| Humpestos | 19.08.2013 10:16 |
Logs nach Beheben des QVO6
Hi,
habe mir den QVO6 Virus eingefangen aber ADWCleaner, MBAM, ESET und Junk drüberlaufen lassen. Sind die Logs sauber?
FRST: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-08-2013 01
Ran by Deskrates (administrator) on 19-08-2013 11:01:39
Running from C:\Users\Deskrates\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Valve Corporation) E:\Steam\Steam.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
(CyberLink Corp.) E:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
(Spotify Ltd) C:\Users\Deskrates\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Deskrates\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKCU\...\Run: [Steam] - E:\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Deskrates\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\Deskrates\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [PC_GIZMOS] - "C:\Users\Deskrates\AppData\Roaming\PC-Gizmos\PC_170333.en_78.exe" --update [x]
MountPoints2: {32a849da-e7a8-11e2-bfdf-6c626dec0912} - "G:\LGAutoRun.exe"
MountPoints2: {32a84bf3-e7a8-11e2-bfdf-6c626dec0912} - "G:\LGAutoRun.exe"
MountPoints2: {51dca46d-a82d-11e2-bf19-6c626dec0912} - "H:\LGAutoRun.exe"
MountPoints2: {52f6c208-b18d-11e2-bf38-6c626dec0912} - "G:\LGAutoRun.exe"
MountPoints2: {52f6c29a-b18d-11e2-bf38-6c626dec0912} - "G:\LGAutoRun.exe"
MountPoints2: {5727647c-618f-11e2-be7d-6c626dec0912} - "G:\LGAutoRun.exe"
MountPoints2: {bd95065e-b0ce-11e2-bf35-6c626dec0912} - "G:\LGAutoRun.exe"
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2011-08-22] (Creative Technology Ltd)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl9] - e:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
==================== Internet (Whitelisted) ====================
ProxyServer: 203.115.81.196:80
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: 127.0.0.1 csmg.lgmobile.com
Tcpip\..\Interfaces\{B44C7FCC-9D2E-406F-A048-9FCC7FC587B9}: [NameServer]208.67.222.222 208.67.220.220
FireFox:
========
FF ProfilePath: C:\Users\Deskrates\AppData\Roaming\Mozilla\Firefox\Profiles\tg0y080s.default
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "87.250.52.230"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "87.250.52.230"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.250.52.230"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "87.250.52.230"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - E:\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF Extension: No Name - C:\Users\Deskrates\AppData\Roaming\Mozilla\Firefox\Profiles\tg0y080s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
S2 CLKMSVC10_173EB256; e:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-08-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\system32\DRIVERS\lgandnetdiag264.sys [29696 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-05-14] (Google Inc)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-02-27] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-02-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-18] ()
R3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-18] ()
R1 UimBus; C:\Windows\System32\drivers\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 Andbus; \SystemRoot\System32\drivers\lgandbus64.sys [x]
S3 AndDiag; \SystemRoot\system32\DRIVERS\lganddiag64.sys [x]
S3 AndGps; \SystemRoot\system32\DRIVERS\lgandgps64.sys [x]
S3 ANDModem; \SystemRoot\system32\DRIVERS\lgandmodem64.sys [x]
S3 andnetndis; \SystemRoot\system32\DRIVERS\lgandnetndis64.sys [x]
S3 cpuz136; \??\C:\Users\DESKRA~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
S3 usbbus; \SystemRoot\System32\drivers\lgx64bus.sys [x]
S3 UsbDiag; \SystemRoot\system32\DRIVERS\lgx64diag.sys [x]
S3 USBModem; \SystemRoot\system32\DRIVERS\lgx64modem.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-19 10:59 - 2013-08-19 10:59 - 00000000 _____ C:\Users\Deskrates\defogger_reenable
2013-08-18 20:44 - 2013-08-18 20:44 - 01575812 _____ (Farbar) C:\Users\Deskrates\Downloads\FRST64.exe
2013-08-18 20:41 - 2013-08-18 20:41 - 00008474 _____ C:\Users\Deskrates\Desktop\asdassdf.log
2013-08-18 18:58 - 2013-08-18 18:58 - 00001392 _____ C:\Users\Deskrates\Desktop\JRT.txt
2013-08-18 18:50 - 2013-08-18 18:55 - 00019032 _____ C:\Windows\PFRO.log
2013-08-18 18:49 - 2013-08-18 18:49 - 00013113 _____ C:\AdwCleaner[R7].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00012490 _____ C:\AdwCleaner[S3].txt
2013-08-18 18:44 - 2013-08-18 18:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 18:42 - 2013-08-19 10:47 - 00000926 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-18 18:42 - 2013-08-18 18:42 - 00003898 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-08-18 18:42 - 2013-08-18 18:42 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Google
2013-08-18 18:36 - 2013-08-18 18:36 - 72385460 _____ C:\Users\Deskrates\Desktop\log2.pcapng
2013-08-18 18:34 - 2013-08-19 02:59 - 00001386 _____ C:\Users\Deskrates\Desktop\Windows installieren.lnk
2013-08-18 17:54 - 2013-08-18 17:56 - 00000000 ____D C:\Windows\system32\MRT
2013-08-18 17:26 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 17:26 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 17:26 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-18 17:25 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-18 17:25 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-18 17:25 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-18 17:25 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-18 17:25 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-18 17:25 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-18 17:25 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-18 17:25 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-18 17:25 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-18 17:25 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-18 17:25 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-18 17:25 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-18 17:25 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 17:25 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 17:25 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 17:25 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-18 17:25 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-18 17:25 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 17:25 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 17:25 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-18 17:25 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-18 17:25 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-18 17:25 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-18 17:22 - 2013-08-18 17:22 - 00035324 _____ C:\Users\Deskrates\Desktop\FRST.txt
2013-08-12 00:02 - 2013-08-19 03:09 - 00617285 _____ C:\Windows\WindowsUpdate.log
2013-08-11 23:52 - 2013-08-11 23:52 - 00307904 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-10 21:35 - 2013-08-10 21:35 - 00001261 _____ C:\AdwCleaner[R6].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001203 _____ C:\AdwCleaner[S2].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001140 _____ C:\AdwCleaner[R5].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001080 _____ C:\AdwCleaner[R4].txt
2013-08-10 21:32 - 2013-08-10 21:33 - 00001019 _____ C:\AdwCleaner[R3].txt
2013-08-10 21:31 - 2013-08-10 21:31 - 00000960 _____ C:\AdwCleaner[R2].txt
2013-08-10 19:38 - 2013-08-10 19:38 - 00020394 _____ C:\Users\Deskrates\Desktop\FRST.rar
2013-08-10 19:37 - 2013-08-18 17:22 - 00023741 _____ C:\Users\Deskrates\Desktop\Addition.txt
2013-08-10 19:35 - 2013-08-10 19:35 - 01790633 _____ (Farbar) C:\Users\Deskrates\Desktop\FRST64.exe
2013-08-10 19:32 - 2013-08-10 19:32 - 00000000 ____D C:\Windows\ERUNT
2013-08-10 19:27 - 2013-08-10 19:27 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Malwarebytes
2013-08-10 19:26 - 2013-08-10 19:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-10 19:26 - 2013-08-10 19:26 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-10 19:26 - 2013-08-10 19:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-10 19:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-10 19:14 - 2013-08-10 19:14 - 00003867 _____ C:\AdwCleaner[S1].txt
2013-08-10 19:14 - 2013-08-10 19:14 - 00000000 ____D C:\Users\Deskrates\Desktop\Neuer Ordner (10)
2013-08-10 19:13 - 2013-08-10 19:13 - 00004491 _____ C:\AdwCleaner[R1].txt
2013-08-10 18:54 - 2013-08-10 18:54 - 00377856 _____ C:\Users\Deskrates\Downloads\gmer_2.1.19163.exe
2013-08-10 18:52 - 2013-08-10 18:52 - 00000000 ____D C:\FRST
2013-08-10 18:50 - 2013-08-10 18:50 - 00050477 _____ C:\Users\Deskrates\Downloads\Defogger.exe
2013-08-10 17:58 - 2013-08-18 18:43 - 00000157 _____ C:\Users\Deskrates\AppData\Roaming\uninstall.bat
2013-08-09 02:45 - 2013-08-09 02:45 - 00000000 ____D C:\Users\Deskrates\Desktop\Für Deutschland 0221 37050193
2013-08-09 02:25 - 2013-08-09 02:25 - 00000919 _____ C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2013-08-06 12:36 - 2013-08-06 12:36 - 00000022 _____ C:\Users\Deskrates\Desktop\asdas.txt
2013-08-05 00:45 - 2013-08-05 00:45 - 02434856 _____ C:\Windows\SysWOW64\pbsvc_bc2.exe
2013-08-02 12:17 - 2013-08-02 12:17 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-01 18:41 - 2013-08-01 18:42 - 00000074 _____ C:\Users\Deskrates\Desktop\asdasdadasd.txt
2013-07-30 20:09 - 2013-07-30 20:09 - 00000436 _____ C:\Users\Deskrates\Desktop\asdasd.txt
2013-07-26 16:32 - 2013-07-26 16:42 - 00000000 ____D C:\Users\Deskrates\Documents\ArcaniA - Gothic 4
2013-07-23 21:59 - 2013-07-23 21:59 - 00000008 _____ C:\Users\Deskrates\Desktop\Neues Textdokument (2).txt
2013-07-22 20:47 - 2013-07-22 20:47 - 00000943 _____ C:\Users\Public\Desktop\GTA IV San Andreas.lnk
2013-07-22 14:35 - 2013-07-22 15:25 - 00000000 ____D C:\Users\Deskrates\Documents\Gothic3ForsakenGods
2013-07-22 02:13 - 2013-07-22 02:13 - 00000000 ____D C:\Users\Deskrates\Desktop\Abschluß 07
2013-07-21 21:24 - 2013-08-19 01:24 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Spotify
2013-07-21 21:12 - 2013-07-21 21:12 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-20 11:51 - 2013-07-20 22:57 - 00000074 _____ C:\Users\Deskrates\Desktop\bc.txt
==================== One Month Modified Files and Folders =======
2013-08-19 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-19 10:59 - 2013-08-19 10:59 - 00000480 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-19 10:59 - 2013-08-19 10:59 - 00000000 _____ C:\Users\Deskrates\defogger_reenable
2013-08-19 10:59 - 2012-12-25 02:36 - 00000000 ____D C:\Users\Deskrates
2013-08-19 10:47 - 2013-08-18 18:42 - 00000926 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-19 10:47 - 2012-12-25 05:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-19 10:29 - 2012-12-25 02:42 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2375759766-3280221063-1239557780-1001
2013-08-19 10:25 - 2012-12-25 02:41 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Spotify
2013-08-19 10:25 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2013-08-19 10:25 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2013-08-19 10:25 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-19 10:19 - 2013-01-29 01:07 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-19 10:19 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-19 03:21 - 2013-03-07 22:07 - 00003026 _____ C:\Windows\System32\Tasks\EVGAPrecision
2013-08-19 03:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-19 03:09 - 2013-08-12 00:02 - 00617285 _____ C:\Windows\WindowsUpdate.log
2013-08-19 02:59 - 2013-08-18 18:34 - 00001386 _____ C:\Users\Deskrates\Desktop\Windows installieren.lnk
2013-08-19 02:59 - 2013-04-20 14:15 - 00001388 _____ C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Windows installieren.lnk
2013-08-19 02:47 - 2012-12-25 02:56 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Skype
2013-08-19 02:10 - 2013-01-26 02:30 - 00007588 _____ C:\Users\DESKRA~1\AppData\Local\Resmon.ResmonCfg
2013-08-19 01:49 - 2013-03-15 11:00 - 00000000 ____D C:\Windows\rescache
2013-08-19 01:24 - 2013-07-21 21:24 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Spotify
2013-08-19 00:48 - 2013-01-04 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 21:04 - 2013-07-09 16:09 - 00001246 _____ C:\Users\Deskrates\Desktop\cports.cfg
2013-08-18 20:44 - 2013-08-18 20:44 - 01575812 _____ (Farbar) C:\Users\Deskrates\Downloads\FRST64.exe
2013-08-18 20:41 - 2013-08-18 20:41 - 00008474 _____ C:\Users\Deskrates\Desktop\asdassdf.log
2013-08-18 18:58 - 2013-08-18 18:58 - 00001392 _____ C:\Users\Deskrates\Desktop\JRT.txt
2013-08-18 18:55 - 2013-08-18 18:50 - 00019032 _____ C:\Windows\PFRO.log
2013-08-18 18:49 - 2013-08-18 18:49 - 00013113 _____ C:\AdwCleaner[R7].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00012490 _____ C:\AdwCleaner[S3].txt
2013-08-18 18:49 - 2013-01-04 06:17 - 00001053 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-18 18:49 - 2012-12-25 02:36 - 00001003 _____ C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-18 18:49 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-18 18:49 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-18 18:44 - 2013-08-18 18:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 18:43 - 2013-08-10 17:58 - 00000157 _____ C:\Users\Deskrates\AppData\Roaming\uninstall.bat
2013-08-18 18:42 - 2013-08-18 18:42 - 00003898 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-08-18 18:42 - 2013-08-18 18:42 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Google
2013-08-18 18:36 - 2013-08-18 18:36 - 72385460 _____ C:\Users\Deskrates\Desktop\log2.pcapng
2013-08-18 17:56 - 2013-08-18 17:54 - 00000000 ____D C:\Windows\system32\MRT
2013-08-18 17:54 - 2012-12-26 05:52 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-18 17:26 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-18 17:22 - 2013-08-18 17:22 - 00035324 _____ C:\Users\Deskrates\Desktop\FRST.txt
2013-08-18 17:22 - 2013-08-10 19:37 - 00023741 _____ C:\Users\Deskrates\Desktop\Addition.txt
2013-08-11 23:52 - 2013-08-11 23:52 - 00307904 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-11 23:52 - 2012-12-25 07:20 - 03613696 ___SH C:\Users\Deskrates\Desktop\Thumbs.db
2013-08-11 15:46 - 2013-01-12 03:45 - 01616384 ___SH C:\Users\Deskrates\Downloads\Thumbs.db
2013-08-11 02:38 - 2013-02-24 00:20 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-11 02:38 - 2012-12-25 07:00 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-11 02:11 - 2012-12-25 02:48 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-10 21:35 - 2013-08-10 21:35 - 00001261 _____ C:\AdwCleaner[R6].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001203 _____ C:\AdwCleaner[S2].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001140 _____ C:\AdwCleaner[R5].txt
2013-08-10 21:33 - 2013-08-10 21:33 - 00001080 _____ C:\AdwCleaner[R4].txt
2013-08-10 21:33 - 2013-08-10 21:32 - 00001019 _____ C:\AdwCleaner[R3].txt
2013-08-10 21:31 - 2013-08-10 21:31 - 00000960 _____ C:\AdwCleaner[R2].txt
2013-08-10 20:25 - 2012-12-31 01:06 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\vlc
2013-08-10 19:38 - 2013-08-10 19:38 - 00020394 _____ C:\Users\Deskrates\Desktop\FRST.rar
2013-08-10 19:35 - 2013-08-10 19:35 - 01790633 _____ (Farbar) C:\Users\Deskrates\Desktop\FRST64.exe
2013-08-10 19:32 - 2013-08-10 19:32 - 00000000 ____D C:\Windows\ERUNT
2013-08-10 19:27 - 2013-08-10 19:27 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Malwarebytes
2013-08-10 19:27 - 2013-08-10 19:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-10 19:26 - 2013-08-10 19:26 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-10 19:26 - 2013-08-10 19:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-10 19:25 - 2012-12-25 02:53 - 00000000 ____D C:\Program Files (x86)\EVGA Precision X
2013-08-10 19:24 - 2013-03-08 20:33 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
2013-08-10 19:24 - 2012-12-25 02:53 - 00001092 _____ C:\Users\Deskrates\Desktop\EVGA Precision X.lnk
2013-08-10 19:14 - 2013-08-10 19:14 - 00003867 _____ C:\AdwCleaner[S1].txt
2013-08-10 19:14 - 2013-08-10 19:14 - 00000000 ____D C:\Users\Deskrates\Desktop\Neuer Ordner (10)
2013-08-10 19:13 - 2013-08-10 19:13 - 00004491 _____ C:\AdwCleaner[R1].txt
2013-08-10 18:54 - 2013-08-10 18:54 - 00377856 _____ C:\Users\Deskrates\Downloads\gmer_2.1.19163.exe
2013-08-10 18:52 - 2013-08-10 18:52 - 00000000 ____D C:\FRST
2013-08-10 18:50 - 2013-08-10 18:50 - 00050477 _____ C:\Users\Deskrates\Downloads\Defogger.exe
2013-08-09 02:45 - 2013-08-09 02:45 - 00000000 ____D C:\Users\Deskrates\Desktop\Für Deutschland 0221 37050193
2013-08-09 02:25 - 2013-08-09 02:25 - 00000919 _____ C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2013-08-09 02:25 - 2012-12-25 02:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-06 12:36 - 2013-08-06 12:36 - 00000022 _____ C:\Users\Deskrates\Desktop\asdas.txt
2013-08-05 01:11 - 2012-12-25 06:10 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-05 01:06 - 2013-02-24 00:20 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-05 01:06 - 2012-12-25 07:00 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\PunkBuster
2013-08-05 00:45 - 2013-08-05 00:45 - 02434856 _____ C:\Windows\SysWOW64\pbsvc_bc2.exe
2013-08-05 00:15 - 2012-12-25 02:49 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Origin
2013-08-05 00:15 - 2012-12-25 02:49 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Origin
2013-08-04 17:21 - 2013-02-27 03:37 - 00002301 _____ C:\Users\Public\Desktop\LG 3D Game - TriDef 3D.lnk
2013-08-04 17:21 - 2013-02-27 03:36 - 00000000 ____D C:\Program Files (x86)\TriDef 3D
2013-08-02 12:17 - 2013-08-02 12:17 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-08-01 18:42 - 2013-08-01 18:41 - 00000074 _____ C:\Users\Deskrates\Desktop\asdasdadasd.txt
2013-08-01 01:11 - 2013-01-20 09:22 - 00002413 _____ C:\Windows\SysWOW64\lgAxconfig.ini
2013-08-01 01:09 - 2013-04-07 03:23 - 00000831 _____ C:\Users\Deskrates\Desktop\LGMobile Support Tool.lnk
2013-08-01 01:09 - 2013-01-20 09:22 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-07-31 20:20 - 2013-05-26 17:24 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-31 20:20 - 2013-05-26 17:24 - 00000000 ____D C:\ProgramData\Skype
2013-07-30 20:09 - 2013-07-30 20:09 - 00000436 _____ C:\Users\Deskrates\Desktop\asdasd.txt
2013-07-26 16:42 - 2013-07-26 16:32 - 00000000 ____D C:\Users\Deskrates\Documents\ArcaniA - Gothic 4
2013-07-26 07:13 - 2013-08-18 17:25 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-26 07:13 - 2013-08-18 17:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-18 17:25 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-18 17:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-18 17:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-18 17:25 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-18 17:25 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:13 - 2013-08-18 17:25 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-18 17:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-18 17:25 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-18 17:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-18 17:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 02:54 - 2013-08-18 17:25 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-23 21:59 - 2013-07-23 21:59 - 00000008 _____ C:\Users\Deskrates\Desktop\Neues Textdokument (2).txt
2013-07-23 12:24 - 2012-12-25 05:55 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Rockstar Games
2013-07-22 20:47 - 2013-07-22 20:47 - 00000943 _____ C:\Users\Public\Desktop\GTA IV San Andreas.lnk
2013-07-22 15:25 - 2013-07-22 14:35 - 00000000 ____D C:\Users\Deskrates\Documents\Gothic3ForsakenGods
2013-07-22 12:23 - 2012-12-25 03:07 - 00000000 ____D C:\Users\Deskrates\Documents\my games
2013-07-22 02:13 - 2013-07-22 02:13 - 00000000 ____D C:\Users\Deskrates\Desktop\Abschluß 07
2013-07-21 21:14 - 2012-12-25 04:16 - 00000000 ____D C:\Users\Deskrates\Documents\EA Games
2013-07-21 21:12 - 2013-07-21 21:12 - 00000000 ____D C:\Users\Deskrates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-21 03:12 - 2013-02-19 02:42 - 00000000 ____D C:\Users\DESKRA~1\AppData\Local\Windows Live
2013-07-20 22:57 - 2013-07-20 11:51 - 00000074 _____ C:\Users\Deskrates\Desktop\bc.txt
Files to move or delete:
====================
C:\ProgramData\hash.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-11 12:11
==================== End Of Log ============================
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-08-2013 01
Ran by Deskrates at 2013-08-19 11:02:09
Running from C:\Users\Deskrates\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
ANNO 1404 - Gold Edition (x32 Version: 3.10.0000)
ArcaniA – Gothic 4 (x32)
Assassin’s Creed® III (x32)
Batman: Arkham Asylum GOTY Edition (x32)
Battlefield 3™ (x32 Version: 1.5.0.0)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BioShock Infinite (x32)
Borderlands 2 (x32)
Call of Juarez Gunslinger (x32)
Counter-Strike: Source (x32)
Creative Audio-Systemsteuerung (x32 Version: 2.00)
Creative Software AutoUpdate (x32 Version: 1.40)
Creative Sound Blaster Properties x64 Edition (x32)
Crysis (x32)
Crysis® 2 (x32 Version: 1.0.0.0)
Crysis®3 (x32 Version: 1.0.0.0)
CrystalDiskInfo 5.3.1 (x32 Version: 5.3.1)
CrystalDiskMark 3.0.2c (Version: 3.0.2c)
Curse Client (HKCU Version: 5.1.1.792)
CyberLink PowerDVD 9 (x32 Version: 9.0.4322.52)
D3DX10 (x32 Version: 15.4.2368.0902)
Dark Souls: Prepare to Die Edition (x32)
DC Universe Online Live (HKCU)
Dead Rising 2 (x32 Version: 1.0.0000.130)
Dead Rising 2: Off The Record (x32 Version: 1.0.0001.131)
Dead Rising 2: OTR (x32 Version: 1.0.0000.131)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Diablo III (x32 Version: 1.0.8.16603)
Die Sims™ 3 (x32 Version: 1.55.4)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101)
Die Sims™ 3 Late Night (x32 Version: 6.0.81)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87)
Die Sims™ 3 Wildes Studentenleben (x32 Version: 18.0.126)
DiRT 3 (x32)
DmC Devil May Cry (x32)
Dual-Core Optimizer (x32 Version: 1.1.4.0169)
eaner (Version: 3.27)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
EVGA OC Scanner X 2.2.2 (x32)
EVGA Precision X 4.2.1 (x32 Version: 4.2.1)
Far Cry 3 (x32 Version: 1.05)
Far Cry 3 Blood Dragon (x32 Version: 1.01)
FIFA 11 (x32 Version: 1.0.0.0)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fraps (remove only) (x32)
Google Update Helper (x32 Version: 1.3.23.0)
Gothic 3 Forsaken Gods Enhanced Edition (x32)
GrabIt 1.7.2 Beta 6 (build 1008) (x32)
Grand Theft Auto IV (x32)
Grand Theft Auto: Episodes from Liberty City (x32)
GTA IV: San Andreas (x32 Version: 0.5.4.0)
Harry Potter und die Heiligtümer des Todes™ - Teil 1 (x32 Version: 1.0.0.0)
HD Tune 2.55 (x32)
HD Tune Pro 5.00 (x32)
Hitman: Absolution (x32)
Hotline Miami (x32)
ImgBurn (x32 Version: 2.5.7.0)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Kane & Lynch 2: Dog Days (x32)
LG United Mobile Driver (x32 Version: 3.10.1.0)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Max Payne 2 DE (x32)
Max Payne 3 (x32 Version: 1.0.0.0)
Metro: Last Light (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Primary Interoperability Assemblies 2010 (x32 Version: 10.0.30319)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
MKVToolNix 6.3.0 (x32 Version: 6.3.0)
Monkey Island 2: Special Edition (x32)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
NVIDIA 3D Vision Controller-Treiber 320.14 (Version: 320.14)
NVIDIA 3D Vision Treiber 320.14 (Version: 320.14)
NVIDIA Grafiktreiber 320.14 (Version: 320.14)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.122.791)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2014)
NVIDIA Systemsteuerung 320.14 (Version: 320.14)
NVIDIA Update 1.14.17 (Version: 1.14.17)
NVIDIA Update Components (Version: 1.14.17)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.1.3.2637)
Paragon Backup & Recovery™ 2013 Free (x32 Version: 90.00.0003)
Photo Gallery (x32 Version: 16.4.3505.0912)
PS3Splitter version 1.1.5.2 (x32 Version: 1.1.5.2)
PunkBuster Services (x32 Version: 0.988)
RAGE (x32)
Resident Evil 6 version 1 (x32 Version: 1)
Risen 2 - Dark Waters (x32)
Rockstar Games Social Club (x32 Version: 1.1.0.6)
SeaTools for Windows (x32 Version: 1.2.0.7)
Serious Sam 3: BFE (x32)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.7 (x32 Version: 6.7.102)
Sleeping Dogs™ (x32)
SpeedFan (remove only) (x32)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Steam (x32 Version: 1.0.0.0)
STREET FIGHTER IV (x32 Version: 1.00.3013)
The Elder Scrolls V: Skyrim (x32)
The Witcher 2: Assassins of Kings Enhanced Edition (x32)
Tomb Raider (x32)
Torchlight II (x32)
TrackMania² Stadium (x32)
TreeSize Free V2.7 (x32 Version: 2.7)
TriDef 3D Games (LG 3D Monitor/TV) 1.8.5 (x32 Version: 1.8.5)
Trillian (x32)
Two Worlds II (x32 Version: 1.0.0)
Uplay (x32 Version: 2.0)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wireshark 1.8.4 (64-bit) (x32 Version: 1.8.4)
World of Warcraft (x32 Version: 5.3.0.17128)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (x32)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)
==================== Restore Points =========================
18-08-2013 21:13:54 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-08-18 20:34 - 00000853 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 csmg.lgmobile.com
==================== Scheduled Tasks (whitelisted) =============
Task: {003D0DEA-F997-4EC3-A746-2AF02F84BC60} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {03B6EAD0-E174-450B-8B33-D0C748040386} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {0422C002-AC67-41C3-82FA-E256AE0C3A8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated)
Task: {058315BB-0250-4325-B506-B405D3555C8E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {0A0008A2-F971-465E-8B4A-8A532BC4FE28} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3B45C8CF-ECFC-4420-8137-C60C8F542D92} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-07-18] ()
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {535982B4-B09A-4C98-9637-8E40318C5040} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A4996D95-3879-481A-BA95-5AC891284BA4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A8CF5AA7-9A33-43D0-8D14-C0D2DA4AEF64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B4664C7F-19BF-413D-9772-EB7D4CE256EB} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe [2013-01-22] (Crystal Dew World)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C09A0E93-BC53-4B37-BB1E-E88DDCAE4517} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C391A8D1-7229-4E06-A074-47DE6094FE89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {C3C22889-18E2-4138-92F7-A5CCCFDD60D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E6EACF70-8DE7-45CB-8B83-68CEC3B6F280} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2375759766-3280221063-1239557780-1001
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E9C97BD0-F081-4ABA-B3DA-517DC5D36FB3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {EAD4949A-7B8A-4AA6-809E-5B90B5EDFA57} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/18/2013 09:05:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Error: (08/18/2013 07:52:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
System errors:
=============
Error: (08/19/2013 10:21:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/19/2013 10:21:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/19/2013 01:22:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/19/2013 01:22:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/19/2013 00:50:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/19/2013 00:50:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/18/2013 08:36:05 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{B44C7FCC-9D2E-406F-A048-9FCC7FC587B9} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (08/18/2013 08:36:05 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{98BE0671-7976-4BAF-8258-EFCCADA692A5} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (08/18/2013 07:24:34 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/18/2013 07:03:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office Sessions:
=========================
Error: (08/18/2013 09:05:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (08/18/2013 07:52:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 8173.55 MB
Available physical RAM: 6038.24 MB
Total Pagefile: 9389.55 MB
Available Pagefile: 7127.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:59.28 GB) (Free:10.59 GB) NTFS
Drive d: (Downloads) (Fixed) (Total:1863.01 GB) (Free:1758.55 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:114.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 5ACC781B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F876568C)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: D0AF8B5F)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
==================== End Of Log ============================
GMER im Anhang,
mfg |
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.