ____D C:\Program Files (x86)\ESET

2013-08-15 11:15 - 2013-05-22 17:56 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-08-15 11:13 - 2013-08-15 11:13 - 02347384 _____ (ESET) C:\Users\Kai\Downloads\esetsmartinstaller_enu.exe

2013-08-15 11:13 - 2013-08-15 11:13 - 02347384 _____ (ESET) C:\Users\Kai\Desktop\esetsmartinstaller_enu.exe

2013-08-14 23:08 - 2013-05-22 15:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-14 22:45 - 2013-05-22 09:30 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-14 21:10 - 2013-08-14 20:55 - 00000000 ____D C:\Users\Kai\Desktop\Neue Logfiles. 14.08

2013-08-14 21:08 - 2013-08-14 21:08 - 01575570 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe

2013-08-14 21:08 - 2013-08-09 14:26 - 01575570 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe

2013-08-14 20:55 - 2013-08-14 20:55 - 00000000 ____D C:\Users\Kai\Desktop\Alte Logfiles. 09.08-10.08

2013-08-14 20:54 - 2013-08-14 20:54 - 00000000 ____D C:\Windows\ERUNT

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Downloads\JRT.exe

2013-08-14 20:52 - 2013-08-14 20:52 - 01158897 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe

2013-08-14 20:50 - 2013-08-14 20:49 - 00001499 _____ C:\AdwCleaner[R4].txt

2013-08-14 20:46 - 2013-05-22 18:31 - 00000000 ____D C:\Users\Kai\AppData\Local\Adobe

2013-08-14 20:35 - 2010-11-21 05:47 - 00260234 _____ C:\Windows\PFRO.log

2013-08-10 13:50 - 2013-05-22 09:58 - 00000000 ____D C:\Program Files (x86)\Steam

2013-08-10 12:11 - 2013-08-10 12:11 - 00034996 _____ C:\ComboFix.txt

2013-08-10 12:11 - 2013-08-10 11:54 - 00000000 ____D C:\Qoobox

2013-08-10 12:11 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default

2013-08-10 12:09 - 2013-08-10 11:53 - 00000000 ____D C:\Windows\erdnt

2013-08-10 12:09 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini

2013-08-10 12:03 - 2013-08-09 18:10 - 00084294 _____ C:\Users\Kai\Desktop\Neues Textdokument.txt

2013-08-10 11:52 - 2013-08-10 11:53 - 05102523 ____R (Swearware) C:\Users\Kai\Desktop\ComboFix.exe

2013-08-10 11:52 - 2013-08-10 11:51 - 05102523 _____ (Swearware) C:\Users\Kai\Downloads\ComboFix.exe

2013-08-09 20:38 - 2013-05-22 11:28 - 00000000 ____D C:\Program Files (x86)\JDownloader

2013-08-09 18:18 - 2013-08-09 18:18 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Mozilla

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Avira

2013-08-09 18:17 - 2013-08-09 18:17 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-08-09 18:17 - 2013-08-09 18:16 - 00000000 ____D C:\ProgramData\Avira

2013-08-09 18:16 - 2013-08-09 18:16 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-09 18:16 - 2013-08-09 18:16 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-09 16:11 - 2013-08-09 16:11 - 00000000 ____D C:\Users\Kai\AppData\Local\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\ProgramData\ESET

2013-08-09 15:09 - 2013-08-09 15:09 - 00000000 ____D C:\Program Files\ESET

2013-08-09 15:06 - 2013-08-09 15:06 - 00001095 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk

2013-08-09 15:05 - 2013-08-09 15:05 - 00000000 ____D C:\Users\Kai\Documents\Anti-Malware

2013-08-09 15:05 - 2013-08-09 15:04 - 01415824 _____ (ESET) C:\Users\Kai\Downloads\eset_nod32_antivirus_live_installer.exe

2013-08-09 15:05 - 2013-08-09 15:03 - 187509536 _____ (Emsisoft GmbH                                               ) C:\Users\Kai\Downloads\EmsisoftAntiMalwareSetup.exe

2013-08-09 15:02 - 2013-08-09 15:02 - 02092792 _____ C:\Users\Kai\Downloads\avira_free_antivirus.exe

2013-08-09 14:30 - 2013-08-09 14:30 - 00000000 ____D C:\FRST

2013-08-09 14:28 - 2013-08-09 14:28 - 00000000 _____ C:\Users\Kai\defogger_reenable

2013-08-09 14:28 - 2013-05-21 23:55 - 00000000 ____D C:\Users\Kai

2013-08-09 14:27 - 2013-08-09 14:27 - 00377856 _____ C:\Users\Kai\Downloads\gmer_2.1.19163.exe

2013-08-09 14:25 - 2013-08-09 14:26 - 00050477 _____ C:\Users\Kai\Desktop\Defogger.exe

2013-08-09 14:25 - 2013-08-09 14:25 - 00050477 _____ C:\Users\Kai\Downloads\Defogger.exe

2013-08-07 23:37 - 2013-05-22 09:37 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Skype

2013-08-07 23:23 - 2013-05-22 09:47 - 00000000 ____D C:\Users\Kai\AppData\Local\PMB Files

2013-08-07 23:23 - 2013-05-22 09:47 - 00000000 ____D C:\ProgramData\PMB Files

2013-08-07 20:50 - 2013-08-07 20:49 - 1138838405 _____ C:\Users\Kai\Downloads\Elysium2.rar

2013-08-07 19:36 - 2013-05-22 19:45 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\CrashDumps

2013-08-07 19:05 - 2013-08-07 18:50 - 1425489052 _____ C:\Users\Kai\Downloads\CryENGINE_PC_v3_4_5_6666_freesdk.zip

2013-08-07 10:47 - 2013-07-08 21:16 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Common

2013-08-07 10:46 - 2013-08-07 10:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-07 10:41 - 2013-08-07 10:41 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-08-07 10:41 - 2013-05-22 11:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-08-07 10:38 - 2013-08-07 10:38 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-04 20:08 - 2013-08-04 20:08 - 00001020 _____ C:\Users\Kai\Desktop\GameTracker Lite.lnk

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite

2013-08-04 20:08 - 2013-08-04 20:08 - 00000000 ____D C:\Program Files (x86)\GameTracker

2013-08-04 19:21 - 2013-08-04 19:21 - 00000000 ____D C:\NvidiaLogging

2013-08-04 19:20 - 2013-05-22 09:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-08-04 19:20 - 2013-05-22 09:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-07-30 23:33 - 2013-05-23 15:01 - 00000000 ____D C:\Users\Kai\AppData\Roaming\vlc

2013-07-29 18:44 - 2009-07-14 06:45 - 04990416 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-29 16:07 - 2013-07-29 16:07 - 00002031 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk

2013-07-29 16:07 - 2013-07-29 16:07 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC Sync

2013-07-29 16:07 - 2013-07-28 18:22 - 00000000 ____D C:\Users\Kai\AppData\Roaming\HTC

2013-07-29 16:07 - 2013-07-28 18:17 - 00000000 ____D C:\ProgramData\HTC

2013-07-29 16:07 - 2013-07-28 18:17 - 00000000 ____D C:\Program Files (x86)\HTC

2013-07-29 16:07 - 2013-05-22 13:21 - 00000000 ____D C:\Users\Kai\AppData\Local\Downloaded Installations

2013-07-29 16:07 - 2013-05-22 09:30 - 00064792 _____ C:\Users\Kai\AppData\Local\GDIPFONTCACHEV1.DAT

2013-07-29 16:03 - 2013-07-29 16:03 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp

2013-07-29 15:23 - 2013-07-29 15:22 - 00000000 ____D C:\Users\Kai\Desktop\David Guetta - Nothing But The Beat

2013-07-28 23:09 - 2013-07-28 23:09 - 00003302 _____ C:\Windows\System32\Tasks\{E9E56819-4421-4B16-A380-71F0D5C648A5}

2013-07-28 22:54 - 2013-07-28 22:54 - 00000219 _____ C:\Users\Kai\Desktop\Alien Swarm.url

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-28 21:40 - 2013-07-28 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-07-28 21:13 - 2013-07-28 21:13 - 00000219 _____ C:\Users\Kai\Desktop\Team Fortress 2.url

2013-07-28 19:35 - 2013-07-28 19:35 - 00000222 _____ C:\Users\Kai\Desktop\Call of Duty Black Ops II - Zombies.url

2013-07-28 18:22 - 2013-07-28 18:21 - 00000000 ____D C:\Users\Kai\Documents\HTC

2013-07-28 18:21 - 2013-07-28 18:21 - 00000000 ____D C:\ProgramData\Motorola

2013-07-28 18:21 - 2013-05-23 13:29 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Apple Computer

2013-07-28 18:21 - 2013-05-23 13:29 - 00000000 ____D C:\Users\Kai\AppData\Local\Apple Computer

2013-07-28 18:20 - 2013-07-28 18:20 - 00000000 ____D C:\Program Files (x86)\Spirent Communications

2013-07-28 18:20 - 2013-05-22 09:24 - 00035414 _____ C:\Windows\DPINST.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00287600 _____ C:\Windows\msxml4-KB954430-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00283814 _____ C:\Windows\msxml4-KB973688-enu.LOG

2013-07-27 20:13 - 2013-07-27 20:13 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0

2013-07-26 19:22 - 2013-07-26 19:22 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero_AG

2013-07-26 19:22 - 2013-07-26 19:21 - 00000000 ____D C:\Users\Kai\AppData\Local\Nero

2013-07-26 11:50 - 2013-05-22 09:27 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Adobe

2013-07-26 11:49 - 2013-07-26 11:48 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Nero

2013-07-26 11:48 - 2013-07-26 11:45 - 00000000 ____D C:\ProgramData\Nero

2013-07-26 11:48 - 2013-07-26 11:45 - 00000000 ____D C:\Program Files (x86)\Nero

2013-07-26 11:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors

2013-07-26 11:47 - 2013-07-26 11:47 - 00002797 _____ C:\Users\Public\Desktop\Nero Video 12.lnk

2013-07-25 21:30 - 2013-07-25 21:29 - 00000000 ____D C:\Program Files\TrueCrypt

2013-07-25 21:29 - 2013-07-25 21:29 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys

2013-07-25 21:29 - 2013-07-25 21:29 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk

2013-07-25 21:26 - 2013-07-25 21:26 - 00000000 ____D C:\Users\Kai\AppData\Local\LogicCircuit

2013-07-25 21:25 - 2013-07-25 21:25 - 00001506 _____ C:\Users\Kai\Desktop\LogicCircuit - Verknüpfung.lnk

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logic Circuit

2013-07-25 21:24 - 2013-07-25 21:24 - 00000000 ____D C:\Program Files (x86)\LogicCircuit

2013-07-25 21:12 - 2013-07-25 21:12 - 00000000 ____D C:\opt

2013-07-25 19:13 - 2013-06-23 19:24 - 00000000 ____D C:\Users\Kai\Desktop\Gfs Religion Sterbehilfe

2013-07-25 16:51 - 2013-07-07 17:03 - 00008788 _____ C:\Users\Kai\Desktop\SharePod.log

2013-07-25 14:49 - 2013-07-25 14:49 - 00002056 _____ C:\Users\Public\Desktop\Rage.lnk

2013-07-25 14:32 - 2013-07-25 14:32 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks

2013-07-25 14:32 - 2013-07-25 14:30 - 00000000 ____D C:\Users\Kai\AppData\Roaming\DAEMON Tools Lite

2013-07-25 14:32 - 2013-07-25 14:30 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

2013-07-25 14:31 - 2013-07-25 14:31 - 00001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk

2013-07-25 14:30 - 2013-07-25 14:30 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys

2013-07-25 14:30 - 2013-07-25 14:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite

2013-07-25 14:14 - 2013-07-25 14:14 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-07-25 11:56 - 2013-07-25 11:56 - 00000000 _____ C:\Windows\setuperr.log

2013-07-25 09:54 - 2013-07-25 09:54 - 00000000 ____D C:\Windows\pss

2013-07-25 09:54 - 2013-05-21 23:55 - 00000000 ___RD C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-07-24 14:53 - 2013-05-30 12:38 - 00001708 _____ C:\Users\Kai\Desktop\Photoshop - Verknüpfung.lnk

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\Users\Kai\AppData\Roaming\PDAppFlex

2013-07-24 14:41 - 2013-07-24 14:41 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-07-24 13:23 - 2013-07-24 13:23 - 00000000 ____D C:\Program Files\Adobe

2013-07-24 13:23 - 2013-07-24 13:16 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-07-24 13:18 - 2013-05-22 09:27 - 00000000 ____D C:\Program Files (x86)\Adobe

2013-07-24 13:16 - 2013-05-22 09:27 - 00000000 ____D C:\ProgramData\Adobe

2013-07-24 12:54 - 2013-07-24 12:54 - 00003494 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Kai-PC-Kai

2013-07-24 12:53 - 2013-07-24 12:53 - 00001074 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2013-07-24 12:35 - 2013-05-22 10:30 - 00000000 ____D C:\Users\Kai\AppData\Local\CrashDumps

2013-07-24 12:21 - 2013-07-24 12:21 - 00000546 _____ C:\Users\Kai\Desktop\Emsisoft Emergency Kit.lnk

2013-07-24 12:21 - 2013-07-24 12:21 - 00000000 ____D C:\EEK

2013-07-24 12:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

2013-07-23 17:47 - 2013-05-22 14:39 - 00062244 _____ C:\Windows\DirectX.log

2013-07-23 17:11 - 2013-07-23 17:11 - 00000219 _____ C:\Users\Kai\Desktop\Counter-Strike Global Offensive.url

2013-07-23 16:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

2013-07-22 19:40 - 2013-07-22 19:27 - 00000000 ____D C:\Users\Kai\AppData\Roaming\TrueCrypt

2013-07-22 19:07 - 2013-07-22 19:08 - 00666633 _____ C:\Users\Kai\Desktop\AdwCleaner.exe

2013-07-22 15:37 - 2013-07-22 15:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-22 15:37 - 2013-07-22 15:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-21 20:30 - 2013-07-21 20:30 - 00000000 ____D C:\Users\Kai\AppData\Roaming\Snz

2013-07-18 19:15 - 2013-07-18 19:15 - 00000000 ____D C:\Users\Kai\Documents\Games for Windows - LIVE Demos

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Windows\SysWOW64\xlive

2013-07-18 19:14 - 2013-07-18 19:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2013-07-18 19:07 - 2013-07-18 19:07 - 00000000 ____D C:\Users\Kai\Documents\Rockstar Games

2013-07-18 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-07-18 18:48 - 2013-07-18 18:48 - 00000000 __SHD C:\ProgramData\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 __RHD C:\Users\Kai\AppData\Roaming\SecuROM

2013-07-18 18:45 - 2013-07-18 18:45 - 00000000 ____D C:\Users\Kai\AppData\Local\Rockstar Games

2013-07-18 15:40 - 2013-05-22 09:30 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-07-18 15:40 - 2013-05-22 09:30 - 00003848 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-07-18 15:07 - 2013-05-22 09:52 - 00001351 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-07-18 15:04 - 2013-05-22 09:37 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-07-18 15:04 - 2013-05-22 09:37 - 00000000 ____D C:\ProgramData\Skype
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-08 14:14
 

==================== End Of Log ============================

--- --- ---

____________________

Gruß Kai

Lesestoff:
Warum wir Avira nicht mehr empfehlen
Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird von uns auf diesem Board als "schädlich" eingestuft. Mehr Informationen.

Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen.

Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Teste und berichte :)

Hab den TFC laufen gelassen und er hatte auch einiges gefunden :D
Zudem hab ich mal paar Programme die überflüssig waren aus dem Autostart entfernt und bis jetzt läuft alles wie es soll.
Wegen den Emails heißt es abwarten.

Ich danke aber trotzdem schnonmal für die schnelle und präzise Hilfe. Klasse Board. Ich bin auch am überlegen ob ich mich, sobald wieder möglich, mich hier bewerbe!
Saubere Arbeit!
Lob werde ich bei Zeit auch noch in die richtige Kategorie schreiben :)

Gruß Kai

Auf alle Fälle Passwort vom Mailaccount ändern.

Fertig :)

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Ich werde jetzt nochmal deinen vielen Tips nachgehen in Ruhe..
Desweiteren habe ich keine Fragen. Vielen Dank nochmals!