Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7/Verdacht auf Infizierung mit BKA-Trojaner u.a. (https://www.trojaner-board.de/146602-windows-7-verdacht-infizierung-bka-trojaner-u-a.html)

Ren2 23.12.2013 21:52
Windows 7/Verdacht auf Infizierung mit BKA-Trojaner u.a.
 
Guten Abend!

Einen Abend vor Weihnachten bin ich auf eine Seite gelangt, bei der ich glaube mir einen BKA-Trojaner eingefangen zu haben. Ich habe allerdings schon länger den Verdacht, dass mein gesamtes System nicht wirklich (...) Viren-, Trojaner, etc. pp.-frei ist.

Bevor ich auf dieses Forum hier gestoßen bin habe ich einen MBAM-Scan durchgeführt, der die Datei "pup.optional.conduit" gefunden hat (siehe mbam-log2) und ich habe diese Datei bereits entfernt. Der aktuellere MBAM-Scan hat keine schädlichen Dateien gefunden (siehe mbam-log1).

Allerdings: mein PC funktioniert grundsätzlich gut, abgesehen von gelegentlichen Blue-Screens - eigentlich verwunderlich, wenn man bedenkt, dass ich mich was den Schutz meines PCs angeht nur sehr mäßig auskenne...

Daher: Würde euch bitten die Logfiles anzusehen und mir zu sagen, ob und wie sehr das System denn tatsächlich verseucht ist (auch da ich das GMER-Logfile genau nicht interpretieren kann...).

Bisherige Aktionen meinerseits: Scan mit Avira Antivirus, MBAM, CCleaner, HitmanPro, OTL, GMer, FRST, sowie Defogger.

Vielen Dank im Voraus!



FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013
Ran by SH (administrator) on SH-PC on 23-12-2013 20:17:32
Running from C:\Users\SH\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\Users\SH\Downloads\t9byx514.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2327952 2010-07-21] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.Exe [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPANEL.exe [2181744 2010-06-18] (Gainward Co.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
HKCU\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
MountPoints2: {2d752eb6-4a67-11e0-a483-1c6f654a916e} - E:\Startme.exe
MountPoints2: {61ead8a0-e9d3-11df-a7b8-806e6f6e6963} - D:\Run.exe
MountPoints2: {852eb75c-ea98-11df-9c1e-1c6f654a916e} - F:\autorun.exe
MountPoints2: {d2032985-4192-11e3-8f45-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x91C73E7FB143CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - {4E2F722B-1D5F-408b-8855-DEDA154E8ABF} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKCU - {6D2E3FA5-9F5A-4189-AA11-F94A2A74CDBC} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {D1CF62D5-4C9F-4592-8688-260ABE44B177} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYAT&apn_uid=FD409CC9-BF12-4B3E-8338-2E4EE57E6093&apn_sauid=2310579D-D991-4AE6-AFF7-C9E55E5608FF
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1  meetandfuckgames.com www.meetandfuckgames.com
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-12-23] (SurfRight B.V.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-12-12] ()

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-03-13] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-13] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-03-13] ()
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 Secdrv; C:\Windows\SysWow64\drivers\SECDRV.SYS [11616 2001-08-25] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-11-07] ()
S2 TBPanel; No ImagePath
U3 alq6ips2; C:\Windows\System32\Drivers\alq6ips2.sys [0 ] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\SH\AppData\Local\Temp\ALSysIO64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U3 pxldypoc; \??\C:\Users\SH\AppData\Local\Temp\pxldypoc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-23 20:17 - 2013-12-23 20:17 - 01928604 _____ (Farbar) C:\Users\SH\Downloads\FRST64.exe
2013-12-23 20:17 - 2013-12-23 20:17 - 00014635 _____ C:\Users\SH\Downloads\FRST.txt
2013-12-23 20:17 - 2013-12-23 20:17 - 00000000 ____D C:\FRST
2013-12-23 20:11 - 2013-12-23 20:11 - 00377856 _____ C:\Users\SH\Downloads\t9byx514.exe
2013-12-23 20:05 - 2013-12-23 20:05 - 00113756 _____ C:\Users\SH\Downloads\OTL.Txt
2013-12-23 20:02 - 2013-12-23 20:02 - 00602112 _____ (OldTimer Tools) C:\Users\SH\Downloads\OTL.exe
2013-12-23 17:59 - 2013-12-23 17:59 - 00000112 _____ C:\Windows\setupact.log
2013-12-23 17:59 - 2013-12-23 17:59 - 00000000 _____ C:\Windows\setuperr.log
2013-12-23 17:21 - 2013-12-23 17:21 - 00000000 ____D C:\Users\SH\Downloads\Sicherung
2013-12-23 17:18 - 2013-12-23 17:18 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-23 17:18 - 2013-12-23 17:18 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-23 17:18 - 2013-12-23 17:18 - 00000000 ____D C:\Program Files\CCleaner
2013-12-23 17:17 - 2013-12-23 17:17 - 03571656 _____ (Piriform Ltd) C:\Users\SH\Downloads\ccsetup409_slim.exe
2013-12-23 17:16 - 2013-12-23 17:16 - 10264904 _____ (SurfRight B.V.) C:\Users\SH\Downloads\HitmanPro_x64.exe
2013-12-23 17:16 - 2013-12-23 17:16 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-12-23 17:16 - 2013-12-23 17:16 - 00000000 ____D C:\Program Files\HitmanPro
2013-12-23 17:15 - 2013-12-23 17:22 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-23 17:13 - 2013-12-23 17:13 - 09452704 _____ (SurfRight B.V.) C:\Users\SH\Downloads\HitmanPro3.7.8.208.exe
2013-12-23 17:12 - 2013-12-23 17:12 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-23 17:12 - 2013-12-23 17:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-23 17:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-23 17:08 - 2013-12-23 17:08 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\SH\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-23 16:58 - 2013-12-23 16:58 - 00001077 _____ C:\Users\SH\Desktop\Kaspersky Security Scan.lnk
2013-12-23 16:58 - 2013-12-23 16:58 - 00000000 ____D C:\Users\SH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2013-12-23 16:57 - 2013-12-23 16:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-23 16:57 - 2013-12-23 16:57 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-12-23 16:56 - 2013-12-23 16:56 - 00179984 _____ (Kaspersky Lab) C:\Users\SH\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2013-12-15 19:34 - 2013-12-15 19:34 - 00000000 ____D C:\Users\SH\AppData\Local\CDWLauncher
2013-12-15 18:52 - 2013-12-15 18:52 - 00000222 _____ C:\Users\SH\Desktop\Chivalry Medieval Warfare.url
2013-12-15 18:52 - 2013-12-15 18:52 - 00000222 _____ C:\Users\SH\Desktop\Chivalry Medieval Warfare Beta.url
2013-12-15 11:45 - 2013-12-15 11:45 - 00001949 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2013-12-15 11:45 - 2013-12-15 11:45 - 00000000 ____D C:\Users\SH\AppData\Roaming\Canneverbe Limited
2013-12-15 11:45 - 2013-12-15 11:45 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-15 11:45 - 2013-12-15 11:45 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2013-12-15 11:44 - 2013-12-15 11:44 - 05283736 _____ (Canneverbe Limited                                          ) C:\Users\SH\Downloads\cdbxp_setup_4.5.2.4291.exe
2013-12-14 18:49 - 2013-12-14 20:14 - 00000000 ____D C:\Users\SH\Downloads\Cloud.Atlas.2012
2013-12-12 10:57 - 2013-12-12 10:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 10:50 - 2013-12-12 10:50 - 00000000 ____D C:\Games
2013-12-12 10:49 - 2013-12-12 10:49 - 00000000 ____D C:\Nexus Mod Manager
2013-12-12 10:48 - 2013-12-22 17:41 - 00000000 ____D C:\Users\SH\Documents\Nexus Mod Manager
2013-12-12 10:48 - 2013-12-12 10:49 - 00000000 ____D C:\Users\SH\AppData\Local\Black_Tree_Gaming
2013-12-12 10:47 - 2013-12-12 10:49 - 00000684 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-12-12 10:47 - 2013-12-12 10:47 - 04136616 _____ (Black Tree Gaming                                          ) C:\Users\SH\Downloads\Nexus Mod Manager-0.46.0.exe
2013-12-12 10:47 - 2013-12-12 10:47 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-12-11 21:38 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 21:38 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 21:38 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 21:38 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 21:37 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 21:37 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 21:37 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 21:37 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 21:37 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 21:37 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 21:37 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 21:37 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 21:37 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 21:37 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 21:37 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 21:37 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 21:37 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 21:37 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 21:37 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 21:37 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 21:37 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 21:37 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 21:37 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 21:37 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 21:37 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 21:37 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 21:37 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 21:37 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 21:37 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 21:37 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 21:37 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 21:37 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 21:37 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 21:37 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 21:37 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 18:35 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 18:35 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 18:35 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 18:35 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 18:35 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 18:35 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 18:35 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 18:35 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 18:35 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 18:35 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 18:35 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 18:35 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 18:35 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 18:35 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 18:35 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 18:35 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 18:35 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 18:35 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 18:35 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-09 18:22 - 2013-12-09 18:22 - 00000222 _____ C:\Users\SH\Desktop\Neverwinter.url
2013-12-07 22:57 - 2013-12-07 23:15 - 19982287 _____ C:\Users\SH\Downloads\WoW-Erinnerung.rar
2013-12-07 22:46 - 2013-12-07 23:14 - 00000000 ____D C:\Users\SH\Downloads\WoW-Erinnerung
2013-12-03 19:50 - 2013-12-03 19:50 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-03 18:26 - 2013-12-03 18:26 - 00000222 _____ C:\Users\SH\Desktop\Age of Empires II HD Edition.url
2013-12-03 07:39 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-03 07:36 - 2013-12-03 07:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 07:36 - 2013-12-03 07:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 07:36 - 2013-12-03 07:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 07:36 - 2013-12-03 07:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 07:36 - 2013-12-03 07:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 07:36 - 2013-12-03 07:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 07:36 - 2013-12-03 07:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-23 12:45 - 2013-11-23 13:18 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-11-23 12:45 - 2013-11-23 12:45 - 00001158 _____ C:\Users\Public\Desktop\Diablo III.lnk

==================== One Month Modified Files and Folders =======

2013-12-23 20:17 - 2013-12-23 20:17 - 01928604 _____ (Farbar) C:\Users\SH\Downloads\FRST64.exe
2013-12-23 20:17 - 2013-12-23 20:17 - 00014635 _____ C:\Users\SH\Downloads\FRST.txt
2013-12-23 20:17 - 2013-12-23 20:17 - 00000000 ____D C:\FRST
2013-12-23 20:16 - 2010-11-06 19:40 - 01487787 _____ C:\Windows\WindowsUpdate.log
2013-12-23 20:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-23 20:11 - 2013-12-23 20:11 - 00377856 _____ C:\Users\SH\Downloads\t9byx514.exe
2013-12-23 20:11 - 2010-11-09 19:41 - 00000000 ____D C:\Users\SH\AppData\Roaming\Skype
2013-12-23 20:06 - 2011-06-20 17:18 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-23 20:05 - 2013-12-23 20:05 - 00113756 _____ C:\Users\SH\Downloads\OTL.Txt
2013-12-23 20:02 - 2013-12-23 20:02 - 00602112 _____ (OldTimer Tools) C:\Users\SH\Downloads\OTL.exe
2013-12-23 19:57 - 2012-09-05 15:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-23 17:59 - 2013-12-23 17:59 - 00000112 _____ C:\Windows\setupact.log
2013-12-23 17:59 - 2013-12-23 17:59 - 00000000 _____ C:\Windows\setuperr.log
2013-12-23 17:22 - 2013-12-23 17:15 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-23 17:21 - 2013-12-23 17:21 - 00000000 ____D C:\Users\SH\Downloads\Sicherung
2013-12-23 17:19 - 2013-10-30 21:12 - 00000000 ____D C:\Windows\Minidump
2013-12-23 17:19 - 2010-11-29 15:40 - 00000000 ____D C:\Users\SH\AppData\Roaming\TS3Client
2013-12-23 17:19 - 2010-11-23 20:47 - 00000000 ____D C:\Users\SH\Tracing
2013-12-23 17:19 - 2010-11-06 19:25 - 00000000 ____D C:\Windows\Panther
2013-12-23 17:18 - 2013-12-23 17:18 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-23 17:18 - 2013-12-23 17:18 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-23 17:18 - 2013-12-23 17:18 - 00000000 ____D C:\Program Files\CCleaner
2013-12-23 17:17 - 2013-12-23 17:17 - 03571656 _____ (Piriform Ltd) C:\Users\SH\Downloads\ccsetup409_slim.exe
2013-12-23 17:16 - 2013-12-23 17:16 - 10264904 _____ (SurfRight B.V.) C:\Users\SH\Downloads\HitmanPro_x64.exe
2013-12-23 17:16 - 2013-12-23 17:16 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-12-23 17:16 - 2013-12-23 17:16 - 00000000 ____D C:\Program Files\HitmanPro
2013-12-23 17:13 - 2013-12-23 17:13 - 09452704 _____ (SurfRight B.V.) C:\Users\SH\Downloads\HitmanPro3.7.8.208.exe
2013-12-23 17:12 - 2013-12-23 17:12 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-23 17:12 - 2013-12-23 17:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-23 17:08 - 2013-12-23 17:08 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\SH\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-23 16:58 - 2013-12-23 16:58 - 00001077 _____ C:\Users\SH\Desktop\Kaspersky Security Scan.lnk
2013-12-23 16:58 - 2013-12-23 16:58 - 00000000 ____D C:\Users\SH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2013-12-23 16:57 - 2013-12-23 16:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-23 16:57 - 2013-12-23 16:57 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-12-23 16:56 - 2013-12-23 16:56 - 00179984 _____ (Kaspersky Lab) C:\Users\SH\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2013-12-23 14:48 - 2013-02-01 17:31 - 00000000 ____D C:\Users\SH\AppData\Roaming\vlc
2013-12-23 12:38 - 2013-06-10 19:50 - 00000000 ____D C:\Users\SH\Downloads\BBT-S6
2013-12-23 10:59 - 2009-07-14 05:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-23 10:59 - 2009-07-14 05:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-23 10:52 - 2010-11-06 13:05 - 00000144 _____ C:\service.log
2013-12-23 10:51 - 2010-11-07 12:44 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-23 10:51 - 2010-11-06 13:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-23 10:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-22 18:54 - 2011-01-17 01:04 - 00000000 ____D C:\Users\SH\AppData\Roaming\dvdcss
2013-12-22 18:07 - 2011-11-18 16:16 - 00000000 ____D C:\Users\SH\AppData\Local\Skyrim
2013-12-22 17:41 - 2013-12-12 10:48 - 00000000 ____D C:\Users\SH\Documents\Nexus Mod Manager
2013-12-22 17:40 - 2011-05-25 06:45 - 00000000 ____D C:\Users\SH\Documents\My Games
2013-12-22 16:25 - 2009-07-14 18:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-12-22 16:25 - 2009-07-14 18:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-12-22 16:25 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 18:03 - 2013-05-07 14:23 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-18 18:03 - 2013-03-28 17:09 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 18:03 - 2013-03-28 17:09 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-15 20:29 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-15 19:34 - 2013-12-15 19:34 - 00000000 ____D C:\Users\SH\AppData\Local\CDWLauncher
2013-12-15 18:52 - 2013-12-15 18:52 - 00000222 _____ C:\Users\SH\Desktop\Chivalry Medieval Warfare.url
2013-12-15 18:52 - 2013-12-15 18:52 - 00000222 _____ C:\Users\SH\Desktop\Chivalry Medieval Warfare Beta.url
2013-12-15 18:52 - 2012-06-12 21:21 - 00000000 ____D C:\Users\SH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-15 11:45 - 2013-12-15 11:45 - 00001949 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2013-12-15 11:45 - 2013-12-15 11:45 - 00000000 ____D C:\Users\SH\AppData\Roaming\Canneverbe Limited
2013-12-15 11:45 - 2013-12-15 11:45 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-15 11:45 - 2013-12-15 11:45 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2013-12-15 11:44 - 2013-12-15 11:44 - 05283736 _____ (Canneverbe Limited                                          ) C:\Users\SH\Downloads\cdbxp_setup_4.5.2.4291.exe
2013-12-14 20:14 - 2013-12-14 18:49 - 00000000 ____D C:\Users\SH\Downloads\Cloud.Atlas.2012
2013-12-14 12:52 - 2013-08-15 01:26 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 12:50 - 2010-11-09 07:26 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 19:55 - 2012-09-18 18:22 - 00000000 ____D C:\Finanzielles
2013-12-13 07:10 - 2012-09-09 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 12:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 10:57 - 2013-12-12 10:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 10:50 - 2013-12-12 10:50 - 00000000 ____D C:\Games
2013-12-12 10:49 - 2013-12-12 10:49 - 00000000 ____D C:\Nexus Mod Manager
2013-12-12 10:49 - 2013-12-12 10:48 - 00000000 ____D C:\Users\SH\AppData\Local\Black_Tree_Gaming
2013-12-12 10:49 - 2013-12-12 10:47 - 00000684 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-12-12 10:47 - 2013-12-12 10:47 - 04136616 _____ (Black Tree Gaming                                          ) C:\Users\SH\Downloads\Nexus Mod Manager-0.46.0.exe
2013-12-12 10:47 - 2013-12-12 10:47 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-12-12 08:20 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 08:11 - 2009-07-14 05:45 - 00421920 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 21:38 - 2010-11-07 19:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-10 21:58 - 2010-11-06 16:56 - 00000000 ____D C:\FH
2013-12-10 20:57 - 2012-09-05 15:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 20:57 - 2012-04-02 06:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 20:57 - 2011-05-15 17:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 19:13 - 2013-08-31 16:32 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-09 18:22 - 2013-12-09 18:22 - 00000222 _____ C:\Users\SH\Desktop\Neverwinter.url
2013-12-08 17:02 - 2010-11-07 15:10 - 00000000 ____D C:\Users\SH\AppData\Local\Adobe
2013-12-08 11:15 - 2010-11-22 18:05 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-12-07 23:15 - 2013-12-07 22:57 - 19982287 _____ C:\Users\SH\Downloads\WoW-Erinnerung.rar
2013-12-07 23:14 - 2013-12-07 22:46 - 00000000 ____D C:\Users\SH\Downloads\WoW-Erinnerung
2013-12-05 08:48 - 2010-11-09 19:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-05 08:48 - 2010-11-09 19:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-03 19:50 - 2013-12-03 19:50 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-03 18:26 - 2013-12-03 18:26 - 00000222 _____ C:\Users\SH\Desktop\Age of Empires II HD Edition.url
2013-12-03 18:21 - 2010-11-06 13:02 - 00001421 _____ C:\Users\SH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 18:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-03 07:36 - 2013-12-03 07:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 07:36 - 2013-12-03 07:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 07:36 - 2013-12-03 07:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 07:36 - 2013-12-03 07:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 07:36 - 2013-12-03 07:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 07:36 - 2013-12-03 07:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 07:36 - 2013-12-03 07:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 07:36 - 2013-12-03 07:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 07:36 - 2013-12-03 07:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 12:54 - 2013-12-11 21:37 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-11 21:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-11 21:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-11 21:37 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-11 21:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-11 21:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-11 21:37 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-11 21:37 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-11 21:37 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-11 21:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-11 21:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-11 21:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-11 21:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-11 21:37 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-11 21:37 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 21:37 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-11 21:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-11 21:37 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-11 21:37 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-11 21:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 21:37 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 21:37 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 21:37 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 21:37 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 21:37 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 21:37 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 21:37 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 21:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 21:37 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 21:37 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 21:37 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-25 18:24 - 2013-03-28 17:09 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-23 19:26 - 2013-12-11 18:35 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-11 18:35 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 13:18 - 2013-11-23 12:45 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-11-23 12:45 - 2013-11-23 12:45 - 00001158 _____ C:\Users\Public\Desktop\Diablo III.lnk

ZeroAccess:
C:\Windows\assembly\tmp
C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}

ZeroAccess:
C:\Users\SH\AppData\Local\7c9b0cbd
C:\Users\SH\AppData\Local\7c9b0cbd\@
C:\Users\SH\AppData\Local\7c9b0cbd\loader.tlb

Some content of TEMP:
====================
C:\Users\SH\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 09:51

==================== End Of Log ============================
--- --- ---

Ren2 23.12.2013 21:57
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2013
Ran by SH at 2013-12-23 t20:17:51
Running from C:\Users\SH\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
@BIOS (x32 Version: 2.08)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Age of Conan: Unchained - EU version (x32)
Age of Empires II: HD Edition (x32)
AOC UI Installer 3.1.0 (x32 Version: 3.1.0)
AutoGreen B10.0517.1 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Baldur's Gate: Enhanced Edition (x32)
Bandisoft MPEG-1 Decoder (x32)
Browser Configuration Utility (x32 Version: 1.1.18.0)
CCleaner (Version: 4.09)
CDBurnerXP (x32 Version: 4.5.2.4291)
Chivalry: Medieval Warfare (x32)
Chivalry: Medieval Warfare Beta (x32)
Cockatrice (x32)
Counter-Strike (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130)
Darksiders (x32)
Darksiders II (x32)
DarksidersInstaller (x32 Version: 1.00.1000)
Diablo III (x32)
Divinity II: Developer's Cut (x32)
Dungeon Keeper 2 (x32)
DVD Shrink 3.2 deutsch (DeCSS-frei) (x32)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000)
EasySaver B9.1214.1  (x32 Version: 1.00.0000)
erLT (x32 Version: 1.20.0137)
EXPERTool 7.10 (x32)
Fable III (x32 Version: 1.0.0000.131)
Fable III (x32 Version: 1.0.0001.131)
Fable III (x32 Version: 1.0.0002.131)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
HijackThis 2.0.2 (x32 Version: 2.0.2)
HitmanPro 3.7 (Version: 3.7.8.208)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 35 (x32 Version: 6.0.350)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kaspersky Security Scan (x32 Version: 12.0.1.340)
Kingdoms of Amalur Reckoning (x32)
League of Legends (x32 Version: 1.02.0000)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.50 (Version: 8.50.281)
Logitech SetPoint 5.20 (Version: 5.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires II (x32)
Microsoft Age of Empires II: The Conquerors Expansion (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NC Launcher (GameForge) (x32)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0)
Neverwinter (x32)
Neverwinter Nights 2 (x32 Version: 1.00.0000)
Nexus Mod Manager (Version: 0.46.0)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Legacy) (x32 Version: 9.13.0604)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Oblivion mod manager 1.1.12 (x32)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001)
OpenAL (x32)
Painkiller Hell & Damnation (x32)
Pando Media Booster (x32 Version: 2.3.4.8)
PC Connectivity Solution (x32 Version: 8.15.0.0)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.12)
PunkBuster Services (x32 Version: 0.991)
PVSonyDll (Version: 1.00.0001)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.18.322.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083)
Risen (x32 Version: 1.00.0000)
Saints Row IV (x32)
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio (x32 Version: 1.00.0000)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000)
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver (x32 Version: 6.83.6.2.1)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 6.11 (x32 Version: 6.11.102)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client (x32 Version: 3.0.13.1)
The Elder Scrolls IV: Oblivion  (x32)
The Elder Scrolls V: Skyrim (x32)
The Witcher 2: Assassins of Kings Enhanced Edition (x32)
The Witcher: Enhanced Edition (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Uplay (x32 Version: 2.0)
User's Guides (Version: 1.20.0000)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.1.2 (x32 Version: 2.1.2)
Warcraft III (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WinRAR
YTD Video Downloader 3.9.6 (x32 Version: 3.9.6)

==================== Restore Points  =========================

14-12-2013 11:49:42 Windows Update
21-12-2013 12:49:54 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-07-16 22:00 - 00000883 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1  meetandfuckgames.com www.meetandfuckgames.com

==================== Scheduled Tasks (whitelisted) =============

Task: {11E72BF7-B410-4D37-B5DC-CF05B89918CE} - System32\Tasks\{8E5937B7-AB84-49B6-A10F-FB9A29DAFEF5} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {4D79049C-3227-4E35-B818-AC0482153103} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Task: {81DD45EF-52BE-4E01-9F8B-80918F010D2C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {8387021D-402F-42C8-B3EF-EA156864E5F0} - System32\Tasks\{63CA3002-3D37-40EA-8267-FDFE09BD0571} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {94FB5A87-7E61-4D49-BD6C-BA817D659FC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {9D4F4A26-7EEA-4A80-8CC3-61EE6869DB8A} - System32\Tasks\{9056443D-0831-493D-8D97-F0F8D2EA4304} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.111.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {A4A25FB4-F855-4991-8E25-C1DDFD740610} - System32\Tasks\{C89B9CCB-CB2E-435E-B940-5846DA990E3C} => C:\Riot Games\League of Legends\lol.launcher.exe [2011-05-06] ()
Task: {D3531CFD-9108-44BB-8290-8039C35A9CE0} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21] (Microsoft Corporation)
Task: {DEC88A7C-BEBE-42A6-86F0-D03B4F219070} - System32\Tasks\{ABD0442B-60B7-40B5-BE97-1059677FF1AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {EA846686-65BA-422C-9F45-F8B37ECC2621} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {F1DACD63-B90B-4DF2-A410-6B0B1C5C6033} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-11-07 19:05 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2013-03-28 17:09 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-11-06 13:05 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2010-11-06 13:35 - 1998-10-31 10:55 - 00005120 _____ () C:\Program Files (x86)\EXPERTool\TBManage.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00180224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll
2013-12-12 10:57 - 2013-12-12 10:57 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-10 20:57 - 2013-12-10 20:57 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Public\test.JPG:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2013 04:40:20 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bd0

Startzeit: 01cefff26dcc8d92

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:

Error: (12/22/2013 06:07:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Name des fehlerhaften Moduls: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Ausnahmecode: 0xc0000005
Fehleroffset: 0x008c9591
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xUDK.exe0
Pfad der fehlerhaften Anwendung: UDK.exe1
Pfad des fehlerhaften Moduls: UDK.exe2
Berichtskennung: UDK.exe3

Error: (12/22/2013 06:07:18 PM) (Source: .NET Runtime) (User: )
Description: Application: UDK.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
  at <Module>._WinMainCRTStartup()

Error: (12/22/2013 06:07:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Name des fehlerhaften Moduls: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0053c418
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xUDK.exe0
Pfad der fehlerhaften Anwendung: UDK.exe1
Pfad des fehlerhaften Moduls: UDK.exe2
Berichtskennung: UDK.exe3

Error: (12/21/2013 05:28:21 PM) (Source: Application Hang) (User: )
Description: Programm TESV.exe, Version 1.9.32.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1004

Startzeit: 01cefe6620e64f88

Endzeit: 293

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe

Berichts-ID:

Error: (12/21/2013 05:01:09 PM) (Source: Application Hang) (User: )
Description: Programm TESV.exe, Version 1.9.32.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f8

Startzeit: 01cefe3e0d258d74

Endzeit: 349

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe

Berichts-ID:

Error: (12/12/2013 10:37:07 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: NifCleaner.exe, Version: 0.0.0.0, Zeitstempel: 0x4fccdce5
Name des fehlerhaften Moduls: NifCleaner.exe, Version: 0.0.0.0, Zeitstempel: 0x4fccdce5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002f86
ID des fehlerhaften Prozesses: 0xa90
Startzeit der fehlerhaften Anwendung: 0xNifCleaner.exe0
Pfad der fehlerhaften Anwendung: NifCleaner.exe1
Pfad des fehlerhaften Moduls: NifCleaner.exe2
Berichtskennung: NifCleaner.exe3

Error: (12/10/2013 06:21:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Steam.exe, Version: 2.3.15.38, Zeitstempel: 0x529e94f8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xce0
Startzeit der fehlerhaften Anwendung: 0xSteam.exe0
Pfad der fehlerhaften Anwendung: Steam.exe1
Pfad des fehlerhaften Moduls: Steam.exe2
Berichtskennung: Steam.exe3

Error: (12/06/2013 02:16:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Steam.exe, Version: 2.3.15.38, Zeitstempel: 0x529e94f8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x8cc
Startzeit der fehlerhaften Anwendung: 0xSteam.exe0
Pfad der fehlerhaften Anwendung: Steam.exe1
Pfad des fehlerhaften Moduls: Steam.exe2
Berichtskennung: Steam.exe3

Error: (11/23/2013 05:29:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416, Zeitstempel: 0x462392c7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x5b0
Startzeit der fehlerhaften Anwendung: 0xOblivion.exe0
Pfad der fehlerhaften Anwendung: Oblivion.exe1
Pfad des fehlerhaften Moduls: Oblivion.exe2
Berichtskennung: Oblivion.exe3


System errors:
=============
Error: (12/23/2013 08:18:04 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:03 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:02 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:01 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:00 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:59 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:58 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:57 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:56 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:55 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.


Microsoft Office Sessions:
=========================
Error: (05/02/2012 11:07:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, ApplicationAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2013
Ran by SH at 2013-12-23 20:17:51
Running from C:\Users\SH\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
@BIOS (x32 Version: 2.08)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Age of Conan: Unchained - EU version (x32)
Age of Empires II: HD Edition (x32)
AOC UI Installer 3.1.0 (x32 Version: 3.1.0)
AutoGreen B10.0517.1 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Baldur's Gate: Enhanced Edition (x32)
Bandisoft MPEG-1 Decoder (x32)
Browser Configuration Utility (x32 Version: 1.1.18.0)
CCleaner (Version: 4.09)
CDBurnerXP (x32 Version: 4.5.2.4291)
Cheat Engine 6.0 (x32)
Chivalry: Medieval Warfare (x32)
Chivalry: Medieval Warfare Beta (x32)
Cockatrice (x32)
Counter-Strike (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130)
Darksiders (x32)
Darksiders II (x32)
DarksidersInstaller (x32 Version: 1.00.1000)
Diablo III (x32)
Divinity II: Developer's Cut (x32)
Dungeon Keeper 2 (x32)
DVD Shrink 3.2 deutsch (DeCSS-frei) (x32)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000)
EasySaver B9.1214.1  (x32 Version: 1.00.0000)
erLT (x32 Version: 1.20.0137)
EXPERTool 7.10 (x32)
Fable III (x32 Version: 1.0.0000.131)
Fable III (x32 Version: 1.0.0001.131)
Fable III (x32 Version: 1.0.0002.131)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
HijackThis 2.0.2 (x32 Version: 2.0.2)
HitmanPro 3.7 (Version: 3.7.8.208)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 35 (x32 Version: 6.0.350)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kaspersky Security Scan (x32 Version: 12.0.1.340)
Kingdoms of Amalur Reckoning (x32)
League of Legends (x32 Version: 1.02.0000)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.50 (Version: 8.50.281)
Logitech SetPoint 5.20 (Version: 5.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires II (x32)
Microsoft Age of Empires II: The Conquerors Expansion (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NC Launcher (GameForge) (x32)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0)
Neverwinter (x32)
Neverwinter Nights 2 (x32 Version: 1.00.0000)
Nexus Mod Manager (Version: 0.46.0)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Legacy) (x32 Version: 9.13.0604)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Oblivion mod manager 1.1.12 (x32)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001)
OpenAL (x32)
Painkiller Hell & Damnation (x32)
Pando Media Booster (x32 Version: 2.3.4.8)
PC Connectivity Solution (x32 Version: 8.15.0.0)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.12)
PunkBuster Services (x32 Version: 0.991)
PVSonyDll (Version: 1.00.0001)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.18.322.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083)
Risen (x32 Version: 1.00.0000)
Saints Row IV (x32)
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio (x32 Version: 1.00.0000)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000)
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver (x32 Version: 6.83.6.2.1)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 6.11 (x32 Version: 6.11.102)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client (x32 Version: 3.0.13.1)
The Elder Scrolls IV: Oblivion  (x32)
The Elder Scrolls V: Skyrim (x32)
The Witcher 2: Assassins of Kings Enhanced Edition (x32)
The Witcher: Enhanced Edition (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Uplay (x32 Version: 2.0)
User's Guides (Version: 1.20.0000)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.1.2 (x32 Version: 2.1.2)
Warcraft III (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WinRAR
YTD Video Downloader 3.9.6 (x32 Version: 3.9.6)

==================== Restore Points  =========================

14-12-2013 11:49:42 Windows Update
21-12-2013 12:49:54 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-07-16 22:00 - 00000883 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1  meetandfuckgames.com www.meetandfuckgames.com

==================== Scheduled Tasks (whitelisted) =============

Task: {11E72BF7-B410-4D37-B5DC-CF05B89918CE} - System32\Tasks\{8E5937B7-AB84-49B6-A10F-FB9A29DAFEF5} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {4D79049C-3227-4E35-B818-AC0482153103} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Task: {81DD45EF-52BE-4E01-9F8B-80918F010D2C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {8387021D-402F-42C8-B3EF-EA156864E5F0} - System32\Tasks\{63CA3002-3D37-40EA-8267-FDFE09BD0571} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {94FB5A87-7E61-4D49-BD6C-BA817D659FC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {9D4F4A26-7EEA-4A80-8CC3-61EE6869DB8A} - System32\Tasks\{9056443D-0831-493D-8D97-F0F8D2EA4304} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.111.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {A4A25FB4-F855-4991-8E25-C1DDFD740610} - System32\Tasks\{C89B9CCB-CB2E-435E-B940-5846DA990E3C} => C:\Riot Games\League of Legends\lol.launcher.exe [2011-05-06] ()
Task: {D3531CFD-9108-44BB-8290-8039C35A9CE0} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21] (Microsoft Corporation)
Task: {DEC88A7C-BEBE-42A6-86F0-D03B4F219070} - System32\Tasks\{ABD0442B-60B7-40B5-BE97-1059677FF1AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {EA846686-65BA-422C-9F45-F8B37ECC2621} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {F1DACD63-B90B-4DF2-A410-6B0B1C5C6033} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-11-07 19:05 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2013-03-28 17:09 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-11-06 13:05 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2010-11-06 13:35 - 1998-10-31 10:55 - 00005120 _____ () C:\Program Files (x86)\EXPERTool\TBManage.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00180224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll
2013-12-12 10:57 - 2013-12-12 10:57 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-10 20:57 - 2013-12-10 20:57 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Public\test.JPG:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2013 04:40:20 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bd0

Startzeit: 01cefff26dcc8d92

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:

Error: (12/22/2013 06:07:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Name des fehlerhaften Moduls: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Ausnahmecode: 0xc0000005
Fehleroffset: 0x008c9591
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xUDK.exe0
Pfad der fehlerhaften Anwendung: UDK.exe1
Pfad des fehlerhaften Moduls: UDK.exe2
Berichtskennung: UDK.exe3

Error: (12/22/2013 06:07:18 PM) (Source: .NET Runtime) (User: )
Description: Application: UDK.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
  at <Module>._WinMainCRTStartup()

Error: (12/22/2013 06:07:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Name des fehlerhaften Moduls: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0053c418
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xUDK.exe0
Pfad der fehlerhaften Anwendung: UDK.exe1
Pfad des fehlerhaften Moduls: UDK.exe2
Berichtskennung: UDK.exe3

Error: (12/21/2013 05:28:21 PM) (Source: Application Hang) (User: )
Description: Programm TESV.exe, Version 1.9.32.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1004

Startzeit: 01cefe6620e64f88

Endzeit: 293

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe

Berichts-ID:

Error: (12/21/2013 05:01:09 PM) (Source: Application Hang) (User: )
Description: Programm TESV.exe, Version 1.9.32.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f8

Startzeit: 01cefe3e0d258d74

Endzeit: 349

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe

Berichts-ID:

Error: (12/12/2013 10:37:07 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: NifCleaner.exe, Version: 0.0.0.0, Zeitstempel: 0x4fccdce5
Name des fehlerhaften Moduls: NifCleaner.exe, Version: 0.0.0.0, Zeitstempel: 0x4fccdce5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002f86
ID des fehlerhaften Prozesses: 0xa90
Startzeit der fehlerhaften Anwendung: 0xNifCleaner.exe0
Pfad der fehlerhaften Anwendung: NifCleaner.exe1
Pfad des fehlerhaften Moduls: NifCleaner.exe2
Berichtskennung: NifCleaner.exe3

Error: (12/10/2013 06:21:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Steam.exe, Version: 2.3.15.38, Zeitstempel: 0x529e94f8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xce0
Startzeit der fehlerhaften Anwendung: 0xSteam.exe0
Pfad der fehlerhaften Anwendung: Steam.exe1
Pfad des fehlerhaften Moduls: Steam.exe2
Berichtskennung: Steam.exe3

Error: (12/06/2013 02:16:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Steam.exe, Version: 2.3.15.38, Zeitstempel: 0x529e94f8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x8cc
Startzeit der fehlerhaften Anwendung: 0xSteam.exe0
Pfad der fehlerhaften Anwendung: Steam.exe1
Pfad des fehlerhaften Moduls: Steam.exe2
Berichtskennung: Steam.exe3

Error: (11/23/2013 05:29:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416, Zeitstempel: 0x462392c7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x5b0
Startzeit der fehlerhaften Anwendung: 0xOblivion.exe0
Pfad der fehlerhaften Anwendung: Oblivion.exe1
Pfad des fehlerhaften Moduls: Oblivion.exe2
Berichtskennung: Oblivion.exe3


System errors:
=============
Error: (12/23/2013 08:18:04 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:03 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:02 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:01 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:00 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:59 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:58 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:57 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:56 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:55 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.


Microsoft Office Sessions:
=========================
Error: (05/02/2012 11:07:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/05/2011 04:01:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-06-19 18:21:39.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SH\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-06-19 18:21:39.352
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SH\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-06-19 18:21:38.677
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-06-19 18:21:38.612
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.980
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.933
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.715
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.668Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2013
Ran by SH at 2013-12-23 20:17:51
Running from C:\Users\SH\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
@BIOS (x32 Version: 2.08)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Age of Conan: Unchained - EU version (x32)
Age of Empires II: HD Edition (x32)
AOC UI Installer 3.1.0 (x32 Version: 3.1.0)
AutoGreen B10.0517.1 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Baldur's Gate: Enhanced Edition (x32)
Bandisoft MPEG-1 Decoder (x32)
Browser Configuration Utility (x32 Version: 1.1.18.0)
CCleaner (Version: 4.09)
CDBurnerXP (x32 Version: 4.5.2.4291)
Cheat Engine 6.0 (x32)
Chivalry: Medieval Warfare (x32)
Chivalry: Medieval Warfare Beta (x32)
Cockatrice (x32)
Counter-Strike (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130)
Darksiders (x32)
Darksiders II (x32)
DarksidersInstaller (x32 Version: 1.00.1000)
Diablo III (x32)
Divinity II: Developer's Cut (x32)
Dungeon Keeper 2 (x32)
DVD Shrink 3.2 deutsch (DeCSS-frei) (x32)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000)
EasySaver B9.1214.1  (x32 Version: 1.00.0000)
erLT (x32 Version: 1.20.0137)
EXPERTool 7.10 (x32)
Fable III (x32 Version: 1.0.0000.131)
Fable III (x32 Version: 1.0.0001.131)
Fable III (x32 Version: 1.0.0002.131)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
HijackThis 2.0.2 (x32 Version: 2.0.2)
HitmanPro 3.7 (Version: 3.7.8.208)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 35 (x32 Version: 6.0.350)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kaspersky Security Scan (x32 Version: 12.0.1.340)
Kingdoms of Amalur Reckoning (x32)
League of Legends (x32 Version: 1.02.0000)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.50 (Version: 8.50.281)
Logitech SetPoint 5.20 (Version: 5.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires II (x32)
Microsoft Age of Empires II: The Conquerors Expansion (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NC Launcher (GameForge) (x32)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0)
Neverwinter (x32)
Neverwinter Nights 2 (x32 Version: 1.00.0000)
Nexus Mod Manager (Version: 0.46.0)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Legacy) (x32 Version: 9.13.0604)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Oblivion mod manager 1.1.12 (x32)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001)
OpenAL (x32)
Painkiller Hell & Damnation (x32)
Pando Media Booster (x32 Version: 2.3.4.8)
PC Connectivity Solution (x32 Version: 8.15.0.0)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.12)
PunkBuster Services (x32 Version: 0.991)
PVSonyDll (Version: 1.00.0001)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.18.322.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083)
Risen (x32 Version: 1.00.0000)
Saints Row IV (x32)
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio (x32 Version: 1.00.0000)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000)
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver (x32 Version: 6.83.6.2.1)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 6.11 (x32 Version: 6.11.102)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client (x32 Version: 3.0.13.1)
The Elder Scrolls IV: Oblivion  (x32)
The Elder Scrolls V: Skyrim (x32)
The Witcher 2: Assassins of Kings Enhanced Edition (x32)
The Witcher: Enhanced Edition (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Uplay (x32 Version: 2.0)
User's Guides (Version: 1.20.0000)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.1.2 (x32 Version: 2.1.2)
Warcraft III (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WinRAR
YTD Video Downloader 3.9.6 (x32 Version: 3.9.6)

==================== Restore Points  =========================

14-12-2013 11:49:42 Windows Update
21-12-2013 12:49:54 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-07-16 22:00 - 00000883 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1  meetandfuckgames.com www.meetandfuckgames.com

==================== Scheduled Tasks (whitelisted) =============

Task: {11E72BF7-B410-4D37-B5DC-CF05B89918CE} - System32\Tasks\{8E5937B7-AB84-49B6-A10F-FB9A29DAFEF5} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {4D79049C-3227-4E35-B818-AC0482153103} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Task: {81DD45EF-52BE-4E01-9F8B-80918F010D2C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {8387021D-402F-42C8-B3EF-EA156864E5F0} - System32\Tasks\{63CA3002-3D37-40EA-8267-FDFE09BD0571} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {94FB5A87-7E61-4D49-BD6C-BA817D659FC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {9D4F4A26-7EEA-4A80-8CC3-61EE6869DB8A} - System32\Tasks\{9056443D-0831-493D-8D97-F0F8D2EA4304} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.111.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {A4A25FB4-F855-4991-8E25-C1DDFD740610} - System32\Tasks\{C89B9CCB-CB2E-435E-B940-5846DA990E3C} => C:\Riot Games\League of Legends\lol.launcher.exe [2011-05-06] ()
Task: {D3531CFD-9108-44BB-8290-8039C35A9CE0} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21] (Microsoft Corporation)
Task: {DEC88A7C-BEBE-42A6-86F0-D03B4F219070} - System32\Tasks\{ABD0442B-60B7-40B5-BE97-1059677FF1AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {EA846686-65BA-422C-9F45-F8B37ECC2621} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {F1DACD63-B90B-4DF2-A410-6B0B1C5C6033} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-11-07 19:05 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2013-03-28 17:09 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-11-06 13:05 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2010-11-06 13:35 - 1998-10-31 10:55 - 00005120 _____ () C:\Program Files (x86)\EXPERTool\TBManage.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00180224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll
2013-12-12 10:57 - 2013-12-12 10:57 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-10 20:57 - 2013-12-10 20:57 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Public\test.JPG:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2013 04:40:20 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bd0

Startzeit: 01cefff26dcc8d92

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:

Error: (12/22/2013 06:07:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Name des fehlerhaften Moduls: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Ausnahmecode: 0xc0000005
Fehleroffset: 0x008c9591
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xUDK.exe0
Pfad der fehlerhaften Anwendung: UDK.exe1
Pfad des fehlerhaften Moduls: UDK.exe2
Berichtskennung: UDK.exe3

Error: (12/22/2013 06:07:18 PM) (Source: .NET Runtime) (User: )
Description: Application: UDK.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
  at <Module>._WinMainCRTStartup()

Error: (12/22/2013 06:07:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Name des fehlerhaften Moduls: UDK.exe, Version: 1.0.10246.0, Zeitstempel: 0x52b1e938
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0053c418
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xUDK.exe0
Pfad der fehlerhaften Anwendung: UDK.exe1
Pfad des fehlerhaften Moduls: UDK.exe2
Berichtskennung: UDK.exe3

Error: (12/21/2013 05:28:21 PM) (Source: Application Hang) (User: )
Description: Programm TESV.exe, Version 1.9.32.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1004

Startzeit: 01cefe6620e64f88

Endzeit: 293

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe

Berichts-ID:

Error: (12/21/2013 05:01:09 PM) (Source: Application Hang) (User: )
Description: Programm TESV.exe, Version 1.9.32.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f8

Startzeit: 01cefe3e0d258d74

Endzeit: 349

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe

Berichts-ID:

Error: (12/12/2013 10:37:07 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: NifCleaner.exe, Version: 0.0.0.0, Zeitstempel: 0x4fccdce5
Name des fehlerhaften Moduls: NifCleaner.exe, Version: 0.0.0.0, Zeitstempel: 0x4fccdce5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002f86
ID des fehlerhaften Prozesses: 0xa90
Startzeit der fehlerhaften Anwendung: 0xNifCleaner.exe0
Pfad der fehlerhaften Anwendung: NifCleaner.exe1
Pfad des fehlerhaften Moduls: NifCleaner.exe2
Berichtskennung: NifCleaner.exe3

Error: (12/10/2013 06:21:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Steam.exe, Version: 2.3.15.38, Zeitstempel: 0x529e94f8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xce0
Startzeit der fehlerhaften Anwendung: 0xSteam.exe0
Pfad der fehlerhaften Anwendung: Steam.exe1
Pfad des fehlerhaften Moduls: Steam.exe2
Berichtskennung: Steam.exe3

Error: (12/06/2013 02:16:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Steam.exe, Version: 2.3.15.38, Zeitstempel: 0x529e94f8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x8cc
Startzeit der fehlerhaften Anwendung: 0xSteam.exe0
Pfad der fehlerhaften Anwendung: Steam.exe1
Pfad des fehlerhaften Moduls: Steam.exe2
Berichtskennung: Steam.exe3

Error: (11/23/2013 05:29:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416, Zeitstempel: 0x462392c7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x5b0
Startzeit der fehlerhaften Anwendung: 0xOblivion.exe0
Pfad der fehlerhaften Anwendung: Oblivion.exe1
Pfad des fehlerhaften Moduls: Oblivion.exe2
Berichtskennung: Oblivion.exe3


System errors:
=============
Error: (12/23/2013 08:18:04 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:03 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:02 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:01 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:18:00 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:59 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:58 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:57 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:56 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (12/23/2013 08:17:55 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.


Microsoft Office Sessions:
=========================
Error: (05/02/2012 11:07:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/05/2011 04:01:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-06-19 18:21:39.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SH\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-06-19 18:21:39.352
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SH\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-06-19 18:21:38.677
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-06-19 18:21:38.612
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.980
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.933
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.715
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 17:32:34.668
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-12 17:34:36.417
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-12 17:34:36.339
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8189.55 MB
Available physical RAM: 6296.51 MB
Total Pagefile: 16377.29 MB
Available Pagefile: 13893.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:332.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: AB44D55A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Defogger
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:01 on 23/12/2013 (SH)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
Code:
HitmanPro 3.7.8.208
www.hitmanpro.com

  Computer name . . . . : SH-PC
  Windows . . . . . . . : 6.1.1.7601.X64/6
  User name . . . . . . : SH-PC\SH
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Free

  Scan date . . . . . . : 2013-12-23 21:36:57
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 2m 45s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 13

  Objects scanned . . . : 1.966.853
  Files scanned . . . . : 25.433
  Remnants scanned  . . : 663.929 files / 1.277.491 keys

Cookies _____________________________________________________________________

  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:ad.dyntracker.de
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:ads.jinkads.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:ads.yahoo.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:adtech.de
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:advertising.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:apmebf.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:atdmt.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:bs.serving-sys.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:doubleclick.net
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:media6degrees.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:ru4.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:serving-sys.com
  C:\Users\SH\AppData\Roaming\Mozilla\Firefox\Profiles\uolaxxms.default-1387813295714\cookies.sqlite:track.adform.net

Ren2 23.12.2013 22:05
OTL

Code:
OTL logfile created on: 23.12.2013 20:03:24 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\SH\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 3,86 Gb Available Physical Memory | 48,26% Memory free
15,99 Gb Paging File | 10,78 Gb Available in Paging File | 67,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 332,15 Gb Free Space | 35,66% Space Free | Partition Type: NTFS
 
Computer Name: SH-PC | User Name: SH | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\SH\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\GameOverlayUI.exe (Valve Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe (Bethesda Softworks)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\EXPERTool\TBPANEL.exe (Gainward Co.)
PRC - C:\Windows\SysWOW64\XSrvSetup.exe ()
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\audio.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Steam\bin\mssvoice.asi ()
MOD - C:\Program Files (x86)\Steam\bin\mssmp3.asi ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\EXPERTool\TBManage.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV - (HitmanProScheduler) -- C:\Programme\HitmanPro\hmpsched.exe (SurfRight B.V.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (KSS) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (JMB36X) -- C:\Windows\SysWOW64\XSrvSetup.exe ()
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (LGSHidFilt) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys (Logitech Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bbus) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI)
DRV:64bit: - (ss_bmdfl) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (s1018mdm) -- C:\Windows\SysNative\drivers\s1018mdm.sys (MCCI Corporation)
DRV:64bit: - (s1018unic) -- C:\Windows\SysNative\drivers\s1018unic.sys (MCCI Corporation)
DRV:64bit: - (s1018mgmt) -- C:\Windows\SysNative\drivers\s1018mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1018obex) -- C:\Windows\SysNative\drivers\s1018obex.sys (MCCI Corporation)
DRV:64bit: - (s1018bus) -- C:\Windows\SysNative\drivers\s1018bus.sys (MCCI Corporation)
DRV:64bit: - (s1018nd5) -- C:\Windows\SysNative\drivers\s1018nd5.sys (MCCI Corporation)
DRV:64bit: - (s1018mdfl) -- C:\Windows\SysNative\drivers\s1018mdfl.sys (MCCI Corporation)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (AODDriver) -- C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (Secdrv) -- C:\Windows\SysWOW64\drivers\SECDRV.SYS ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 C7 3E 7F B1 43 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{4E2F722B-1D5F-408b-8855-DEDA154E8ABF}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKCU\..\SearchScopes\{6D2E3FA5-9F5A-4189-AA11-F94A2A74CDBC}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
IE - HKCU\..\SearchScopes\{D1CF62D5-4C9F-4592-8688-260ABE44B177}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYAT&apn_uid=FD409CC9-BF12-4B3E-8338-2E4EE57E6093&apn_sauid=2310579D-D991-4AE6-AFF7-C9E55E5608FF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.12.12 10:57:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.12.12 10:57:08 | 000,000,000 | ---D | M]
 
[2012.09.09 15:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SH\AppData\Roaming\mozilla\Extensions
[2013.12.12 10:57:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.12.12 10:57:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.12 10:57:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2013.12.12 10:57:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.12.12 10:57:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.12.12 10:57:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2012.07.16 22:00:03 | 000,000,883 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1  meetandfuckgames.com www.meetandfuckgames.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC5452B4-DF58-4269-97A1-DF2BD1D6F263}: DhcpNameServer = 195.34.133.21 212.186.211.21
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2d752eb6-4a67-11e0-a483-1c6f654a916e}\Shell - "" = AutoRun
O33 - MountPoints2\{2d752eb6-4a67-11e0-a483-1c6f654a916e}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{61ead8a0-e9d3-11df-a7b8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{61ead8a0-e9d3-11df-a7b8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{852eb75c-ea98-11df-9c1e-1c6f654a916e}\Shell - "" = AutoRun
O33 - MountPoints2\{852eb75c-ea98-11df-9c1e-1c6f654a916e}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{d2032985-4192-11e3-8f45-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d2032985-4192-11e3-8f45-806e6f6e6963}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.12.23 17:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.12.23 17:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.12.23 17:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2013.12.23 17:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013.12.23 17:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.12.23 17:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.12.23 17:12:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.12.23 17:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.12.23 16:58:10 | 000,000,000 | ---D | C] -- C:\Users\SH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013.12.23 16:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.12.23 16:57:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.12.15 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\SH\AppData\Local\CDWLauncher
[2013.12.15 11:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.12.15 11:45:54 | 000,000,000 | ---D | C] -- C:\Users\SH\AppData\Roaming\Canneverbe Limited
[2013.12.15 11:45:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013.12.12 10:57:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.12.12 10:50:14 | 000,000,000 | ---D | C] -- C:\Games
[2013.12.12 10:49:26 | 000,000,000 | ---D | C] -- C:\Nexus Mod Manager
[2013.12.12 10:48:02 | 000,000,000 | ---D | C] -- C:\Users\SH\Documents\Nexus Mod Manager
[2013.12.12 10:48:02 | 000,000,000 | ---D | C] -- C:\Users\SH\AppData\Local\Black_Tree_Gaming
[2013.12.12 10:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2013.12.12 10:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2013.12.11 21:38:45 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013.12.11 21:38:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013.12.11 21:38:45 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013.12.11 21:38:44 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013.12.11 21:37:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013.12.11 21:37:32 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.12.11 21:37:32 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.12.11 21:37:32 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.12.11 21:37:32 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.12.11 21:37:32 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013.12.11 21:37:32 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.12.11 21:37:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013.12.11 21:37:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.12.11 21:37:31 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.12.11 21:37:31 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013.12.11 21:37:31 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.12.11 21:37:31 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013.12.11 21:37:30 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.12.11 21:37:30 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.12.11 21:37:28 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.12.11 18:35:43 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013.12.11 18:35:43 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013.12.11 18:35:41 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.12.11 18:35:41 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.12.11 18:35:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.12.11 18:35:36 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013.12.11 18:35:36 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013.12.11 18:35:35 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013.12.11 18:35:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013.12.11 18:35:35 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013.12.11 18:35:35 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013.12.11 18:35:35 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013.12.11 18:35:35 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013.12.03 19:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.12.03 07:39:24 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013.12.03 07:36:07 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.12.03 07:36:07 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.12.03 07:36:05 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.12.03 07:36:05 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013.12.03 07:36:05 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.12.03 07:36:05 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.12.03 07:36:05 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.12.03 07:36:05 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.12.03 07:36:05 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.12.03 07:36:05 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.12.03 07:36:05 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.12.03 07:36:05 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.12.03 07:36:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.12.03 07:36:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.12.03 07:36:05 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.12.03 07:36:05 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.12.03 07:36:05 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.12.03 07:36:05 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013.12.03 07:36:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.12.03 07:36:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.12.03 07:36:04 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.12.03 07:36:04 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013.12.03 07:36:04 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.12.03 07:36:04 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.12.03 07:36:04 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.12.03 07:36:04 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.12.03 07:36:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.12.03 07:36:04 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.12.03 07:36:04 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.12.03 07:36:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.12.03 07:36:04 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.12.03 07:36:04 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.12.03 07:36:04 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.12.03 07:36:04 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.12.03 07:36:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.12.03 07:36:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.12.03 07:36:04 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.12.03 07:36:04 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.12.03 07:36:04 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.12.03 07:36:04 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.12.03 07:36:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.12.03 07:36:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.12.03 07:36:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013.12.03 07:36:04 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.12.03 07:36:04 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013.12.03 07:36:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.12.03 07:36:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.12.03 07:36:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013.12.03 07:36:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.12.03 07:36:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.12.03 07:36:03 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.12.03 07:36:03 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.12.03 07:36:03 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.12.03 07:36:03 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.12.03 07:36:03 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.12.03 07:36:03 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.12.03 07:36:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.12.03 07:36:03 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.12.03 07:36:03 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.12.03 07:36:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013.12.03 07:36:03 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.12.03 07:36:03 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.12.03 07:36:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.12.03 07:36:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.12.23 19:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.23 17:18:09 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.12.23 17:16:46 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013.12.23 17:12:19 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.12.23 16:58:06 | 000,001,077 | ---- | M] () -- C:\Users\SH\Desktop\Kaspersky Security Scan.lnk
[2013.12.23 10:59:14 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.23 10:59:14 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.23 10:51:51 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.12.23 10:51:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.23 10:51:42 | 2145,558,527 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.22 16:25:19 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.22 16:25:19 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.12.22 16:25:19 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.22 16:25:19 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.12.22 16:25:19 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.18 18:03:08 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.12.18 18:03:08 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.12.18 18:03:08 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.12.15 18:52:28 | 000,000,222 | ---- | M] () -- C:\Users\SH\Desktop\Chivalry Medieval Warfare.url
[2013.12.15 18:52:28 | 000,000,222 | ---- | M] () -- C:\Users\SH\Desktop\Chivalry Medieval Warfare Beta.url
[2013.12.15 11:45:54 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.12.12 10:49:27 | 000,000,684 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013.12.12 08:11:01 | 000,421,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.10 20:57:07 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.10 20:57:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.10 19:13:31 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.12.09 18:22:45 | 000,000,222 | ---- | M] () -- C:\Users\SH\Desktop\Neverwinter.url
[2013.12.03 18:26:47 | 000,000,222 | ---- | M] () -- C:\Users\SH\Desktop\Age of Empires II HD Edition.url
[2013.12.03 07:36:07 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.12.03 07:36:07 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.12.03 07:36:05 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.12.03 07:36:05 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013.12.03 07:36:05 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.12.03 07:36:05 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.12.03 07:36:05 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.12.03 07:36:05 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.12.03 07:36:05 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.12.03 07:36:05 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.12.03 07:36:05 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.12.03 07:36:05 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.12.03 07:36:05 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.12.03 07:36:05 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.12.03 07:36:05 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.12.03 07:36:05 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.12.03 07:36:05 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.12.03 07:36:05 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013.12.03 07:36:05 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.12.03 07:36:05 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.12.03 07:36:05 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.12.03 07:36:04 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.12.03 07:36:04 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013.12.03 07:36:04 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.12.03 07:36:04 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.12.03 07:36:04 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.12.03 07:36:04 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.12.03 07:36:04 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.12.03 07:36:04 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.12.03 07:36:04 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.12.03 07:36:04 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.12.03 07:36:04 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.12.03 07:36:04 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.12.03 07:36:04 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.12.03 07:36:04 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.12.03 07:36:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.12.03 07:36:04 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.12.03 07:36:04 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.12.03 07:36:04 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.12.03 07:36:04 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.12.03 07:36:04 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.12.03 07:36:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.12.03 07:36:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.12.03 07:36:04 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013.12.03 07:36:04 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.12.03 07:36:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013.12.03 07:36:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.12.03 07:36:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.12.03 07:36:04 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013.12.03 07:36:04 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.12.03 07:36:04 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.12.03 07:36:04 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.12.03 07:36:03 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.12.03 07:36:03 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.12.03 07:36:03 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.12.03 07:36:03 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.12.03 07:36:03 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.12.03 07:36:03 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.12.03 07:36:03 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.12.03 07:36:03 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.12.03 07:36:03 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.12.03 07:36:03 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013.12.03 07:36:03 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.12.03 07:36:03 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.12.03 07:36:03 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.12.03 07:36:03 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.11.26 11:18:23 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013.11.26 10:48:07 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.11.26 10:46:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013.11.26 10:27:54 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.11.26 10:21:24 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.11.26 10:18:39 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.11.26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013.11.26 10:16:57 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013.11.26 09:57:44 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.11.26 09:35:02 | 005,769,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.11.26 09:32:08 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.11.26 09:28:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013.11.26 09:02:16 | 001,995,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.11.26 08:32:06 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.11.26 07:34:55 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.11.26 07:34:27 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.11.25 18:24:35 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.12.23 17:18:09 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.12.23 17:16:46 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013.12.23 17:12:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.12.23 16:58:10 | 000,001,077 | ---- | C] () -- C:\Users\SH\Desktop\Kaspersky Security Scan.lnk
[2013.12.15 18:52:28 | 000,000,222 | ---- | C] () -- C:\Users\SH\Desktop\Chivalry Medieval Warfare Beta.url
[2013.12.15 18:52:26 | 000,000,222 | ---- | C] () -- C:\Users\SH\Desktop\Chivalry Medieval Warfare.url
[2013.12.15 11:45:54 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.12.15 11:45:54 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.12.12 10:47:59 | 000,000,684 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013.12.09 18:22:45 | 000,000,222 | ---- | C] () -- C:\Users\SH\Desktop\Neverwinter.url
[2013.12.03 18:26:47 | 000,000,222 | ---- | C] () -- C:\Users\SH\Desktop\Age of Empires II HD Edition.url
[2013.12.03 07:36:05 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.12.03 07:36:04 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.11 00:01:13 | 000,017,408 | ---- | C] () -- C:\Users\SH\AppData\Local\WebpageIcons.db
[2012.12.03 22:07:51 | 000,005,120 | ---- | C] () -- C:\Users\SH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.11.09 19:42:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.07 18:28:04 | 000,007,650 | ---- | C] () -- C:\Users\SH\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2013.11.22 14:37:45 | 105,660,331 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㮶왟브“
[2013.11.22 14:37:45 | 105,660,331 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㮶왟브“
[2013.11.17 19:39:06 | 104,760,117 | ---- | M] ()(C:\Windows\SysWow64\???¨) -- C:\Windows\SysWow64\㑮⽔브¨
[2013.11.17 19:39:06 | 104,760,117 | ---- | C] ()(C:\Windows\SysWow64\???¨) -- C:\Windows\SysWow64\㑮⽔브¨
[2013.11.14 09:26:36 | 104,179,408 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\玼⒰브™
[2013.11.14 09:26:36 | 104,179,408 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\玼⒰브™
[2013.10.30 19:42:31 | 104,193,179 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\Ψꑁ브˜
[2013.10.30 19:42:31 | 104,193,179 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\Ψꑁ브˜
[2013.10.24 18:37:39 | 102,837,954 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\셥亸브
[2013.10.24 12:37:33 | 102,837,954 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\셥亸브
[2013.10.03 06:42:05 | 098,878,632 | ---- | M] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\䉬⹥브H
[2013.10.03 06:42:05 | 098,878,632 | ---- | C] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\䉬⹥브H
[2013.09.13 07:11:27 | 097,443,711 | ---- | M] ()(C:\Windows\SysWow64\?z?¢) -- C:\Windows\SysWow64\瓰z브¢
[2013.09.13 07:11:27 | 097,443,711 | ---- | C] ()(C:\Windows\SysWow64\?z?¢) -- C:\Windows\SysWow64\瓰z브¢

< End of report >
Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-23 20:46:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-5 WDC_WD10EALS-00Z8A0 rev.05.01D05 931,51GB
Running: t9byx514.exe; Driver: C:\Users\SH\AppData\Local\Temp\pxldypoc.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                          fffff800037eb000 45 bytes [00, 00, 10, 02, 4E, 74, 66, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                          fffff800037eb02f 29 bytes [00, 01, 00, 06, 00, 00, 00, ...]
.text    C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload                                                                                            fffff8800449ad8c 12 bytes {MOV RAX, 0xfffffa80086f62a0; JMP RAX}

---- Devices - GMER 2.1 ----

Device    \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-5                                                                                                  fffffa8006ad62c0
Device    \Driver\atapi \Device\Ide\IdePort0                                                                                                          fffffa8006ad62c0
Device    \Driver\atapi \Device\Ide\IdePort1                                                                                                          fffffa8006ad62c0
Device    \Driver\atapi \Device\Ide\IdePort2                                                                                                          fffffa8006ad62c0
Device    \Driver\atapi \Device\Ide\IdePort3                                                                                                          fffffa8006ad62c0
Device    \Driver\alq6ips2 \Device\Scsi\alq6ips21                                                                                                      fffffa800877d2c0
Device    \Driver\alq6ips2 \Device\Scsi\alq6ips21Port6Path0Target0Lun0                                                                                fffffa800877d2c0
Device    \FileSystem\Ntfs \Ntfs                                                                                                                      fffffa8006adb2c0
Device    \FileSystem\fastfat \Fat                                                                                                                    fffffa80075162c0
Device    \Driver\usbohci \Device\USBPDO-5                                                                                                            fffffa80086f32c0
Device    \Driver\usbehci \Device\USBFDO-3                                                                                                            fffffa80087302c0
Device    \Driver\usbehci \Device\USBPDO-1                                                                                                            fffffa80087302c0
Device    \Driver\cdrom \Device\CdRom0                                                                                                                fffffa8007c712c0
Device    \Driver\cdrom \Device\CdRom1                                                                                                                fffffa8007c712c0
Device    \Driver\usbehci \Device\USBPDO-6                                                                                                            fffffa80087302c0
Device    \Driver\usbohci \Device\USBFDO-4                                                                                                            fffffa80086f32c0
Device    \Driver\usbohci \Device\USBPDO-2                                                                                                            fffffa80086f32c0
Device    \Driver\usbohci \Device\USBFDO-0                                                                                                            fffffa80086f32c0
Device    \Driver\usbohci \Device\USBFDO-5                                                                                                            fffffa80086f32c0
Device    \Driver\usbehci \Device\USBPDO-3                                                                                                            fffffa80087302c0
Device    \Driver\usbehci \Device\USBFDO-1                                                                                                            fffffa80087302c0
Device    \Driver\volmgr \Device\HarddiskVolume1                                                                                                      fffffa8006ad12c0
Device    \Driver\volmgr \Device\FtControl                                                                                                            fffffa8006ad12c0
Device    \Driver\volmgr \Device\VolMgrControl                                                                                                        fffffa8006ad12c0
Device    \Driver\volmgr \Device\HarddiskVolume2                                                                                                      fffffa8006ad12c0
Device    \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                      fffffa80084c72c0
Device    \Driver\usbehci \Device\USBFDO-6                                                                                                            fffffa80087302c0
Device    \Driver\usbohci \Device\USBPDO-4                                                                                                            fffffa80086f32c0
Device    \Driver\usbohci \Device\USBFDO-2                                                                                                            fffffa80086f32c0
Device    \Driver\usbohci \Device\USBPDO-0                                                                                                            fffffa80086f32c0
Device    \Driver\atapi \Device\ScsiPort2                                                                                                              fffffa8006ad62c0
Device    \Driver\atapi \Device\ScsiPort3                                                                                                              fffffa8006ad62c0
Device    \Driver\atapi \Device\ScsiPort4                                                                                                              fffffa8006ad62c0
Device    \Driver\atapi \Device\ScsiPort5                                                                                                              fffffa8006ad62c0
Device    \Driver\alq6ips2 \Device\ScsiPort6                                                                                                          fffffa800877d2c0

---- Trace I/O - GMER 2.1 ----

Trace    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006ad62c0]<< spkc.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys  fffffa8006ad62c0
Trace    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007bc3060]                                                                              fffffa8007bc3060
Trace    3 CLASSPNP.SYS[fffff880013cb43f] -> nt!IofCallDriver -> [0xfffffa80078a54d0]                                                                fffffa80078a54d0
Trace    5 ACPI.sys[fffff8800119e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-5[0xfffffa80078cb060]                                        fffffa80078cb060
Trace    \Driver\atapi[0xfffffa80078b5cb0] -> IRP_MJ_CREATE -> 0xfffffa8006ad62c0                                                                    fffffa8006ad62c0

---- Modules - GMER 2.1 ----

Module    \SystemRoot\System32\Drivers\alq6ips2.SYS                                                                                                    fffff880056ee000-fffff88005733000 (282624 bytes)

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                                          771343423
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                                          285507792
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                                          1
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                           
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                          C:\Program Files (x86)\DAEMON Tools Lite\
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                          0x00 0x00 0x00 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                          0
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                      0x8D 0x96 0xE8 0xA4 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                                   
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                0x20 0x01 0x00 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                              0xAD 0x89 0x88 0x42 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                             
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                        0x9F 0x68 0xB4 0x69 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                       
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                              C:\Program Files (x86)\DAEMON Tools Lite\
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                              0x00 0x00 0x00 0x00 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                              0
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                          0x8D 0x96 0xE8 0xA4 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                               
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                    0x20 0x01 0x00 0x00 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                  0xAD 0x89 0x88 0x42 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                         
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                            0x9F 0x68 0xB4 0x69 ...

---- EOF - GMER 2.1 ----


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:04 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131