Trojaner-Board - Doppelklick !!

Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [VIAxHCUtl] - C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3456080 2013-06-04] (Electronic Arts)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [1558480 2013-07-03] (APN)
Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKCU - {55D7BC98-2989-4393-84E2-A26AB679F4D2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=d5257167-90e6-4b4d-a303-224869787538&apn_sauid=D9DEEAD4-1818-421C-A2F0-CA9F22C774DF
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default
FF SelectedSearchEngine: SecureSearch
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: toolbar_AVIRA-V7 - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: youtubeunblocker - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{35379F86-8CCB-4724-AE33-4278DE266C70}
FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD"
CHR DefaultSearchURL: (SecureSearch) - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_1&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: (SecureSearch) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\19.52819_0
CHR Extension: (AdBlock) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-03] (APN LLC.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-14] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-07-05] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-05] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-21] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-07-05] (GFI Software)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-17 19:20 - 2013-07-17 19:20 - 00014765 _____ C:\Users\sandennis\Downloads\Addition.txt
2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST
2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Downloads\FRST64.exe
2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000056 _____ C:\Windows\setupact.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\APN
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 18:34 - 2013-06-20 14:48 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-17 18:34 - 2013-06-20 14:48 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-17 18:34 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-17 18:31 - 2013-07-17 18:33 - 104943936 _____ C:\Users\sandennis\Downloads\avira3737_free_antivirus_de.exe
2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 18:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-17 18:01 - 2013-07-17 18:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sandennis\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-17 18:00 - 2013-07-17 19:18 - 00527340 _____ C:\Windows\WindowsUpdate.log
2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt
2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt
2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Downloads\adwcleaner.exe
2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-07-17 00:38 - 2013-07-17 13:10 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt
2013-07-17 00:38 - 2013-07-17 13:10 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt
2013-07-17 00:33 - 2013-07-17 00:33 - 25926183 _____ C:\Users\sandennis\Downloads\mt-x_setup.rar
2013-07-17 00:24 - 2013-07-17 01:49 - 00000000 ____D C:\Users\sandennis\Downloads\CIVI 5 trainer
2013-07-17 00:23 - 2013-07-17 00:23 - 00352855 _____ C:\Users\sandennis\Downloads\d2a536_4e9f4246e5ce6.zip
2013-07-16 22:10 - 2013-07-16 22:10 - 00016589 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationV@www.torrent.to.torrent
2013-07-16 21:55 - 2013-07-16 21:55 - 01658935 _____ (System SoftLab ) C:\Users\sandennis\Downloads\artmoney741eng.exe
2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games
2013-07-16 21:28 - 2013-07-16 21:28 - 00096835 _____ C:\Users\sandennis\Downloads\CivV_and_CivV_GaK_and_NW_v1-0-3-18_Steam_S2-1.CT
2013-07-15 14:02 - 2013-07-15 14:02 - 00019971 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationVBraveNewWorldGERMAN-0x0007@www.torrent.to.torrent
2013-07-15 13:00 - 2013-07-15 13:00 - 00040081 _____ C:\Users\sandennis\Downloads\[kickass.to]die.gilde.1.german.deutsch.torrent
2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-15 12:19 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-15 12:19 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-15 12:19 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games
2013-07-14 21:04 - 2013-07-14 21:10 - 229594432 _____ (NVIDIA Corporation) C:\Users\sandennis\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam
2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job
2013-07-10 20:06 - 2013-07-10 20:14 - 00000000 ____D C:\Users\sandennis\Downloads\AVG Internet Security 2013 (64bit) + Serials Germa
2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games
2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt
2013-07-05 12:41 - 2013-07-05 14:13 - 00000000 ____D C:\Qoobox
2013-07-05 12:41 - 2013-07-05 14:12 - 00000000 ____D C:\Windows\erdnt
2013-07-05 12:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-05 12:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-05 12:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-05 12:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-05 12:36 - 2013-07-05 14:13 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus
2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ___HD C:\$AVG
2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013
2013-07-05 12:32 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\MFAData
2013-07-05 12:32 - 2013-07-15 11:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013
2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData
2013-06-29 02:06 - 2013-06-29 02:07 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games
2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-19 16:38 - 2008-09-12 19:24 - 03722809 _____ C:\Users\sandennis\Downloads\Vampire.3gp

==================== One Month Modified Files and Folders =======

2013-07-17 19:21 - 2009-07-14 12:49 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-07-17 19:21 - 2009-07-14 12:49 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-07-17 19:21 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 19:20 - 2013-07-17 19:20 - 00014765 _____ C:\Users\sandennis\Downloads\Addition.txt
2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST
2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Downloads\FRST64.exe
2013-07-17 19:18 - 2013-07-17 18:00 - 00527340 _____ C:\Windows\WindowsUpdate.log
2013-07-17 19:16 - 2013-03-23 14:47 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DVDVideoSoft
2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000056 _____ C:\Windows\setupact.log
2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-17 19:15 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-17 19:15 - 2013-03-21 02:28 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-17 19:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-17 19:14 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-17 19:14 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-17 18:56 - 2013-03-21 01:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\ProgramData\APN
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 18:34 - 2013-03-22 14:27 - 00000000 ____D C:\ProgramData\Avira
2013-07-17 18:33 - 2013-07-17 18:31 - 104943936 _____ C:\Users\sandennis\Downloads\avira3737_free_antivirus_de.exe
2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ___HD C:\$AVG
2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-17 18:31 - 2013-07-05 12:32 - 00000000 ____D C:\ProgramData\MFAData
2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 18:01 - 2013-07-17 18:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sandennis\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-17 17:58 - 2013-03-21 01:47 - 00064416 _____ C:\Users\SANDEN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-17 17:58 - 2009-07-14 06:45 - 00294880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt
2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt
2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Downloads\adwcleaner.exe
2013-07-17 17:49 - 2013-05-27 17:48 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Garmin
2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Garmin
2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\ProgramData\Garmin
2013-07-17 17:49 - 2013-04-14 01:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-17 17:49 - 2013-04-13 23:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Deployment
2013-07-17 17:49 - 2013-03-29 18:59 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-17 17:48 - 2013-03-21 01:21 - 00000000 ___RD C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-17 17:36 - 2013-03-21 17:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DAEMON Tools Lite
2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-07-17 13:10 - 2013-07-17 00:38 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt
2013-07-17 13:10 - 2013-07-17 00:38 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt
2013-07-17 01:49 - 2013-07-17 00:24 - 00000000 ____D C:\Users\sandennis\Downloads\CIVI 5 trainer
2013-07-17 01:44 - 2013-03-29 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\uTorrent
2013-07-17 00:33 - 2013-07-17 00:33 - 25926183 _____ C:\Users\sandennis\Downloads\mt-x_setup.rar
2013-07-17 00:29 - 2013-03-21 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\SKIDROW
2013-07-17 00:23 - 2013-07-17 00:23 - 00352855 _____ C:\Users\sandennis\Downloads\d2a536_4e9f4246e5ce6.zip
2013-07-16 22:28 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Programme
2013-07-16 22:10 - 2013-07-16 22:10 - 00016589 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationV@www.torrent.to.torrent
2013-07-16 21:55 - 2013-07-16 21:55 - 01658935 _____ (System SoftLab ) C:\Users\sandennis\Downloads\artmoney741eng.exe
2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games
2013-07-16 21:28 - 2013-07-16 21:28 - 00096835 _____ C:\Users\sandennis\Downloads\CivV_and_CivV_GaK_and_NW_v1-0-3-18_Steam_S2-1.CT
2013-07-16 14:04 - 2013-03-21 17:45 - 00000000 ____D C:\Users\sandennis\Documents\My Games
2013-07-16 14:03 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Spiele
2013-07-15 14:02 - 2013-07-15 14:02 - 00019971 _____ C:\Users\sandennis\Downloads\SidMeiersCivilizationVBraveNewWorldGERMAN-0x0007@www.torrent.to.torrent
2013-07-15 13:00 - 2013-07-15 13:00 - 00040081 _____ C:\Users\sandennis\Downloads\[kickass.to]die.gilde.1.german.deutsch.torrent
2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-15 12:20 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-15 12:19 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 12:19 - 2013-03-21 16:01 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\NVIDIA
2013-07-15 12:19 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-15 11:59 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013
2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games
2013-07-14 21:10 - 2013-07-14 21:04 - 229594432 _____ (NVIDIA Corporation) C:\Users\sandennis\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-14 19:55 - 2013-03-29 18:40 - 00000000 ____D C:\Users\sandennis\Downloads\BioShock_Infinite-FLT
2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam
2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job
2013-07-10 20:14 - 2013-07-10 20:06 - 00000000 ____D C:\Users\sandennis\Downloads\AVG Internet Security 2013 (64bit) + Serials Germa
2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-07-09 22:47 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-07-07 17:40 - 2013-03-21 02:40 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TS3Client
2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games
2013-07-05 21:49 - 2013-03-21 16:03 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-05 21:49 - 2013-03-21 07:23 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-05 21:49 - 2013-03-21 07:23 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-05 14:14 - 2013-04-13 23:59 - 00000000 ____D C:\Users\sandennis\AppData\Local\Apps\2.0
2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt
2013-07-05 14:13 - 2013-07-05 12:41 - 00000000 ____D C:\Qoobox
2013-07-05 14:13 - 2013-07-05 12:36 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus
2013-07-05 14:12 - 2013-07-05 12:41 - 00000000 ____D C:\Windows\erdnt
2013-07-05 14:12 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics
2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft
2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software
2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013
2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData
2013-07-05 12:24 - 2013-03-21 15:19 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-05 01:38 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-29 02:07 - 2013-06-29 02:06 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games
2013-06-29 02:07 - 2013-04-02 22:47 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone
2013-06-24 10:51 - 2013-03-21 01:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-06-21 14:06 - 2013-07-15 12:19 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-15 12:19 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-15 12:19 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-06-21 14:06 - 2013-06-14 21:57 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-03-21 01:33 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-03-21 01:33 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2013-06-14 21:58 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 12:23 - 2013-06-14 21:58 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 14:48 - 2013-07-17 18:34 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-06-20 14:48 - 2013-07-17 18:34 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-06-20 06:17 - 2013-06-14 21:58 - 03253909 _____ C:\Windows\system32\nvcoproc.bin
2013-06-19 16:37 - 2013-03-31 20:55 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\vlc

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-07-14 20:42

==================== End Of Log ============================

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02

Ran by sandennis at 2013-07-17 19:20:45

Running from C:\Users\sandennis\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

@BIOS (x32 Version: 2.25)

µTorrent (x32 Version: 3.3.0.29625)

Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)

APB Reloaded (x32)

Arma 2 (x32)

Arma 2: Operation Arrowhead (x32)

Arma 2: Operation Arrowhead Beta (x32)

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.0.15.16)

AutoGreen B12.0206.1 (x32 Version: 1.00.0000)

Avira Free Antivirus (x32 Version: 13.0.0.3737)

Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.1.477)

Battlefield 3™ (x32 Version: 1.0.0.0)

Battlelog Web Plugins (x32 Version: 2.1.7)

BattlEye for OA Uninstall (x32)

ckerdeinstallation für EPSON SX210 Series

Command & Conquer Generals (x32 Version: 0.50.0000)

Command and Conquer(TM) Generäle Die Stunde Null  (x32 Version: 1.00.0000)

Company of Heroes 2 (x32 Version: 1)

Counter-Strike: Source (x32)

Creative Audio-Systemsteuerung (x32 Version: 2.00)

Creative Sound Blaster Properties x64 Edition (x32)

DAEMON Tools Lite (x32 Version: 4.47.1.0333)

Day of Defeat: Source (x32)

DayZ Commander (x32 Version: 0.92.79)

Diablo III (x32 Version: 1.0.8.16603)

Die Gilde Gold-Edition (x32 Version: 2.06)

EPSON Scan (x32)

ESN Sonar (x32 Version: 0.70.4)

F1 2012 (x32)

Far Cry 3 (x32 Version: 1.04)

FIFA 13 (x32 Version: 1.1.0.0)

FUSSBALL MANAGER 13 (x32 Version: 1.0.3.0)

Google Chrome (x32 Version: 28.0.1500.72)

Google Update Helper (x32 Version: 1.3.21.153)

Guild Wars 2 (x32)

Intel(R) Control Center (x32 Version: 1.2.1.1007)

Intel(R) Management Engine Components (x32 Version: 8.0.12.1498)

Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)

Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235)

Intel® Trusted Connect Service Client (Version: 1.24.388.1)

League of Legends (x32 Version: 1.3)

Logitech Gaming Software (Version: 8.40.83)

Logitech Gaming Software 8.40 (Version: 8.40.83)

Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)

marvell 91xx driver (x32 Version: 1.2.0.1010)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)

Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)

Microsoft Silverlight (Version: 5.1.20125.0)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)

MotoGP(TM)13 (x32 Version: 1.00.0000)

Mozilla Firefox 20.0.1 (x86 de) (x32 Version: 20.0.1)

Mozilla Maintenance Service (x32 Version: 17.0.6)

Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6)

MSI Afterburner 2.3.1 (x32 Version: 2.3.1)

NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)

NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)

NVIDIA Grafiktreiber 320.49 (Version: 320.49)

NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)

NVIDIA Install Application (Version: 2.1002.124.810)

NVIDIA PhysX (x32 Version: 9.13.0604)

NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)

NVIDIA Systemsteuerung 320.49 (Version: 320.49)

ObjectDock Free (x32 Version: 2.0)

ON_OFF Charge B11.1102.1 (x32 Version: 1.00.0001)

OpenAL (x32)

OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)

Orbit Downloader (x32)

Origin (x32 Version: 9.1.13.85)

Platform (x32 Version: 1.39)

PunkBuster Services (x32 Version: 0.993)

SSD Fresh (x32 Version: 2013)

Steam (x32 Version: 1.0.0.0)

TeamSpeak 3 Client (Version: 3.0.10.1)

Thrustmaster Force Feedback Driver (x32 Version: 2.FFD.2009)

Update for FLV Player (HKCU)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Uplay (x32 Version: 2.0)

VIA Plattform-Geräte-Manager (x32 Version: 1.39)

Virtua Tennis 4™ (x32 Version: 1.0.0000.130)

Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)

VLC media player 2.0.5 (x32 Version: 2.0.5)

Warhammer 40,000 Space Marine (x32)

Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)

WinRAR 4.20 (64-Bit) (Version: 4.20.0)
 

==================== Restore Points  =========================
 

16-07-2013 21:39:12 DirectX wurde installiert

17-07-2013 15:48:11 Entfernt Creative Software AutoUpdate

17-07-2013 15:48:36 Configured Easy Tune 6 B12.0626.1

17-07-2013 15:48:53 Removed Facebook Messenger 2.1.4814.0

17-07-2013 15:49:16 Garmin Express

17-07-2013 16:30:49 Removed AVG 2013

17-07-2013 16:31:31 Removed AVG 2013
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2013-07-05 14:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {4157CBB0-0935-45CA-ABD2-C7BCEEDD4993} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)

Task: {901D4260-E1AB-4508-BE1F-D79817B57389} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)

Task: {A3D3BB28-47C5-44E5-B28C-EF500B83D933} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe No File

Task: {ACBA5C30-735D-4A22-B4E0-874BF30CFC90} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.
 

Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service) (User: )

Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.
 

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.
 

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service) (User: )

Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.
 

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.
 

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service) (User: )

Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.
 

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.
 

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service) (User: )

Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.
 

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a91, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.
 

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service) (User: )

Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a91, "">.
 
 

System errors:

=============

Error: (07/17/2013 07:20:17 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 22 Mal passiert.
 

Error: (07/17/2013 07:20:17 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 

%%6801
 

Error: (07/17/2013 07:20:13 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 21 Mal passiert.
 

Error: (07/17/2013 07:20:13 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 

%%6801
 

Error: (07/17/2013 07:20:07 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 20 Mal passiert.
 

Error: (07/17/2013 07:20:07 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 

%%6801
 

Error: (07/17/2013 07:19:38 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 19 Mal passiert.
 

Error: (07/17/2013 07:19:38 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 

%%6801
 

Error: (07/17/2013 07:19:32 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 18 Mal passiert.
 

Error: (07/17/2013 07:19:32 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 

%%6801
 
 

Microsoft Office Sessions:

=========================

Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service)(User: )

Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:
 

Error: (07/17/2013 07:15:55 PM) (Source: Windows Search Service)(User: )

Description: 200x80071a91
 

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service)(User: )

Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:
 

Error: (07/17/2013 07:15:51 PM) (Source: Windows Search Service)(User: )

Description: 200x80071a91
 

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service)(User: )

Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:
 

Error: (07/17/2013 07:15:48 PM) (Source: Windows Search Service)(User: )

Description: 200x80071a91
 

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service)(User: )

Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:
 

Error: (07/17/2013 07:15:46 PM) (Source: Windows Search Service)(User: )

Description: 200x80071a91
 

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service)(User: )

Description: 100x80071a91Fehler beim Speichern der Änderungen am Crawl Scope-Manager:
 

Error: (07/17/2013 07:15:30 PM) (Source: Windows Search Service)(User: )

Description: 200x80071a91
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 22%

Total physical RAM: 8152.04 MB

Available physical RAM: 6288.13 MB

Total Pagefile: 16150.18 MB

Available Pagefile: 14146.33 MB

Total Virtual: 8192 MB

Available Virtual: 8191.79 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:111.64 GB) (Free:27.93 GB) NTFS (Disk=2 Partition=1)

Drive d: (DOWNLOAD ) (Fixed) (Total:298.09 GB) (Free:181.03 GB) NTFS (Disk=1 Partition=1)

Drive e: (SPIELE) (Fixed) (Total:111.69 GB) (Free:27 GB) NTFS (Disk=0 Partition=2)

Drive f: (D3C1.0.0) (CDROM) (Total:7.66 GB) (Free:0 GB) UDF

Drive h: (GILDEGOLD) (CDROM) (Total:0.96 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 4964FC60)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 9BB89BB8)

Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 6EBB33A1)

Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

weiß jetzt nicht ob das so richtig war habe beide zusammen reingestellt !

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02

Ran by sandennis (administrator) on 18-07-2013 09:24:55

Running from C:\Users\sandennis\Desktop

Windows 7 Enterprise (X64) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe

(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe

(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe

(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)

HKLM\...\Run: [VIAxHCUtl] - C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)

HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3456080 2013-06-04] (Electronic Arts)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)

HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [5120144 2012-05-23] (VIA)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [284440 2012-02-01] (Intel Corporation)

HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291648 2012-05-20] (Intel Corporation)

HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-20] (Avira Operations GmbH & Co. KG)

Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

Startup: C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk

ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default

FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

FF Extension: toolbar_AVIRA-V7 - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi

FF Extension: youtubeunblocker - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\youtubeunblocker@unblocker.yt.xpi

FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{35379F86-8CCB-4724-AE33-4278DE266C70}

FF Extension: No Name - C:\Users\sandennis\AppData\Roaming\Mozilla\Firefox\Profiles\dh3lsrk4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.de/

CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=E2EB810CB27773F2D4606C51D6A1D4DD"

CHR DefaultSearchURL: (SecureSearch) - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_1&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}

CHR DefaultSuggestURL: (SecureSearch) -       "suggest_url": ""

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File

CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File

CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\19.52819_0

CHR Extension: (AdBlock) - C:\Users\SANDEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-20] (Avira Operations GmbH & Co. KG)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-14] ()

R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)

R2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-07-05] (AVG Secure Search)
 

==================== Drivers (Whitelisted) ====================
 

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-05] (AVG Technologies)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-21] (DT Soft Ltd)

S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)

S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-21] (Windows (R) Server 2003 DDK provider)

S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)

S3 gdrv; C:\Windows\gdrv.sys [25640 2013-04-16] (Windows (R) Server 2003 DDK provider)

R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-07-05] (GFI Software)

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-04-16] ()

R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)

R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)

R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)

R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)

R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)

S3 catchme; \??\C:\ComboFix\catchme.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-07-18 09:24 - 2013-07-18 09:24 - 00001842 _____ C:\Users\sandennis\Desktop\JRT.txt

2013-07-18 09:21 - 2013-07-18 09:21 - 00000000 ____D C:\Windows\ERUNT

2013-07-18 09:19 - 2013-07-18 09:19 - 00001635 _____ C:\AdwCleaner[S2].txt

2013-07-18 09:04 - 2013-07-18 09:04 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\sandennis\Desktop\JRT.exe

2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST

2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Desktop\FRST64.exe

2013-07-17 19:15 - 2013-07-18 09:20 - 00000560 _____ C:\Windows\setupact.log

2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log

2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log

2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira

2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira

2013-07-17 18:34 - 2013-06-20 14:48 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-07-17 18:34 - 2013-06-20 14:48 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-07-17 18:34 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes

2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-17 18:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-07-17 18:00 - 2013-07-18 09:19 - 00897035 _____ C:\Windows\WindowsUpdate.log

2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt

2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt

2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Desktop\adwcleaner.exe

2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD

2013-07-17 00:38 - 2013-07-17 13:10 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt

2013-07-17 00:38 - 2013-07-17 13:10 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt

2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games

2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies

2013-07-15 12:19 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-07-15 12:19 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-07-15 12:19 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games

2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam

2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job

2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4

2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive

2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr

2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software

2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games

2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt

2013-07-05 12:41 - 2013-07-05 14:13 - 00000000 ____D C:\Qoobox

2013-07-05 12:41 - 2013-07-05 14:12 - 00000000 ____D C:\Windows\erdnt

2013-07-05 12:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2013-07-05 12:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2013-07-05 12:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-07-05 12:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-07-05 12:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-07-05 12:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2013-07-05 12:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2013-07-05 12:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics

2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus

2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft

2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations

2013-07-05 12:36 - 2013-07-05 14:13 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus

2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys

2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ___HD C:\$AVG

2013-07-05 12:34 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\AVG2013

2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software

2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013

2013-07-05 12:32 - 2013-07-17 18:31 - 00000000 ____D C:\ProgramData\MFAData

2013-07-05 12:32 - 2013-07-15 11:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013

2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData

2013-06-29 02:06 - 2013-06-29 02:07 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games

2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone

2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx

2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner

2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner

2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
 

==================== One Month Modified Files and Folders =======
 

2013-07-18 09:24 - 2013-07-18 09:24 - 00001842 _____ C:\Users\sandennis\Desktop\JRT.txt

2013-07-18 09:23 - 2013-07-17 18:00 - 00897035 _____ C:\Windows\WindowsUpdate.log

2013-07-18 09:21 - 2013-07-18 09:21 - 00000000 ____D C:\Windows\ERUNT

2013-07-18 09:20 - 2013-07-17 19:15 - 00000560 _____ C:\Windows\setupact.log

2013-07-18 09:20 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA

2013-07-18 09:20 - 2013-03-21 02:28 - 00000000 ____D C:\Program Files (x86)\Origin

2013-07-18 09:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-07-18 09:19 - 2013-07-18 09:19 - 00001635 _____ C:\AdwCleaner[S2].txt

2013-07-18 09:19 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-07-18 09:19 - 2009-07-14 06:45 - 00012048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-07-18 09:04 - 2013-07-18 09:04 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\sandennis\Desktop\JRT.exe

2013-07-18 08:56 - 2013-03-21 01:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-07-18 08:51 - 2009-07-14 12:49 - 00696620 _____ C:\Windows\system32\perfh007.dat

2013-07-18 08:51 - 2009-07-14 12:49 - 00147916 _____ C:\Windows\system32\perfc007.dat

2013-07-18 08:51 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI

2013-07-17 19:20 - 2013-07-17 19:20 - 00000000 ____D C:\FRST

2013-07-17 19:19 - 2013-07-17 19:19 - 01778209 _____ (Farbar) C:\Users\sandennis\Desktop\FRST64.exe

2013-07-17 19:16 - 2013-03-23 14:47 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DVDVideoSoft

2013-07-17 19:15 - 2013-07-17 19:15 - 00000586 _____ C:\Windows\PFRO.log

2013-07-17 19:15 - 2013-07-17 19:15 - 00000000 _____ C:\Windows\setuperr.log

2013-07-17 18:35 - 2013-07-17 18:35 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Avira

2013-07-17 18:34 - 2013-07-17 18:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-07-17 18:34 - 2013-07-17 18:34 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\Program Files (x86)\Avira

2013-07-17 18:34 - 2013-03-22 14:27 - 00000000 ____D C:\ProgramData\Avira

2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ___HD C:\$AVG

2013-07-17 18:31 - 2013-07-05 12:34 - 00000000 ____D C:\ProgramData\AVG2013

2013-07-17 18:31 - 2013-07-05 12:32 - 00000000 ____D C:\ProgramData\MFAData

2013-07-17 18:02 - 2013-07-17 18:02 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Malwarebytes

2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-17 18:02 - 2013-07-17 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-17 17:58 - 2013-03-21 01:47 - 00064416 _____ C:\Users\SANDEN~1\AppData\Local\GDIPFONTCACHEV1.DAT

2013-07-17 17:58 - 2009-07-14 06:45 - 00294880 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-17 17:57 - 2013-07-17 17:57 - 00014291 _____ C:\AdwCleaner[R1].txt

2013-07-17 17:57 - 2013-07-17 17:57 - 00014013 _____ C:\AdwCleaner[S1].txt

2013-07-17 17:56 - 2013-07-17 17:56 - 00662345 _____ C:\Users\sandennis\Desktop\adwcleaner.exe

2013-07-17 17:49 - 2013-05-27 17:48 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Garmin

2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Garmin

2013-07-17 17:49 - 2013-05-27 17:45 - 00000000 ____D C:\ProgramData\Garmin

2013-07-17 17:49 - 2013-04-14 01:03 - 00000000 ____D C:\ProgramData\Package Cache

2013-07-17 17:49 - 2013-04-13 23:59 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Deployment

2013-07-17 17:49 - 2013-03-29 18:59 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2013-07-17 17:48 - 2013-03-21 01:21 - 00000000 ___RD C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-07-17 17:36 - 2013-03-21 17:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\DAEMON Tools Lite

2013-07-17 17:05 - 2013-07-17 17:05 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD

2013-07-17 13:10 - 2013-07-17 00:38 - 00000047 _____ C:\Users\sandennis\Documents\mt-x_hook.txt

2013-07-17 13:10 - 2013-07-17 00:38 - 00000006 _____ C:\Users\sandennis\Documents\mt-e_hook.txt

2013-07-17 01:44 - 2013-03-29 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\uTorrent

2013-07-17 00:29 - 2013-03-21 17:45 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\SKIDROW

2013-07-16 22:28 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Programme

2013-07-16 21:55 - 2013-07-16 21:55 - 00000000 ____D C:\Games

2013-07-16 14:04 - 2013-03-21 17:45 - 00000000 ____D C:\Users\sandennis\Documents\My Games

2013-07-16 14:03 - 2013-03-21 02:29 - 00000000 ____D C:\Users\sandennis\Desktop\Spiele

2013-07-15 12:20 - 2013-07-15 12:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies

2013-07-15 12:20 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-07-15 12:19 - 2013-06-14 21:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-07-15 12:19 - 2013-03-21 16:01 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\NVIDIA

2013-07-15 12:19 - 2013-03-21 01:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-07-15 11:59 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\Avg2013

2013-07-14 22:25 - 2013-07-14 22:25 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\My Games

2013-07-14 18:45 - 2013-07-14 18:45 - 00000000 ____D C:\ProgramData\Steam

2013-07-14 18:17 - 2013-07-14 18:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce80ada4712e4b.job

2013-07-09 22:49 - 2013-07-09 22:49 - 00000000 ____D C:\Users\sandennis\Documents\Virtua Tennis 4

2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Windows\SysWOW64\xlive

2013-07-09 22:47 - 2013-07-09 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2013-07-09 22:47 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-07-09 20:54 - 2013-07-09 20:54 - 00000000 ____D C:\Users\Public\Documents\Aspyr

2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software

2013-07-09 09:50 - 2013-07-09 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

2013-07-07 17:40 - 2013-03-21 02:40 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TS3Client

2013-07-07 17:16 - 2013-07-07 17:16 - 00000000 ____D C:\Users\sandennis\Documents\EA Games

2013-07-05 21:49 - 2013-03-21 16:03 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.xtr

2013-07-05 21:49 - 2013-03-21 07:23 - 00291088 _____ C:\Windows\SysWOW64\PnkBstrB.exe

2013-07-05 21:49 - 2013-03-21 07:23 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0

2013-07-05 14:14 - 2013-04-13 23:59 - 00000000 ____D C:\Users\sandennis\AppData\Local\Apps\2.0

2013-07-05 14:13 - 2013-07-05 14:13 - 00024323 _____ C:\ComboFix.txt

2013-07-05 14:13 - 2013-07-05 12:41 - 00000000 ____D C:\Qoobox

2013-07-05 14:13 - 2013-07-05 12:36 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Ad-Aware Antivirus

2013-07-05 14:12 - 2013-07-05 12:41 - 00000000 ____D C:\Windows\erdnt

2013-07-05 14:12 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini

2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\LavasoftStatistics

2013-07-05 12:39 - 2013-07-05 12:39 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus

2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Lavasoft

2013-07-05 12:37 - 2013-07-05 12:37 - 00000000 ____D C:\ProgramData\Downloaded Installations

2013-07-05 12:36 - 2013-07-05 12:36 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys

2013-07-05 12:34 - 2013-07-05 12:34 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\TuneUp Software

2013-07-05 12:34 - 2013-07-05 12:34 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\AVG2013

2013-07-05 12:32 - 2013-07-05 12:32 - 00000000 ____D C:\Users\SANDEN~1\AppData\Local\MFAData

2013-07-05 12:24 - 2013-03-21 15:19 - 00000000 ____D C:\ProgramData\AVAST Software

2013-07-05 01:38 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-06-29 02:07 - 2013-06-29 02:06 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Riot Games

2013-06-29 02:07 - 2013-04-02 22:47 - 00000000 ____D C:\Program Files (x86)\Pando Networks

2013-06-24 10:54 - 2013-06-24 10:54 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Milestone

2013-06-24 10:51 - 2013-03-21 01:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Windows\SysWOW64\directx

2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner

2013-06-23 18:38 - 2013-06-23 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner

2013-06-21 14:06 - 2013-07-15 12:19 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-06-21 14:06 - 2013-07-15 12:19 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-06-21 14:06 - 2013-07-15 12:19 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-06-21 14:06 - 2013-06-14 21:57 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-06-21 14:06 - 2013-06-14 21:57 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-06-21 14:06 - 2013-06-14 21:57 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-06-21 14:06 - 2013-06-14 21:57 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-06-21 14:06 - 2013-06-14 21:57 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-06-21 14:06 - 2013-06-14 21:57 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-06-21 14:06 - 2013-06-14 21:57 - 00021578 _____ C:\Windows\system32\nvinfo.pb

2013-06-21 14:06 - 2013-03-21 01:33 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-06-21 14:06 - 2013-03-21 01:33 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2013-06-21 12:23 - 2013-06-14 21:58 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-06-21 12:23 - 2013-06-14 21:58 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2013-06-21 12:23 - 2013-06-14 21:58 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-06-21 12:23 - 2013-06-14 21:58 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-06-21 12:23 - 2013-06-14 21:58 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-06-21 12:23 - 2013-06-14 21:58 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2013-06-20 14:48 - 2013-07-17 18:34 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-06-20 14:48 - 2013-07-17 18:34 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-06-20 06:17 - 2013-06-14 21:58 - 03253909 _____ C:\Windows\system32\nvcoproc.bin

2013-06-19 16:37 - 2013-03-31 20:55 - 00000000 ____D C:\Users\sandennis\AppData\Roaming\vlc
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-07-14 20:42
 

==================== End Of Log ============================

--- --- ---