Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Malwarebytes Anti-Malware findet 9 infizierte Dateien!Bitte um Hilfe (https://www.trojaner-board.de/145370-malwarebytes-anti-malware-findet-9-infizierte-dateien-bitte-um-hilfe.html)

DennyPenny 30.11.2013 13:55
Malwarebytes Anti-Malware findet 9 infizierte Dateien!Bitte um Hilfe
 
Poste die log-Datei vom Suchlauf.Ich bedanke mich schonmal im voraus :)

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.30.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Denny :: DENNY-PC [Administrator]

30.11.2013 12:35:17
MBAM-log-2013-11-30 (13-40-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 415241
Laufzeit: 1 Stunde(n), 4 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Denny\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Temp\ct3297265 (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 9
C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VLRVUAW\mism[1].exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5MWFS1P\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\Downloads\Setup.exe (PUP.Optional.Domalq) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Temp\ct3288691\chromeid.txt (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Temp\ct3288691\setup.ini.txt (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Temp\ct3297265\ism.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Temp\ct3297861\chromeid.txt (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Denny\AppData\Local\Temp\ct3297861\setup.ini.txt (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.

(Ende)

schrauber 30.11.2013 14:11
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


DennyPenny 01.12.2013 12:57
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-11-2013
Ran by Denny (administrator) on DENNY-PC on 30-11-2013 15:18:26
Running from C:\Users\Denny\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Spotify Ltd) C:\Users\Denny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dotjosh Studios, LLC) C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Denny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-15] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\Denny\AppData\Roaming\Spotify\spotify.exe [5955072 2013-11-15] (Spotify Ltd)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [3364264 2012-10-17] (Emsisoft GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2349392 2013-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\UpdatusUser\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\UpdatusUser\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Denny\AppData\Roaming\Mozilla\Firefox\Profiles\d7r95x4y.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF NetworkProxy: "ftp", "213.197.182.78"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "213.197.182.78"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "213.197.182.78"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "213.197.182.78"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: 4or6 - C:\Users\Denny\AppData\Roaming\Mozilla\Firefox\Profiles\d7r95x4y.default\Extensions\4or6@hunen.net.xpi
FF Extension: stealthyextension - C:\Users\Denny\AppData\Roaming\Mozilla\Firefox\Profiles\d7r95x4y.default\Extensions\stealthyextension@gmail.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR HomePage: hxxp://search.babylon.com/?affID=120518&tt=gc_&babsrc=HP_ss_din2g&mntrId=204C8C89A56D48CB
CHR Extension: (Google Docs) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Brushed) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0
CHR Extension: (YouTube) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Better Pop Up Blocker) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0
CHR Extension: (Gmail) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3084176 2012-10-06] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-11-23] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-31] ()

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [23208 2011-05-19] (Emsi Software GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-30 15:18 - 2013-11-30 15:18 - 00018254 _____ C:\Users\Denny\Downloads\FRST.txt
2013-11-30 15:15 - 2013-11-30 15:16 - 01959070 _____ (Farbar) C:\Users\Denny\Downloads\FRST64.exe
2013-11-28 18:31 - 2013-11-28 18:31 - 00001935 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-28 18:30 - 2013-11-28 18:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-27 01:28 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-27 01:25 - 2013-11-27 01:25 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 01:24 - 2013-11-27 01:29 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-25 13:43 - 2013-11-25 13:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-24 23:16 - 2013-11-24 23:16 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-24 23:16 - 2013-11-24 23:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-24 23:14 - 2013-11-24 23:15 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Denny\Downloads\Skype611SetupFull.exe
2013-11-24 15:58 - 2013-11-24 15:58 - 00460808 _____ C:\Users\Denny\Downloads\Setup.exe
2013-11-23 23:02 - 2013-11-23 23:02 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-11-23 22:55 - 2013-11-23 22:55 - 00000000 ____D C:\Users\Denny\AppData\Local\DayZCommander
2013-11-23 22:54 - 2013-11-23 22:54 - 02945024 _____ C:\Users\Denny\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-11-23 22:54 - 2013-11-23 22:54 - 00001340 _____ C:\Users\Public\Desktop\DayZ Commander.lnk
2013-11-23 22:54 - 2013-11-23 22:54 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-11-23 22:44 - 2013-11-30 13:58 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2 OA
2013-11-23 15:26 - 2013-11-23 23:02 - 00000000 ____D C:\Users\Denny\Documents\ArmA 2
2013-11-23 15:26 - 2013-11-23 15:28 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2
2013-11-23 15:25 - 2013-11-23 22:44 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-11-23 15:23 - 2013-11-23 22:43 - 00036946 _____ C:\Windows\DirectX.log
2013-11-23 14:17 - 2013-11-23 14:17 - 00000000 ____D C:\Users\Denny\AppData\Local\DDMSettings
2013-11-23 13:53 - 2013-11-23 13:53 - 00001617 _____ C:\Users\Denny\Desktop\DivX Movies.lnk
2013-11-23 13:53 - 2013-11-23 13:53 - 00000000 ____D C:\Program Files\DivX
2013-11-23 13:51 - 2013-11-23 13:53 - 00000000 ____D C:\Program Files (x86)\DivX
2013-11-23 13:44 - 2013-11-23 13:44 - 00000000 _____ C:\END
2013-11-23 13:43 - 2013-11-23 13:53 - 00000000 ____D C:\ProgramData\DivX
2013-11-23 13:43 - 2013-11-23 13:43 - 00957248 _____ (DivX, LLC) C:\Users\Denny\Downloads\DivXInstaller_913.exe
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2 Operation Arrowhead.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-23 12:10 - 2013-11-24 20:13 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-23 12:10 - 2013-11-23 12:10 - 01123608 _____ C:\Users\Denny\Downloads\SteamSetup.exe
2013-11-23 12:10 - 2013-11-23 12:10 - 00000985 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-14 21:27 - 2013-11-14 21:27 - 03820824 _____ C:\Users\Denny\Downloads\battlelog-web-plugins_2.3.1_125.exe
2013-11-14 16:54 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-11-13 15:11 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 15:11 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 15:11 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 15:11 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 15:11 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 15:11 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 15:11 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 15:11 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 15:11 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 15:11 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 15:11 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 15:11 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 15:11 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 15:11 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 15:11 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 15:11 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 15:11 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 15:11 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 15:11 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 15:11 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 15:11 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 15:11 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 15:11 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 15:11 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 15:11 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 15:11 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 15:11 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 15:11 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 15:11 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 15:11 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iTunes
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iPod
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 15:47 - 2013-11-09 22:22 - 103387443 _____ C:\Windows\SysWOW64\㞿
2013-11-06 19:42 - 2013-11-06 19:43 - 00000000 ____D C:\Users\Denny\Downloads\Cro - Sunny

==================== One Month Modified Files and Folders =======

2013-11-30 15:18 - 2013-11-30 15:18 - 00018254 _____ C:\Users\Denny\Downloads\FRST.txt
2013-11-30 15:17 - 2012-02-06 13:02 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Skype
2013-11-30 15:16 - 2013-11-30 15:15 - 01959070 _____ (Farbar) C:\Users\Denny\Downloads\FRST64.exe
2013-11-30 15:13 - 2012-04-18 18:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-30 15:13 - 2011-12-17 19:32 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-30 13:58 - 2013-11-23 22:44 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2 OA
2013-11-30 13:35 - 2013-01-29 21:06 - 00000000 ____D C:\Users\Denny\AppData\Local\LogMeIn Hamachi
2013-11-30 12:42 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-30 12:42 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-30 12:40 - 2011-05-16 15:04 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-11-30 12:40 - 2011-05-16 15:04 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-11-30 12:40 - 2009-07-14 06:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-30 12:38 - 2011-12-17 19:30 - 01728849 _____ C:\Windows\WindowsUpdate.log
2013-11-30 12:35 - 2012-07-31 22:06 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Spotify
2013-11-30 12:34 - 2012-10-03 13:40 - 00033475 _____ C:\Windows\setupact.log
2013-11-30 12:34 - 2011-12-17 19:32 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-30 12:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-30 12:33 - 2012-11-19 18:45 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-11-30 12:33 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-30 01:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-28 18:31 - 2013-11-28 18:31 - 00001935 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-28 18:30 - 2013-11-28 18:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-28 18:28 - 2011-12-17 19:38 - 00001429 _____ C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-27 01:29 - 2013-11-27 01:24 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-27 01:25 - 2013-11-27 01:25 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 23:09 - 2013-09-06 19:13 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 23:09 - 2013-09-06 19:10 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 23:09 - 2013-09-06 19:10 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 23:09 - 2013-09-06 19:10 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-25 13:48 - 2012-02-02 13:51 - 00000000 ____D C:\Users\Denny\AppData\Local\Adobe
2013-11-25 13:43 - 2013-11-25 13:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-25 13:42 - 2012-04-18 18:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-25 13:42 - 2012-04-18 18:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-25 13:42 - 2011-08-10 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-25 13:38 - 2009-07-14 05:45 - 00407400 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-24 23:16 - 2013-11-24 23:16 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-24 23:16 - 2013-11-24 23:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-24 23:16 - 2012-02-06 13:02 - 00000000 ____D C:\ProgramData\Skype
2013-11-24 23:15 - 2013-11-24 23:14 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Denny\Downloads\Skype611SetupFull.exe
2013-11-24 20:13 - 2013-11-23 12:10 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-24 15:58 - 2013-11-24 15:58 - 00460808 _____ C:\Users\Denny\Downloads\Setup.exe
2013-11-23 23:02 - 2013-11-23 23:02 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-11-23 23:02 - 2013-11-23 15:26 - 00000000 ____D C:\Users\Denny\Documents\ArmA 2
2013-11-23 22:55 - 2013-11-23 22:55 - 00000000 ____D C:\Users\Denny\AppData\Local\DayZCommander
2013-11-23 22:54 - 2013-11-23 22:54 - 02945024 _____ C:\Users\Denny\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-11-23 22:54 - 2013-11-23 22:54 - 00001340 _____ C:\Users\Public\Desktop\DayZ Commander.lnk
2013-11-23 22:54 - 2013-11-23 22:54 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-11-23 22:44 - 2013-11-23 15:25 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-11-23 22:43 - 2013-11-23 15:23 - 00036946 _____ C:\Windows\DirectX.log
2013-11-23 15:28 - 2013-11-23 15:26 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2
2013-11-23 14:35 - 2011-12-17 19:38 - 00096944 _____ C:\Users\Denny\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-23 14:17 - 2013-11-23 14:17 - 00000000 ____D C:\Users\Denny\AppData\Local\DDMSettings
2013-11-23 13:53 - 2013-11-23 13:53 - 00001617 _____ C:\Users\Denny\Desktop\DivX Movies.lnk
2013-11-23 13:53 - 2013-11-23 13:53 - 00000000 ____D C:\Program Files\DivX
2013-11-23 13:53 - 2013-11-23 13:51 - 00000000 ____D C:\Program Files (x86)\DivX
2013-11-23 13:53 - 2013-11-23 13:43 - 00000000 ____D C:\ProgramData\DivX
2013-11-23 13:53 - 2013-05-07 20:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-23 13:44 - 2013-11-23 13:44 - 00000000 _____ C:\END
2013-11-23 13:43 - 2013-11-23 13:43 - 00957248 _____ (DivX, LLC) C:\Users\Denny\Downloads\DivXInstaller_913.exe
2013-11-23 12:20 - 2011-12-17 19:38 - 00000000 ____D C:\Users\Denny
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2 Operation Arrowhead.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-23 12:10 - 2013-11-23 12:10 - 01123608 _____ C:\Users\Denny\Downloads\SteamSetup.exe
2013-11-23 12:10 - 2013-11-23 12:10 - 00000985 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-16 10:56 - 2012-07-31 22:06 - 00000000 ____D C:\Users\Denny\AppData\Local\Spotify
2013-11-14 21:28 - 2012-08-31 21:03 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-14 21:28 - 2011-12-21 21:32 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-14 21:27 - 2013-11-14 21:27 - 03820824 _____ C:\Users\Denny\Downloads\battlelog-web-plugins_2.3.1_125.exe
2013-11-14 21:27 - 2012-08-31 21:03 - 00283304 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-14 21:27 - 2011-12-21 21:32 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-11-14 21:25 - 2011-12-21 17:53 - 00000000 ____D C:\Program Files (x86)\Origin
2013-11-14 16:54 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-11-14 00:22 - 2013-08-30 18:42 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 00:20 - 2011-07-18 21:31 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iTunes
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iPod
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-12 20:43 - 2013-09-02 17:36 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-09 22:22 - 2013-11-07 15:47 - 103387443 _____ C:\Windows\SysWOW64\㞿
2013-11-06 19:55 - 2013-04-09 18:25 - 00060928 ___SH C:\Users\Denny\Thumbs.db
2013-11-06 19:55 - 2012-03-16 21:48 - 00000000 ____D C:\Users\Denny\Programme
2013-11-06 19:43 - 2013-11-06 19:42 - 00000000 ____D C:\Users\Denny\Downloads\Cro - Sunny
2013-11-05 00:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-02 21:06 - 2013-07-07 20:12 - 00000000 ____D C:\Users\Denny\Downloads\Jay-Z Magna Carta Holy Grail
2013-11-01 12:32 - 2012-11-08 18:48 - 00105620 _____ C:\Windows\PFRO.log

Some content of TEMP:
====================
C:\Users\Denny\AppData\Local\Temp\avgnt.exe
C:\Users\Denny\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 01:02

==================== End Of Log ============================
--- --- ---

--- --- ---


so richtig?

schrauber 02.12.2013 10:22
ja :)

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

DennyPenny 02.12.2013 23:40
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2013.12.02.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Denny :: DENNY-PC [Administrator]

02.12.2013 22:39:24
mbam-log-2013-12-02 (22-39-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 416495
Laufzeit: 59 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Denny\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Temp\ct3297265 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 9
C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VLRVUAW\mism[1].exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5MWFS1P\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\Downloads\Setup.exe (PUP.Optional.Domalq) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Temp\ct3288691\chromeid.txt (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Temp\ct3288691\setup.ini.txt (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Temp\ct3297265\ism.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Temp\ct3297861\chromeid.txt (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Denny\AppData\Local\Temp\ct3297861\setup.ini.txt (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

schrauber 03.12.2013 12:34
und weiter :)

DennyPenny 03.12.2013 23:09
AdwCleaner Logfile:
Code:
# AdwCleaner v3.014 - Bericht erstellt am 03/12/2013 um 22:54:42
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Denny - DENNY-PC
# Gestartet von : C:\Users\Denny\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Denny\AppData\LocalLow\boost_interprocess
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserProtect
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v20.0.1 (de)

[ Datei : C:\Users\Denny\AppData\Roaming\Mozilla\Firefox\Profiles\d7r95x4y.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ Datei : C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

*************************

AdwCleaner[R0].txt - [2275 octets] - [03/12/2013 22:32:31]
AdwCleaner[S0].txt - [2119 octets] - [03/12/2013 22:54:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2179 octets] ##########
--- --- ---JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Denny on 03.12.2013 at 22:59:38,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2238156402-1851513601-3527991238-1002\Software\sweetim



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2013 at 23:04:18,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013 02
Ran by Denny (administrator) on DENNY-PC on 03-12-2013 23:07:39
Running from C:\Users\Denny\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Spotify Ltd) C:\Users\Denny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Denny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-15] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\Denny\AppData\Roaming\Spotify\spotify.exe [5955072 2013-11-15] (Spotify Ltd)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [3364264 2012-10-17] (Emsisoft GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\UpdatusUser\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\UpdatusUser\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Denny\AppData\Roaming\Mozilla\Firefox\Profiles\d7r95x4y.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF NetworkProxy: "ftp", "213.197.182.78"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "213.197.182.78"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "213.197.182.78"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "213.197.182.78"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: 4or6 - C:\Users\Denny\AppData\Roaming\Mozilla\Firefox\Profiles\d7r95x4y.default\Extensions\4or6@hunen.net.xpi
FF Extension: stealthyextension - C:\Users\Denny\AppData\Roaming\Mozilla\Firefox\Profiles\d7r95x4y.default\Extensions\stealthyextension@gmail.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "https://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Brushed) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0
CHR Extension: (YouTube) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Better Pop Up Blocker) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0
CHR Extension: (Gmail) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3084176 2012-10-06] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-11-23] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-31] ()

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [23208 2011-05-19] (Emsi Software GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-03 23:07 - 2013-12-03 23:07 - 01959614 _____ (Farbar) C:\Users\Denny\Downloads\FRST64.exe
2013-12-03 23:04 - 2013-12-03 23:04 - 00000815 _____ C:\Users\Denny\Desktop\JRT.txt
2013-12-03 22:32 - 2013-12-03 22:54 - 00000000 ____D C:\AdwCleaner
2013-12-03 15:35 - 2013-12-03 15:35 - 00000930 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-12-03 15:35 - 2013-12-03 15:35 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-02 23:01 - 2013-12-02 23:02 - 01034531 _____ (Thisisu) C:\Users\Denny\Downloads\JRT.exe
2013-12-02 22:40 - 2013-12-02 22:40 - 01110034 _____ C:\Users\Denny\Downloads\adwcleaner.exe
2013-11-30 15:18 - 2013-12-03 23:07 - 00019463 _____ C:\Users\Denny\Downloads\FRST.txt
2013-11-28 18:31 - 2013-11-28 18:31 - 00001935 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-28 18:30 - 2013-11-28 18:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-27 01:28 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-27 01:25 - 2013-11-27 01:25 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 01:24 - 2013-11-27 01:29 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-25 13:43 - 2013-11-25 13:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-24 23:16 - 2013-11-24 23:16 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-24 23:16 - 2013-11-24 23:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-24 23:14 - 2013-11-24 23:15 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Denny\Downloads\Skype611SetupFull.exe
2013-11-23 23:02 - 2013-11-23 23:02 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-11-23 22:55 - 2013-11-23 22:55 - 00000000 ____D C:\Users\Denny\AppData\Local\DayZCommander
2013-11-23 22:54 - 2013-11-23 22:54 - 02945024 _____ C:\Users\Denny\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-11-23 22:54 - 2013-11-23 22:54 - 00001340 _____ C:\Users\Public\Desktop\DayZ Commander.lnk
2013-11-23 22:54 - 2013-11-23 22:54 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-11-23 22:44 - 2013-12-01 20:34 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2 OA
2013-11-23 15:26 - 2013-11-23 23:02 - 00000000 ____D C:\Users\Denny\Documents\ArmA 2
2013-11-23 15:26 - 2013-11-23 15:28 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2
2013-11-23 15:25 - 2013-11-23 22:44 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-11-23 15:23 - 2013-11-23 22:43 - 00036946 _____ C:\Windows\DirectX.log
2013-11-23 14:17 - 2013-11-23 14:17 - 00000000 ____D C:\Users\Denny\AppData\Local\DDMSettings
2013-11-23 13:53 - 2013-11-23 13:53 - 00001617 _____ C:\Users\Denny\Desktop\DivX Movies.lnk
2013-11-23 13:53 - 2013-11-23 13:53 - 00000000 ____D C:\Program Files\DivX
2013-11-23 13:51 - 2013-11-23 13:53 - 00000000 ____D C:\Program Files (x86)\DivX
2013-11-23 13:43 - 2013-11-23 13:53 - 00000000 ____D C:\ProgramData\DivX
2013-11-23 13:43 - 2013-11-23 13:43 - 00957248 _____ (DivX, LLC) C:\Users\Denny\Downloads\DivXInstaller_913.exe
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2 Operation Arrowhead.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-23 12:10 - 2013-11-24 20:13 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-23 12:10 - 2013-11-23 12:10 - 01123608 _____ C:\Users\Denny\Downloads\SteamSetup.exe
2013-11-23 12:10 - 2013-11-23 12:10 - 00000985 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-14 21:27 - 2013-11-14 21:27 - 03820824 _____ C:\Users\Denny\Downloads\battlelog-web-plugins_2.3.1_125.exe
2013-11-13 15:11 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 15:11 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 15:11 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 15:11 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 15:11 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 15:11 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 15:11 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 15:11 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 15:11 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 15:11 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 15:11 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 15:11 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 15:11 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 15:11 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 15:11 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 15:11 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 15:11 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 15:11 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 15:11 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 15:11 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 15:11 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 15:11 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 15:11 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 15:11 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 15:11 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 15:11 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 15:11 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 15:11 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 15:11 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 15:11 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iTunes
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iPod
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 15:47 - 2013-11-09 22:22 - 103387443 _____ C:\Windows\SysWOW64\㞿
2013-11-06 19:42 - 2013-11-06 19:43 - 00000000 ____D C:\Users\Denny\Downloads\Cro - Sunny

==================== One Month Modified Files and Folders =======

2013-12-03 23:08 - 2013-11-30 15:18 - 00019463 _____ C:\Users\Denny\Downloads\FRST.txt
2013-12-03 23:07 - 2013-12-03 23:07 - 01959614 _____ (Farbar) C:\Users\Denny\Downloads\FRST64.exe
2013-12-03 23:04 - 2013-12-03 23:04 - 00000815 _____ C:\Users\Denny\Desktop\JRT.txt
2013-12-03 23:04 - 2011-05-16 15:04 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-12-03 23:04 - 2011-05-16 15:04 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-12-03 23:04 - 2009-07-14 06:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 23:04 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 23:04 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 22:59 - 2012-07-31 22:06 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Spotify
2013-12-03 22:58 - 2013-01-29 21:06 - 00000000 ____D C:\Users\Denny\AppData\Local\LogMeIn Hamachi
2013-12-03 22:57 - 2012-10-03 13:40 - 00033923 _____ C:\Windows\setupact.log
2013-12-03 22:57 - 2011-12-17 19:32 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-03 22:57 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-03 22:57 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 22:56 - 2012-11-19 18:45 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-12-03 22:56 - 2011-12-17 19:30 - 01886777 _____ C:\Windows\WindowsUpdate.log
2013-12-03 22:54 - 2013-12-03 22:32 - 00000000 ____D C:\AdwCleaner
2013-12-03 22:13 - 2012-04-18 18:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-03 22:13 - 2011-12-17 19:32 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 15:35 - 2013-12-03 15:35 - 00000930 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-12-03 15:35 - 2013-12-03 15:35 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-02 23:43 - 2012-11-08 18:48 - 00108922 _____ C:\Windows\PFRO.log
2013-12-02 23:02 - 2013-12-02 23:01 - 01034531 _____ (Thisisu) C:\Users\Denny\Downloads\JRT.exe
2013-12-02 22:40 - 2013-12-02 22:40 - 01110034 _____ C:\Users\Denny\Downloads\adwcleaner.exe
2013-12-01 23:04 - 2012-02-06 13:02 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Skype
2013-12-01 20:34 - 2013-11-23 22:44 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2 OA
2013-11-30 01:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-28 18:31 - 2013-11-28 18:31 - 00001935 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-28 18:30 - 2013-11-28 18:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-28 18:28 - 2011-12-17 19:38 - 00001429 _____ C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-27 01:29 - 2013-11-27 01:24 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-27 01:25 - 2013-11-27 01:25 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 01:25 - 2013-11-27 01:25 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 01:25 - 2013-11-27 01:25 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 01:25 - 2013-11-27 01:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 01:25 - 2013-11-27 01:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 01:25 - 2013-11-27 01:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 01:25 - 2013-11-27 01:25 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 01:25 - 2013-11-27 01:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 23:09 - 2013-09-06 19:13 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 23:09 - 2013-09-06 19:10 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 23:09 - 2013-09-06 19:10 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 23:09 - 2013-09-06 19:10 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-25 13:48 - 2012-02-02 13:51 - 00000000 ____D C:\Users\Denny\AppData\Local\Adobe
2013-11-25 13:43 - 2013-11-25 13:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-25 13:42 - 2012-04-18 18:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-25 13:42 - 2012-04-18 18:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-25 13:42 - 2011-08-10 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-25 13:38 - 2009-07-14 05:45 - 00407400 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-24 23:16 - 2013-11-24 23:16 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-24 23:16 - 2013-11-24 23:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-24 23:16 - 2012-02-06 13:02 - 00000000 ____D C:\ProgramData\Skype
2013-11-24 23:15 - 2013-11-24 23:14 - 35095200 _____ (Skype Technologies S.A.) C:\Users\Denny\Downloads\Skype611SetupFull.exe
2013-11-24 20:13 - 2013-11-23 12:10 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-23 23:02 - 2013-11-23 23:02 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-11-23 23:02 - 2013-11-23 15:26 - 00000000 ____D C:\Users\Denny\Documents\ArmA 2
2013-11-23 22:55 - 2013-11-23 22:55 - 00000000 ____D C:\Users\Denny\AppData\Local\DayZCommander
2013-11-23 22:54 - 2013-11-23 22:54 - 02945024 _____ C:\Users\Denny\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-11-23 22:54 - 2013-11-23 22:54 - 00001340 _____ C:\Users\Public\Desktop\DayZ Commander.lnk
2013-11-23 22:54 - 2013-11-23 22:54 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-11-23 22:44 - 2013-11-23 15:25 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-11-23 22:43 - 2013-11-23 15:23 - 00036946 _____ C:\Windows\DirectX.log
2013-11-23 15:28 - 2013-11-23 15:26 - 00000000 ____D C:\Users\Denny\AppData\Local\ArmA 2
2013-11-23 14:35 - 2011-12-17 19:38 - 00096944 _____ C:\Users\Denny\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-23 14:17 - 2013-11-23 14:17 - 00000000 ____D C:\Users\Denny\AppData\Local\DDMSettings
2013-11-23 13:53 - 2013-11-23 13:53 - 00001617 _____ C:\Users\Denny\Desktop\DivX Movies.lnk
2013-11-23 13:53 - 2013-11-23 13:53 - 00000000 ____D C:\Program Files\DivX
2013-11-23 13:53 - 2013-11-23 13:51 - 00000000 ____D C:\Program Files (x86)\DivX
2013-11-23 13:53 - 2013-11-23 13:43 - 00000000 ____D C:\ProgramData\DivX
2013-11-23 13:53 - 2013-05-07 20:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-23 13:43 - 2013-11-23 13:43 - 00957248 _____ (DivX, LLC) C:\Users\Denny\Downloads\DivXInstaller_913.exe
2013-11-23 12:20 - 2011-12-17 19:38 - 00000000 ____D C:\Users\Denny
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000221 _____ C:\Users\Denny\Desktop\Arma 2 Operation Arrowhead.url
2013-11-23 12:15 - 2013-11-23 12:15 - 00000000 ____D C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-23 12:10 - 2013-11-23 12:10 - 01123608 _____ C:\Users\Denny\Downloads\SteamSetup.exe
2013-11-23 12:10 - 2013-11-23 12:10 - 00000985 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-16 10:56 - 2012-07-31 22:06 - 00000000 ____D C:\Users\Denny\AppData\Local\Spotify
2013-11-14 21:28 - 2012-08-31 21:03 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-14 21:28 - 2011-12-21 21:32 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-14 21:27 - 2013-11-14 21:27 - 03820824 _____ C:\Users\Denny\Downloads\battlelog-web-plugins_2.3.1_125.exe
2013-11-14 21:27 - 2012-08-31 21:03 - 00283304 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-14 21:27 - 2011-12-21 21:32 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-11-14 21:25 - 2011-12-21 17:53 - 00000000 ____D C:\Program Files (x86)\Origin
2013-11-14 00:22 - 2013-08-30 18:42 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 00:20 - 2011-07-18 21:31 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iTunes
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files\iPod
2013-11-12 20:43 - 2013-11-12 20:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-12 20:43 - 2013-09-02 17:36 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-09 22:22 - 2013-11-07 15:47 - 103387443 _____ C:\Windows\SysWOW64\㞿
2013-11-06 19:55 - 2013-04-09 18:25 - 00060928 ___SH C:\Users\Denny\Thumbs.db
2013-11-06 19:55 - 2012-03-16 21:48 - 00000000 ____D C:\Users\Denny\Programme
2013-11-06 19:43 - 2013-11-06 19:42 - 00000000 ____D C:\Users\Denny\Downloads\Cro - Sunny
2013-11-05 00:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp

Some content of TEMP:
====================
C:\Users\Denny\AppData\Local\Temp\avgnt.exe
C:\Users\Denny\AppData\Local\Temp\Quarantine.exe
C:\Users\Denny\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 01:02

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

so fertig :)

schrauber 04.12.2013 11:59

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:39 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19