Trojaner-Board - Mauszeiger hakt, verschwindet, nimmt andere Formen an, selbstständiger Neustart

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Mauszeiger hakt, verschwindet, nimmt andere Formen an, selbstständiger Neustart (https://www.trojaner-board.de/142374-mauszeiger-hakt-verschwindet-nimmt-andere-formen-selbststaendiger-neustart.html)

Mauszeiger hakt, verschwindet, nimmt andere Formen an, selbstständiger Neustart

Moin.

Seit einigen Tagen spinnt mein Mauszeiger. Er verschwindet teilweise, hakt, zeigt unterschiedliche Symbole vom "beschäftigt-Kringel", über selbständiges markieren bis zum ?-Pfeil.

Wenn er hakt scheint auch das ganze System zu haken was sogar schon zum selbstständigen Neustart geführt hat. Das ganze tritt nur zeitweise auf allerdings relativ häufig.

Ich habe keine neue Hardware verbaut. Windows Update hat letztens allerdings den neuen Gforce Treiber installiert. Den habe ich aus Verdacht schon einmal neu per Hand installiert, hat aber nichts gebracht.
Auch den Maustreiber habe ich schon mal gelöscht. Hat auch nichts gebracht.

Hat jmd eine Idee?

Windows 7 Ultimate 32 bit

Ich wurde auf diese Abteilung verwiesen. Allerdings gibt es sonst keine Anzeichen auf einen Schädling.

Grüße und Danke im voraus

Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Wie gesagt hatte ich keinerlei Funde deshalb hatte ich zuerst in der Windows-Sparte gepostet..

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01

Ran by Steuermann (ATTENTION: The logged in user is not administrator) on KALEUNTOBSEN-PC on 01-10-2013 20:12:35

Running from C:\Users\Steuermann\Desktop

Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [360448 2009-07-14] (Microsoft Corporation)

HKCU\...\Run: [Nero MediaHome 4] - "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN

HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Steuermann\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

HKCU\...\Run: [] - D:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

MountPoints2: {517355f8-1b86-11e1-bb77-002215db3898} - H:\AutoRun.exe

MountPoints2: {5173562e-1b86-11e1-bb77-002215db3898} - H:\AutoRun.exe

AppInit_DLLs: c:\progra~2\browse~1\25986~1.67\{c16c1~1\browse~1.dll [ ] ()
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.2.1/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x38123D9DFD50CC01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Steuermann\AppData\Roaming\Mozilla\Firefox\Profiles\jrc5fhz3.default

FF Homepage: web.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: No Name - C:\Users\Steuermann\AppData\Roaming\Mozilla\Firefox\Profiles\jrc5fhz3.default\Extensions\staged

FF Extension: No Name - C:\Users\Steuermann\AppData\Roaming\Mozilla\Firefox\Profiles\jrc5fhz3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)

R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4176896 2011-12-05] (Native Instruments GmbH)

R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)

R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 TomTomHOMEService; D:\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-07-02] (TomTom)

S3 xsherlock; C:\Windows\system32\xsherlock.xem [666720 2012-11-09] (Wellbia.com Co., Ltd.)

S4 SearchAnonymizer; "C:\Users\Kaleun Tobsen\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe" [x]
 

==================== Drivers (Whitelisted) ====================
 

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-06-13] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)

S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [340480 2007-11-06] (BEHRINGER)

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-13] (DT Soft Ltd)

R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-06-13] ()

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()

S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)

R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-23] (Avira GmbH)

R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1077760 2009-08-17] (VIA Technologies, Inc.)

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]

S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x]

S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]

S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x]

S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [x]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]

S3 tsusbhub; system32\drivers\tsusbhub.sys [x]

S3 VGPU; System32\drivers\rdvgkmd.sys [x]

S3 vtany; \??\C:\Windows\vtany.sys [x]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 19:58 - 2013-10-01 19:58 - 01086873 _____ (Farbar) C:\Users\Steuermann\Desktop\FRST.exe

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2013-09-12 08:28 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-29 23:56 - 2013-09-12 08:28 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-29 23:56 - 2013-09-11 22:27 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-29 23:55 - 2013-09-29 23:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:51 - 2013-09-12 10:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-29 23:51 - 2013-09-12 10:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-29 23:51 - 2013-08-20 15:33 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys

2013-09-29 23:51 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll

2013-09-29 23:51 - 2013-06-16 14:38 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys

2013-09-29 23:51 - 2013-06-16 14:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll

2013-09-29 23:51 - 2013-01-29 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll

2013-09-29 23:32 - 2013-09-12 10:51 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 10:16 - 2013-09-28 10:16 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-26 23:13 - 2013-09-26 23:13 - 00000000 ____D C:\Program Files\MyFree Codec

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-25 17:14 - 2013-10-01 19:48 - 00000000 ____D C:\Windows\Minidump

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 17:03 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-09-11 17:03 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-09-11 17:03 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-11 17:03 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-11 16:55 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-09-11 16:55 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2013-09-11 16:55 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-09-11 16:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-09-11 16:54 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2013-09-11 16:54 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity
 

==================== One Month Modified Files and Folders =======
 

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 20:11 - 2011-06-13 09:50 - 02466195 _____ C:\Windows\setupact.log

2013-10-01 19:58 - 2013-10-01 19:58 - 01086873 _____ (Farbar) C:\Users\Steuermann\Desktop\FRST.exe

2013-10-01 19:58 - 2012-12-16 13:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-01 19:58 - 2012-08-04 15:20 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-01 19:56 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-01 19:56 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-01 19:52 - 2011-05-20 22:50 - 01412249 _____ C:\Windows\WindowsUpdate.log

2013-10-01 19:49 - 2012-08-04 15:20 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-01 19:48 - 2013-09-25 17:14 - 00000000 ____D C:\Windows\Minidump

2013-10-01 19:48 - 2012-09-15 17:31 - 00000000 ____D C:\ProgramData\NVIDIA

2013-10-01 19:48 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 09:07 - 2011-06-21 09:27 - 00149748 _____ C:\Windows\PFRO.log

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 00:21 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET

2013-09-30 00:17 - 2011-05-20 22:56 - 01590370 _____ C:\Windows\system32\PerfStringBackup.INI

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:58 - 2013-09-29 23:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:58 - 2011-05-20 23:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help

2013-09-29 23:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 22:46 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Mozilla

2013-09-29 20:43 - 2012-07-11 21:56 - 00000958 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-29 19:46 - 2011-05-23 04:03 - 00000000 ____D C:\Program Files\Common Files\Nero

2013-09-29 19:45 - 2011-05-23 04:07 - 00000000 ____D C:\Program Files\Nero

2013-09-29 19:45 - 2011-05-23 04:04 - 00000000 ____D C:\ProgramData\Nero

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:46 - 2011-05-21 15:37 - 00000000 ____D C:\Users\Kjeld

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 10:16 - 2013-09-28 10:16 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 17:59 - 2011-05-29 18:55 - 00000680 __RSH C:\Users\Kaleun Tobsen\ntuser.pol

2013-09-27 17:25 - 2013-08-25 14:27 - 00000000 ____D C:\ProgramData\Samsung

2013-09-27 17:25 - 2011-05-20 23:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2013-09-27 17:16 - 2013-08-30 19:58 - 00000000 ____D C:\Program Files\Free FLV Converter

2013-09-27 17:15 - 2013-08-07 00:51 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Amazon

2013-09-27 17:15 - 2013-08-07 00:50 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-26 23:13 - 2013-09-26 23:13 - 00000000 ____D C:\Program Files\MyFree Codec

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-26 22:47 - 2013-01-20 21:09 - 00000000 ____D C:\Program Files\TomTom HOME 2

2013-09-26 22:45 - 2013-01-20 21:07 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Downloaded Installations

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-17 07:36 - 2012-09-01 16:23 - 00000000 ____D C:\ProgramData\CanonIJPLM

2013-09-16 10:43 - 2011-05-21 21:23 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\vlc

2013-09-12 10:51 - 2013-09-29 23:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-12 10:51 - 2013-09-29 23:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-12 10:51 - 2013-09-29 23:32 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-12 08:28 - 2013-09-29 23:56 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 22:27 - 2013-09-29 23:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-11 17:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache

2013-09-11 17:08 - 2009-07-14 06:33 - 00283096 _____ C:\Windows\system32\FNTCACHE.DAT

2013-09-11 17:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE

2013-09-11 17:02 - 2013-07-17 10:28 - 00000000 ____D C:\Windows\system32\MRT

2013-09-11 16:56 - 2011-05-21 13:23 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-09-11 13:58 - 2012-12-16 13:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2013-09-11 13:58 - 2012-12-16 13:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2013-09-08 17:50 - 2011-05-29 19:33 - 00000680 __RSH C:\Users\Steuermann\ntuser.pol

2013-09-08 17:50 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity

2013-09-08 10:34 - 2011-05-29 19:27 - 00043800 __RSH C:\Users\Kjeld\ntuser.pol

2013-09-04 13:34 - 2013-05-07 15:36 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-09-04 13:34 - 2013-03-23 10:00 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-09-04 13:34 - 2013-03-23 10:00 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-09-03 19:12 - 2013-01-13 21:51 - 00000000 ____D C:\ProgramData\boost_interprocess
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2013 01

Ran by Steuermann at 2013-10-01 20:13:02

Running from C:\Users\Steuermann\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

7-Zip 4.65

Adobe Flash Player 11 Plugin (Version: 11.8.800.168)

Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)

Adobe Shockwave Player 12.0 (Version: 12.0.4.144)

Air Conflicts - Secret Wars

Anno 1404 (Version: 1.00.0000)

ANNO 1404 (Version: 1.03.0000)

Avira Free Antivirus (Version: 13.0.0.4052)

BEHRINGER USB AUDIO DRIVER

C9

Call of Duty: Modern Warfare 3 - Multiplayer

Canon Easy-PhotoPrint EX

Canon MP Navigator EX 4.0

Canon MP280 series Benutzerregistrierung

Canon MP280 series MP Drivers

Canon My Printer

Canon Solution Menu EX

Chivalry: Medieval Warfare

Chivalry: Medieval Warfare Dedicated Server

Crysis 2 Maximum Edition

DAEMON Tools Lite (Version: 4.45.1.0236)

doPDF 7.3 printer

DVD Shrink 3.2

Fraps

From Dust

GeForce Experience NvStream Client Components (Version: 0.1.87)

Google Earth Plug-in (Version: 7.1.1.1888)

Google Update Helper (Version: 1.3.21.153)

High-Definition Video Playback 10 (Version: 7.0.11400.29.0)

HijackThis 1.99.1 (Version: 1.99.1)

HTC BMP USB Driver (Version: 1.0.5375)

HTC Driver Installer (Version: 4.1.0.001)

IPTInstaller (Version: 4.0.8)

Java 7 Update 40 (Version: 7.0.400)

Java Auto Updater (Version: 2.1.9.8)

Left 4 Dead 2

LEGO Insel 2

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft Office Excel Viewer (Version: 12.0.6425.1000)

Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Word 2000 SR-1 (Version: 9.00.3821)

Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)

Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)

Mozilla Firefox 24.0 (x86 de) (Version: 24.0)

MSVC80_x86_v2 (Version: 1.0.3.0)

MSVC90_x86 (Version: 1.0.1.2)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)

Native Instruments AC Box Combo

Native Instruments Controller Editor

Native Instruments Controller Editor (Version: 1.4.3.891)

Native Instruments Guitar Rig 5

Native Instruments Guitar Rig 5 (Version: 5.1.0.2641)

Native Instruments Guitar Rig Mobile I/O

Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)

Native Instruments Guitar Rig Session I/O

Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)

Native Instruments Plexi Combo

Native Instruments Rig Kontrol 3

Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)

Native Instruments Service Center

Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)

Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)

Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)

Nero Burning ROM 10 (Version: 10.0.11100.10.100)

Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)

Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)

Nero Control Center 10 (Version: 10.0.12000.1.4)

Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)

Nero Core Components 10 (Version: 2.0.13700.0.1)

Nero CoverDesigner 10 (Version: 5.0.10900.11.100)

Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)

Nero DiscCopyGadget 10 Help (CHM) (Version: 1.0.10600)

Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)

Nero Dolby Files 10 (Version: 2.0.11000.0.10)

Nero Express 10 (Version: 10.0.11000.10.100)

Nero Express 10 Help (CHM) (Version: 1.0.10700)

Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)

Nero MediaHub 10 (Version: 1.0.13400.11.100)

Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)

Nero Multimedia Suite 10 (Version: 10.0.13100)

Nero Recode 10 (Version: 4.6.10900.4.100)

Nero Recode 10 Help (CHM) (Version: 1.0.10600)

Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)

Nero SoundTrax 10 (Version: 4.6.10600.2.100)

Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)

Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)

Nero Update (Version: 1.0.0017)

Nero Vision 10 (Version: 7.0.11100.8.100)

Nero Vision 10 Help (CHM) (Version: 1.0.10600)

Nero WaveEditor 10 (Version: 5.6.10600.2.100)

Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)

Nokia Connectivity Cable Driver (Version: 7.1.172.0)

Nokia Suite (Version: 3.8.30.0)

NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)

NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)

NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)

NVIDIA Grafiktreiber 327.23 (Version: 327.23)

NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.133.902)

NVIDIA PhysX (Version: 9.13.0725)

NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2723)

NVIDIA Systemsteuerung 327.23 (Version: 327.23)

NVIDIA Update 8.3.14 (Version: 8.3.14)

NVIDIA Update Components (Version: 8.3.14)

NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)

Pando Media Booster (Version: 2.6.0.1)

PC Connectivity Solution (Version: 12.0.109.0)

Platform (Version: 1.34)

Plex Media Server (Version: 0.9.709)

ProtectDisc Driver, Version 11 (Version: 11.0.0.14)

Ravensburger tiptoi

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)

SereneScreen Marine Aquarium 3 (Version: 3.0)

SHIELD Streaming (Version: 1.05.28)

Silent Hunter 5 (Version: 1.2.0)

SpeedFan (remove only)

Star Trek Online

Steam (Version: 1.0.0.0)

swMSM (Version: 12.0.0.1)

The Witcher Enhanced Edition (Version: 1.4.5.1280)

TomTom HOME (Version: 2.9.6)

TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)

Ubisoft Game Launcher (Version: 1.0.0.0)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)

VIA Plattform-Geräte-Manager (Version: 1.34)

VLC media player 2.0.8 (Version: 2.0.8)

Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
 

==================== Restore Points  =========================
 

Could not list Restore Points.
 
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
 

==================== Loaded Modules (whitelisted) =============
 

2013-10-01 00:34 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (09/30/2013 00:11:12 AM) (Source: MsiInstaller) (User: KaleunTobsen-PC)

Description: Produkt: Microsoft Fix it 50735 -- Fehler 1401. Der Schlüssel S-1-5-21-2728854988-945016170-375115415-1000\Software\Microsoft konnte nicht erstellt werden.  Systemfehler 87. Stellen Sie sicher, dass Sie ausreichende Zugriffsrechte für diesen Schlüssel besitzen, oder wenden Sie sich an den Support.
 

Error: (09/30/2013 00:06:43 AM) (Source: MsiInstaller) (User: KaleunTobsen-PC)

Description: Produkt: Microsoft Fix it 50735 -- Fehler 1401. Der Schlüssel S-1-5-21-2728854988-945016170-375115415-1000\Software\Microsoft konnte nicht erstellt werden.  Systemfehler 87. Stellen Sie sicher, dass Sie ausreichende Zugriffsrechte für diesen Schlüssel besitzen, oder wenden Sie sich an den Support.
 

Error: (09/29/2013 11:28:03 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00055f99

ID des fehlerhaften Prozesses: 0x928

Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0

Pfad der fehlerhaften Anwendung: PSIA.exe1

Pfad des fehlerhaften Moduls: PSIA.exe2

Berichtskennung: PSIA.exe3
 

Error: (09/29/2013 10:42:55 PM) (Source: Application Hang) (User: )

Description: Programm Au_.exe, Version 2.0.0.4003 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 6e4
 

Startzeit: 01cebd5410fae3bf
 

Endzeit: 0
 

Anwendungspfad: C:\Users\KALEUN~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
 

Berichts-ID:
 

Error: (09/29/2013 08:24:21 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00056b0d

ID des fehlerhaften Prozesses: 0x734

Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0

Pfad der fehlerhaften Anwendung: PSIA.exe1

Pfad des fehlerhaften Moduls: PSIA.exe2

Berichtskennung: PSIA.exe3
 

Error: (09/29/2013 07:45:49 PM) (Source: Microsoft-Windows-RestartManager) (User: KaleunTobsen-PC)

Description: Die Anwendung oder der Dienst "Nero MediaHome 4 Service" konnte nicht neu gestartet werden.
 

Error: (09/29/2013 07:44:30 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert

.

Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {36a63b94-0e22-4cd5-9ffa-72326fbd89dd}
 

Error: (09/08/2013 07:54:59 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert

.

Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {b14ba5b4-3b51-428f-882b-fe4494b710bc}
 

Error: (09/08/2013 07:51:48 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: wic.exe, Version: 1.0.1.1, Zeitstempel: 0x4a2f7509

Name des fehlerhaften Moduls: d3d11.dll, Version: 6.2.9200.16570, Zeitstempel: 0x5153774d

Ausnahmecode: 0xc0000005

Fehleroffset: 0x000a4903

ID des fehlerhaften Prozesses: 0xf10

Startzeit der fehlerhaften Anwendung: 0xwic.exe0

Pfad der fehlerhaften Anwendung: wic.exe1

Pfad des fehlerhaften Moduls: wic.exe2

Berichtskennung: wic.exe3
 

Error: (09/08/2013 07:46:33 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: wic.exe, Version: 1.0.1.1, Zeitstempel: 0x4a2f7509

Name des fehlerhaften Moduls: d3d11.dll, Version: 6.2.9200.16570, Zeitstempel: 0x5153774d

Ausnahmecode: 0xc0000005

Fehleroffset: 0x000a7904

ID des fehlerhaften Prozesses: 0x2c4

Startzeit der fehlerhaften Anwendung: 0xwic.exe0

Pfad der fehlerhaften Anwendung: wic.exe1

Pfad des fehlerhaften Moduls: wic.exe2

Berichtskennung: wic.exe3
 
 

System errors:

=============

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/01/2013 07:49:51 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/01/2013 07:49:23 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)

Description: Schwerwiegender Hardwarefehler.
 

Gemeldet von Komponente: Prozessorkern

Fehlerquelle: 3

Fehlertyp: 10

Prozessor-ID: 3
 

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
 

Error: (10/01/2013 07:49:23 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)

Description: Schwerwiegender Hardwarefehler.
 

Gemeldet von Komponente: Prozessorkern

Fehlerquelle: 3

Fehlertyp: 10

Prozessor-ID: 2
 

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
 
 

Microsoft Office Sessions:

=========================

Error: (09/30/2013 00:11:12 AM) (Source: MsiInstaller)(User: KaleunTobsen-PC)

Description: Produkt: Microsoft Fix it 50735 -- Fehler 1401. Der Schlüssel S-1-5-21-2728854988-945016170-375115415-1000\Software\Microsoft konnte nicht erstellt werden.  Systemfehler 87. Stellen Sie sicher, dass Sie ausreichende Zugriffsrechte für diesen Schlüssel besitzen, oder wenden Sie sich an den Support.(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (09/30/2013 00:06:43 AM) (Source: MsiInstaller)(User: KaleunTobsen-PC)

Description: Produkt: Microsoft Fix it 50735 -- Fehler 1401. Der Schlüssel S-1-5-21-2728854988-945016170-375115415-1000\Software\Microsoft konnte nicht erstellt werden.  Systemfehler 87. Stellen Sie sicher, dass Sie ausreichende Zugriffsrechte für diesen Schlüssel besitzen, oder wenden Sie sich an den Support.(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (09/29/2013 11:28:03 PM) (Source: Application Error)(User: )

Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db96c5c000000500055f9992801cebd57c1cce626C:\Program Files\Secunia\PSI\PSIA.exeC:\Windows\SYSTEM32\ntdll.dll058ec5ca-294e-11e3-91e6-002215db3898
 

Error: (09/29/2013 10:42:55 PM) (Source: Application Hang)(User: )

Description: Au_.exe2.0.0.40036e401cebd5410fae3bf0C:\Users\KALEUN~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
 

Error: (09/29/2013 08:24:21 PM) (Source: Application Error)(User: )

Description: PSIA.exe3.0.0.701151d3d69bntdll.dll6.1.7601.1820551db96c5c000000500056b0d73401cebd40e29b12afC:\Program Files\Secunia\PSI\PSIA.exeC:\Windows\SYSTEM32\ntdll.dll5bddf020-2934-11e3-813a-002215db3898
 

Error: (09/29/2013 07:45:49 PM) (Source: Microsoft-Windows-RestartManager)(User: KaleunTobsen-PC)

Description: 0NMMediaServerService.exeNero MediaHome 4 Service03026217820440
 

Error: (09/29/2013 07:44:30 PM) (Source: VSS)(User: )

Description: 0x80070005, Zugriff verweigert
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {36a63b94-0e22-4cd5-9ffa-72326fbd89dd}
 

Error: (09/08/2013 07:54:59 PM) (Source: VSS)(User: )

Description: 0x80070005, Zugriff verweigert
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {b14ba5b4-3b51-428f-882b-fe4494b710bc}
 

Error: (09/08/2013 07:51:48 PM) (Source: Application Error)(User: )

Description: wic.exe1.0.1.14a2f7509d3d11.dll6.2.9200.165705153774dc0000005000a4903f1001ceacbc089e3606D:\Ubisoft\WORLD IN CONFLICT\wic.exeC:\Windows\system32\d3d11.dll54efe3b5-18af-11e3-b4d6-002215db3898
 

Error: (09/08/2013 07:46:33 PM) (Source: Application Error)(User: )

Description: wic.exe1.0.1.14a2f7509d3d11.dll6.2.9200.165705153774dc0000005000a79042c401ceacbb5125e664D:\Ubisoft\WORLD IN CONFLICT\wic.exeC:\Windows\system32\d3d11.dll992ad463-18ae-11e3-b4d6-002215db3898
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 29%

Total physical RAM: 3647.18 MB

Available physical RAM: 2564.3 MB

Total Pagefile: 7292.65 MB

Available Pagefile: 5827.42 MB

Total Virtual: 2799.88 MB

Available Virtual: 2653.15 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:95.7 GB) (Free:26.32 GB) NTFS

Drive d: (Progs) (Fixed) (Total:104.49 GB) (Free:31.08 GB) NTFS

Drive e: (Saves&Krempel) (Fixed) (Total:97.8 GB) (Free:16.35 GB) NTFS

Drive f: (Meine Dateien) (CDROM) (Total:0.44 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

==================== End Of Log ============================

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Beim Start von mbar gab es eine Meldung dass ein Registryeintrag ein Anzeichen für Rootkitaktivität sein könnte und ob der entfernt werden solle. Wenn ich unsicher sei sollte ich NO clicken, das hab ich gemacht. Danach gab es diese LOG ohne Fund..

Code:

Malwarebytes Anti-Rootkit BETA 1.07.0.1005

www.malwarebytes.org
 

Database version: v2013.10.02.01
 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 10.0.9200.16686

Kaleun Tobsen :: KALEUNTOBSEN-PC [administrator]
 

02.10.2013 05:47:27

mbar-log-2013-10-02 (05-47-27).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 313137

Time elapsed: 9 minute(s), 52 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)

danach hab ich es nochmal gestartet und YES geclickt und wieder ohne Fund

Code:

Malwarebytes Anti-Rootkit BETA 1.07.0.1005

www.malwarebytes.org
 

Database version: v2013.10.02.01
 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 10.0.9200.16686

Kaleun Tobsen :: KALEUNTOBSEN-PC [administrator]
 

02.10.2013 06:01:43

mbar-log-2013-10-02 (06-01-43).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 313135

Time elapsed: 8 minute(s), 52 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)

War denn in den FRST Logfiles irgendwas auffällig??

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Code:

# AdwCleaner v3.006 - Bericht erstellt am 02/10/2013 um 21:23:02

# Updated 01/10/2013 von Xplode

# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)

# Benutzername : Kaleun Tobsen - KALEUNTOBSEN-PC

# Gestartet von : C:\Users\Steuermann\Desktop\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 

[#] Dienst Gelöscht : SearchAnonymizer
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\Babylon

Ordner Gelöscht : C:\ProgramData\boost_interprocess

Ordner Gelöscht : C:\Users\Kaleun Tobsen\AppData\Local\PackageAware
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OCS_Sm

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Schlüssel Gelöscht : HKCU\Software\855ddd8e768e412

Schlüssel Gelöscht : HKLM\SOFTWARE\855ddd8e768e412

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_chess_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_chess_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Schlüssel Gelöscht : HKCU\Software\DataMngr

[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar

Schlüssel Gelöscht : HKCU\Software\Microsoft\Babylon

Schlüssel Gelöscht : HKCU\Software\OCS

Schlüssel Gelöscht : HKLM\Software\Babylon

Schlüssel Gelöscht : HKLM\Software\DataMngr

Schlüssel Gelöscht : HKLM\Software\Freeze.com

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
 

***** [ Browser ] *****
 

-\\ Internet Explorer v10.0.9200.16686
 
 

*************************
 

AdwCleaner[R0].txt - [2741 octets] - [02/10/2013 21:22:13]

AdwCleaner[S0].txt - [2678 octets] - [02/10/2013 21:23:02]
 

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [2738 octets] ##########

Das JRT hat mich selbstständig aufs Adminkonto geswitcht, als ich wieder zurück switchen wollte gabs n Absturz ...

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.3 (09.27.2013:1)

OS: Windows 7 Ultimate x86

Ran by Kaleun Tobsen on 02.10.2013 at 21:33:56,25

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2728854988-945016170-375115415-1000\Software\SweetIM
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\Program Files\myfree codec"
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 02.10.2013 at 21:36:04,53

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013

Ran by Steuermann (ATTENTION: The logged in user is not administrator) on KALEUNTOBSEN-PC on 02-10-2013 22:33:22

Running from C:\Users\Steuermann\Desktop

Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKCU\...\Run: [Nero MediaHome 4] - "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN

HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Steuermann\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

HKCU\...\Run: [] - D:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

MountPoints2: {517355f8-1b86-11e1-bb77-002215db3898} - H:\AutoRun.exe

MountPoints2: {5173562e-1b86-11e1-bb77-002215db3898} - H:\AutoRun.exe
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.2.1/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x38123D9DFD50CC01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Steuermann\AppData\Roaming\Mozilla\Firefox\Profiles\jrc5fhz3.default

FF Homepage: web.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: No Name - C:\Users\Steuermann\AppData\Roaming\Mozilla\Firefox\Profiles\jrc5fhz3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)

R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4176896 2011-12-05] (Native Instruments GmbH)

R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)

R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 TomTomHOMEService; D:\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-07-02] (TomTom)

S3 xsherlock; C:\Windows\system32\xsherlock.xem [666720 2012-11-09] (Wellbia.com Co., Ltd.)
 

==================== Drivers (Whitelisted) ====================
 

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-06-13] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)

S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [340480 2007-11-06] (BEHRINGER)

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-13] (DT Soft Ltd)

R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-06-13] ()

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()

S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)

R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-23] (Avira GmbH)

R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1077760 2009-08-17] (VIA Technologies, Inc.)

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]

S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x]

S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]

S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x]

S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [x]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]

S3 tsusbhub; system32\drivers\tsusbhub.sys [x]

S3 VGPU; System32\drivers\rdvgkmd.sys [x]

S3 vtany; \??\C:\Windows\vtany.sys [x]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-10-02 22:10 - 2013-10-02 22:11 - 00009435 _____ C:\Users\Steuermann\Desktop\Addition.txt

2013-10-02 21:59 - 2013-10-02 21:59 - 01087213 _____ (Farbar) C:\Users\Steuermann\Desktop\FRST.exe

2013-10-02 21:40 - 2013-10-02 21:40 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla

2013-10-02 21:33 - 2013-10-02 21:33 - 00000000 ____D C:\Windows\ERUNT

2013-10-02 21:32 - 2013-10-02 21:32 - 01030305 _____ (Thisisu) C:\Users\Steuermann\Desktop\JRT.exe

2013-10-02 21:21 - 2013-10-02 21:23 - 00000000 ____D C:\AdwCleaner

2013-10-02 21:20 - 2013-10-02 21:20 - 01045226 _____ C:\Users\Steuermann\Desktop\adwcleaner.exe

2013-10-02 05:47 - 2013-10-02 06:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-02 05:47 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-02 05:39 - 2013-10-02 06:19 - 00000000 ____D C:\Users\Steuermann\Desktop\mbar

2013-10-02 05:35 - 2013-10-02 05:35 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Steuermann\Desktop\mbar-1.07.0.1005.exe

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2013-09-12 08:28 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-29 23:56 - 2013-09-12 08:28 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-29 23:56 - 2013-09-11 22:27 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-29 23:55 - 2013-09-29 23:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:51 - 2013-09-12 10:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-29 23:51 - 2013-09-12 10:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-29 23:51 - 2013-08-20 15:33 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys

2013-09-29 23:51 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll

2013-09-29 23:51 - 2013-06-16 14:38 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys

2013-09-29 23:51 - 2013-06-16 14:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll

2013-09-29 23:51 - 2013-01-29 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll

2013-09-29 23:32 - 2013-09-12 10:51 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 10:16 - 2013-10-02 05:33 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-25 17:14 - 2013-10-01 19:48 - 00000000 ____D C:\Windows\Minidump

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 17:03 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-09-11 17:03 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-09-11 17:03 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-11 17:03 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-11 16:55 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-09-11 16:55 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2013-09-11 16:55 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-09-11 16:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-09-11 16:54 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2013-09-11 16:54 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity
 

==================== One Month Modified Files and Folders =======
 

2013-10-02 22:29 - 2011-05-20 22:50 - 01483481 _____ C:\Windows\WindowsUpdate.log

2013-10-02 22:26 - 2012-09-15 17:31 - 00000000 ____D C:\ProgramData\NVIDIA

2013-10-02 22:26 - 2012-08-04 15:20 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-02 22:26 - 2011-06-13 09:50 - 02469499 _____ C:\Windows\setupact.log

2013-10-02 22:26 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-02 22:11 - 2013-10-02 22:10 - 00009435 _____ C:\Users\Steuermann\Desktop\Addition.txt

2013-10-02 21:59 - 2013-10-02 21:59 - 01087213 _____ (Farbar) C:\Users\Steuermann\Desktop\FRST.exe

2013-10-02 21:58 - 2012-12-16 13:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-02 21:58 - 2012-08-04 15:20 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-02 21:40 - 2013-10-02 21:40 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla

2013-10-02 21:33 - 2013-10-02 21:33 - 00000000 ____D C:\Windows\ERUNT

2013-10-02 21:32 - 2013-10-02 21:32 - 01030305 _____ (Thisisu) C:\Users\Steuermann\Desktop\JRT.exe

2013-10-02 21:32 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-02 21:32 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-02 21:23 - 2013-10-02 21:21 - 00000000 ____D C:\AdwCleaner

2013-10-02 21:20 - 2013-10-02 21:20 - 01045226 _____ C:\Users\Steuermann\Desktop\adwcleaner.exe

2013-10-02 17:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET

2013-10-02 06:29 - 2011-06-25 05:13 - 00000000 ____D C:\Program Files\Common Files\Steam

2013-10-02 06:28 - 2011-05-20 22:56 - 01590370 _____ C:\Windows\system32\PerfStringBackup.INI

2013-10-02 06:19 - 2013-10-02 05:39 - 00000000 ____D C:\Users\Steuermann\Desktop\mbar

2013-10-02 06:11 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-02 05:47 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-02 05:35 - 2013-10-02 05:35 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Steuermann\Desktop\mbar-1.07.0.1005.exe

2013-10-02 05:33 - 2013-09-28 10:16 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 19:48 - 2013-09-25 17:14 - 00000000 ____D C:\Windows\Minidump

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 09:07 - 2011-06-21 09:27 - 00149748 _____ C:\Windows\PFRO.log

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:58 - 2013-09-29 23:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:58 - 2011-05-20 23:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help

2013-09-29 23:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 22:46 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Mozilla

2013-09-29 20:43 - 2012-07-11 21:56 - 00000958 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-29 19:46 - 2011-05-23 04:03 - 00000000 ____D C:\Program Files\Common Files\Nero

2013-09-29 19:45 - 2011-05-23 04:07 - 00000000 ____D C:\Program Files\Nero

2013-09-29 19:45 - 2011-05-23 04:04 - 00000000 ____D C:\ProgramData\Nero

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:46 - 2011-05-21 15:37 - 00000000 ____D C:\Users\Kjeld

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 17:59 - 2011-05-29 18:55 - 00000680 __RSH C:\Users\Kaleun Tobsen\ntuser.pol

2013-09-27 17:25 - 2013-08-25 14:27 - 00000000 ____D C:\ProgramData\Samsung

2013-09-27 17:25 - 2011-05-20 23:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2013-09-27 17:16 - 2013-08-30 19:58 - 00000000 ____D C:\Program Files\Free FLV Converter

2013-09-27 17:15 - 2013-08-07 00:51 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Amazon

2013-09-27 17:15 - 2013-08-07 00:50 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-26 22:47 - 2013-01-20 21:09 - 00000000 ____D C:\Program Files\TomTom HOME 2

2013-09-26 22:45 - 2013-01-20 21:07 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Downloaded Installations

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-17 07:36 - 2012-09-01 16:23 - 00000000 ____D C:\ProgramData\CanonIJPLM

2013-09-16 10:43 - 2011-05-21 21:23 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\vlc

2013-09-12 10:51 - 2013-09-29 23:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-12 10:51 - 2013-09-29 23:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-12 10:51 - 2013-09-29 23:32 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-12 08:28 - 2013-09-29 23:56 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 22:27 - 2013-09-29 23:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-11 17:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache

2013-09-11 17:08 - 2009-07-14 06:33 - 00283096 _____ C:\Windows\system32\FNTCACHE.DAT

2013-09-11 17:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE

2013-09-11 17:02 - 2013-07-17 10:28 - 00000000 ____D C:\Windows\system32\MRT

2013-09-11 16:56 - 2011-05-21 13:23 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-09-11 13:58 - 2012-12-16 13:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2013-09-11 13:58 - 2012-12-16 13:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2013-09-08 17:50 - 2011-05-29 19:33 - 00000680 __RSH C:\Users\Steuermann\ntuser.pol

2013-09-08 17:50 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity

2013-09-08 10:34 - 2011-05-29 19:27 - 00043800 __RSH C:\Users\Kjeld\ntuser.pol

2013-09-04 13:34 - 2013-05-07 15:36 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-09-04 13:34 - 2013-03-23 10:00 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-09-04 13:34 - 2013-03-23 10:00 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013

Ran by Steuermann at 2013-10-02 22:33:44

Running from C:\Users\Steuermann\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

7-Zip 4.65

Adobe Flash Player 11 Plugin (Version: 11.8.800.168)

Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)

Adobe Shockwave Player 12.0 (Version: 12.0.4.144)

Air Conflicts - Secret Wars

Anno 1404 (Version: 1.00.0000)

ANNO 1404 (Version: 1.03.0000)

Avira Free Antivirus (Version: 13.0.0.4052)

BEHRINGER USB AUDIO DRIVER

C9

Call of Duty: Modern Warfare 3 - Multiplayer

Canon Easy-PhotoPrint EX

Canon MP Navigator EX 4.0

Canon MP280 series Benutzerregistrierung

Canon MP280 series MP Drivers

Canon My Printer

Canon Solution Menu EX

Chivalry: Medieval Warfare

Chivalry: Medieval Warfare Dedicated Server

Crysis 2 Maximum Edition

DAEMON Tools Lite (Version: 4.45.1.0236)

doPDF 7.3 printer

DVD Shrink 3.2

Fraps

From Dust

GeForce Experience NvStream Client Components (Version: 0.1.87)

Google Earth Plug-in (Version: 7.1.1.1888)

High-Definition Video Playback 10 (Version: 7.0.11400.29.0)

HijackThis 1.99.1 (Version: 1.99.1)

HTC BMP USB Driver (Version: 1.0.5375)

HTC Driver Installer (Version: 4.1.0.001)

IPTInstaller (Version: 4.0.8)

Java 7 Update 40 (Version: 7.0.400)

Java Auto Updater (Version: 2.1.9.8)

Left 4 Dead 2

LEGO Insel 2

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft Office Excel Viewer (Version: 12.0.6425.1000)

Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Word 2000 SR-1 (Version: 9.00.3821)

Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)

Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)

Mozilla Firefox 24.0 (x86 de) (Version: 24.0)

MSVC80_x86_v2 (Version: 1.0.3.0)

MSVC90_x86 (Version: 1.0.1.2)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)

Native Instruments AC Box Combo

Native Instruments Controller Editor

Native Instruments Controller Editor (Version: 1.4.3.891)

Native Instruments Guitar Rig 5

Native Instruments Guitar Rig 5 (Version: 5.1.0.2641)

Native Instruments Guitar Rig Mobile I/O

Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)

Native Instruments Guitar Rig Session I/O

Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)

Native Instruments Plexi Combo

Native Instruments Rig Kontrol 3

Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)

Native Instruments Service Center

Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)

Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)

Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)

Nero Burning ROM 10 (Version: 10.0.11100.10.100)

Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)

Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)

Nero Control Center 10 (Version: 10.0.12000.1.4)

Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)

Nero Core Components 10 (Version: 2.0.13700.0.1)

Nero CoverDesigner 10 (Version: 5.0.10900.11.100)

Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)

Nero DiscCopyGadget 10 Help (CHM) (Version: 1.0.10600)

Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)

Nero Dolby Files 10 (Version: 2.0.11000.0.10)

Nero Express 10 (Version: 10.0.11000.10.100)

Nero Express 10 Help (CHM) (Version: 1.0.10700)

Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)

Nero MediaHub 10 (Version: 1.0.13400.11.100)

Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)

Nero Multimedia Suite 10 (Version: 10.0.13100)

Nero Recode 10 (Version: 4.6.10900.4.100)

Nero Recode 10 Help (CHM) (Version: 1.0.10600)

Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)

Nero SoundTrax 10 (Version: 4.6.10600.2.100)

Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)

Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)

Nero Update (Version: 1.0.0017)

Nero Vision 10 (Version: 7.0.11100.8.100)

Nero Vision 10 Help (CHM) (Version: 1.0.10600)

Nero WaveEditor 10 (Version: 5.6.10600.2.100)

Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)

Nokia Connectivity Cable Driver (Version: 7.1.172.0)

Nokia Suite (Version: 3.8.30.0)

NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)

NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)

NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)

NVIDIA Grafiktreiber 327.23 (Version: 327.23)

NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.133.902)

NVIDIA PhysX (Version: 9.13.0725)

NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2723)

NVIDIA Systemsteuerung 327.23 (Version: 327.23)

NVIDIA Update 8.3.14 (Version: 8.3.14)

NVIDIA Update Components (Version: 8.3.14)

NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)

Pando Media Booster (Version: 2.6.0.1)

PC Connectivity Solution (Version: 12.0.109.0)

Platform (Version: 1.34)

Plex Media Server (Version: 0.9.709)

ProtectDisc Driver, Version 11 (Version: 11.0.0.14)

Ravensburger tiptoi

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)

SereneScreen Marine Aquarium 3 (Version: 3.0)

SHIELD Streaming (Version: 1.05.28)

Silent Hunter 5 (Version: 1.2.0)

SpeedFan (remove only)

Star Trek Online

Steam (Version: 1.0.0.0)

swMSM (Version: 12.0.0.1)

The Witcher Enhanced Edition (Version: 1.4.5.1280)

TomTom HOME (Version: 2.9.6)

TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)

Ubisoft Game Launcher (Version: 1.0.0.0)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)

VIA Plattform-Geräte-Manager (Version: 1.34)

VLC media player 2.0.8 (Version: 2.0.8)

Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
 

==================== Restore Points  =========================
 

Could not list Restore Points.
 
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
 

==================== Loaded Modules (whitelisted) =============
 

2013-10-01 00:34 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/02/2013 10:26:10 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎02.‎10.‎2013 um 22:23:35 unerwartet heruntergefahren.
 

Error: (10/02/2013 10:19:15 PM) (Source: nvlddmkm) (User: )

Description: \Device\Video5!0702(24f8)
 
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 31%

Total physical RAM: 3647.18 MB

Available physical RAM: 2503.79 MB

Total Pagefile: 7292.65 MB

Available Pagefile: 5887.49 MB

Total Virtual: 2799.88 MB

Available Virtual: 2648.49 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:95.7 GB) (Free:25.59 GB) NTFS

Drive d: (Progs) (Fixed) (Total:104.49 GB) (Free:31.08 GB) NTFS

Drive e: (Saves&Krempel) (Fixed) (Total:97.8 GB) (Free:16.35 GB) NTFS

Drive f: (Meine Dateien) (CDROM) (Total:0.44 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

==================== End Of Log ============================

Zitat:

Ran by Steuermann (ATTENTION: The logged in user is not administrator)

Warum machst du das FRST Log auf einmal mit einem anderen User der nicht Admin ist?

Ich war auch bei den anderen Logs auf dem Benutzer hab dann nur als Admin ausgeführt und es bei FRST nicht gemacht .. hier nochmal als Admin ..

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013

Ran by Kaleun Tobsen (administrator) on KALEUNTOBSEN-PC on 03-10-2013 13:27:58

Running from C:\Users\Steuermann\Desktop

Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

(TomTom) D:\TomTom HOME 2\TomTomHOMEService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Nero AG) C:\Program Files\Nero\Update\NASvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKCU\...\Run: [] - [x]

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

MountPoints2: {5c6a935b-8322-11e0-9b51-806e6f6e6963} - F:\Msetup4.exe

HKU\Kjeld\...\Policies\system: [LogonHoursAction] 2

HKU\Kjeld\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {14BEAF31-2F07-455A-9506-7DD6375313FC} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {256F019E-D724-4F34-AA92-D4685CED4F6C} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {8A80A95D-C5D4-4E68-9A20-B024EFA83139} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {C245B50F-78AB-47FC-BD47-1994ECF31884} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {D56DB2F8-2990-41FA-ACAD-560A8278758A} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {FD904BDB-A855-4050-A54B-804644E9DD6D} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla\Firefox\Profiles\let28wvc.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)

R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4176896 2011-12-05] (Native Instruments GmbH)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)

R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 TomTomHOMEService; D:\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-07-02] (TomTom)

S3 xsherlock; C:\Windows\system32\xsherlock.xem [666720 2012-11-09] (Wellbia.com Co., Ltd.)
 

==================== Drivers (Whitelisted) ====================
 

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-06-13] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)

S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [340480 2007-11-06] (BEHRINGER)

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-13] (DT Soft Ltd)

R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-06-13] ()

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()

S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)

R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-23] (Avira GmbH)

R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1077760 2009-08-17] (VIA Technologies, Inc.)

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]

S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x]

S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]

S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x]

S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [x]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]

S3 tsusbhub; system32\drivers\tsusbhub.sys [x]

S3 VGPU; System32\drivers\rdvgkmd.sys [x]

S3 vtany; \??\C:\Windows\vtany.sys [x]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-10-03 13:18 - 2013-10-03 13:18 - 99083035 _____ C:\Windows\system32\⌳᧣e

2013-10-02 22:10 - 2013-10-02 22:33 - 00010474 _____ C:\Users\Steuermann\Desktop\Addition.txt

2013-10-02 21:59 - 2013-10-02 21:59 - 01087213 _____ (Farbar) C:\Users\Steuermann\Desktop\FRST.exe

2013-10-02 21:40 - 2013-10-02 21:40 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla

2013-10-02 21:36 - 2013-10-02 21:36 - 00000883 _____ C:\Users\Kaleun Tobsen\Desktop\JRT.txt

2013-10-02 21:33 - 2013-10-02 21:33 - 00000000 ____D C:\Windows\ERUNT

2013-10-02 21:32 - 2013-10-02 21:32 - 01030305 _____ (Thisisu) C:\Users\Steuermann\Desktop\JRT.exe

2013-10-02 21:21 - 2013-10-02 21:23 - 00000000 ____D C:\AdwCleaner

2013-10-02 21:20 - 2013-10-02 21:20 - 01045226 _____ C:\Users\Steuermann\Desktop\adwcleaner.exe

2013-10-02 05:47 - 2013-10-02 06:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-02 05:47 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-02 05:39 - 2013-10-02 06:19 - 00000000 ____D C:\Users\Steuermann\Desktop\mbar

2013-10-02 05:35 - 2013-10-02 05:35 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Steuermann\Desktop\mbar-1.07.0.1005.exe

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 19:48 - 2013-10-01 19:48 - 00131072 ____N C:\Windows\Minidump\100113-17453-01.dmp

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 23:58 - 2013-09-30 23:58 - 00131072 ____N C:\Windows\Minidump\093013-15609-01.dmp

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Startmenü

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Netzwerkumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Druckumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Musik

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Bilder

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\Verlauf

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2013-09-12 08:28 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-29 23:56 - 2013-09-12 08:28 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-29 23:56 - 2013-09-11 22:27 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ___RD C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ___RD C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Mozilla

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Macromedia

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Avira

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Adobe

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\Mozilla

2013-09-29 23:56 - 2011-05-21 12:06 - 00000490 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\System (C) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 11:38 - 00000599 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\CCleaner.lnk

2013-09-29 23:56 - 2011-05-21 00:51 - 00000471 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\Progs (D) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:42 - 00000495 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\Saves&Krempel (E) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:15 - 00000532 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\PHILIPS External Hard Disk (G) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:15 - 00000426 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\CD-Laufwerk - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:08 - 00000355 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\Computer - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-20 23:58 - 00057560 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-09-29 23:56 - 2011-05-20 22:57 - 00001409 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-09-29 23:56 - 2011-05-20 22:56 - 00000020 ___SH C:\Users\UpdatusUser.KaleunTobsen-PC\ntuser.ini

2013-09-29 23:56 - 2011-05-20 22:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\VirtualStore

2013-09-29 23:55 - 2013-09-29 23:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:51 - 2013-09-12 10:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-29 23:51 - 2013-09-12 10:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-29 23:51 - 2013-08-20 15:33 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys

2013-09-29 23:51 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll

2013-09-29 23:51 - 2013-06-16 14:38 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys

2013-09-29 23:51 - 2013-06-16 14:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll

2013-09-29 23:51 - 2013-01-29 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll

2013-09-29 23:32 - 2013-09-12 10:51 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 10:46 - 2013-09-28 10:46 - 00131072 ____N C:\Windows\Minidump\092813-16328-01.dmp

2013-09-28 10:16 - 2013-10-02 05:33 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 19:13 - 2013-09-27 19:13 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Secunia PSI

2013-09-27 17:08 - 2013-09-27 17:08 - 00160128 _____ C:\Windows\Minidump\092713-16234-01.dmp

2013-09-27 13:49 - 2013-09-27 13:49 - 00131072 ____N C:\Windows\Minidump\092713-14921-01.dmp

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-27 08:00 - 2013-09-27 08:00 - 00160296 _____ C:\Windows\Minidump\092713-20203-01.dmp

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-25 17:14 - 2013-10-01 19:48 - 00000000 ____D C:\Windows\Minidump

2013-09-25 17:13 - 2013-09-25 17:13 - 00131072 ____N C:\Windows\Minidump\092513-17171-01.dmp

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 17:03 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-09-11 17:03 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-09-11 17:03 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-11 17:03 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-11 16:55 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-09-11 16:55 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2013-09-11 16:55 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-09-11 16:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-09-11 16:54 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2013-09-11 16:54 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity

2013-09-08 10:34 - 2013-09-08 10:34 - 00000000 ____D C:\Users\Kjeld\AppData\Local\Unity
 

==================== One Month Modified Files and Folders =======
 

2013-10-03 13:27 - 2011-06-13 09:50 - 02470115 _____ C:\Windows\setupact.log

2013-10-03 13:24 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-03 13:24 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-03 13:20 - 2012-08-04 15:20 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-03 13:20 - 2011-05-20 22:50 - 01499843 _____ C:\Windows\WindowsUpdate.log

2013-10-03 13:18 - 2013-10-03 13:18 - 99083035 _____ C:\Windows\system32\⌳᧣e

2013-10-03 13:17 - 2012-09-15 17:31 - 00000000 ____D C:\ProgramData\NVIDIA

2013-10-03 13:17 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-02 22:33 - 2013-10-02 22:10 - 00010474 _____ C:\Users\Steuermann\Desktop\Addition.txt

2013-10-02 21:59 - 2013-10-02 21:59 - 01087213 _____ (Farbar) C:\Users\Steuermann\Desktop\FRST.exe

2013-10-02 21:58 - 2012-12-16 13:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-02 21:58 - 2012-08-04 15:20 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-02 21:40 - 2013-10-02 21:40 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla

2013-10-02 21:36 - 2013-10-02 21:36 - 00000883 _____ C:\Users\Kaleun Tobsen\Desktop\JRT.txt

2013-10-02 21:33 - 2013-10-02 21:33 - 00000000 ____D C:\Windows\ERUNT

2013-10-02 21:32 - 2013-10-02 21:32 - 01030305 _____ (Thisisu) C:\Users\Steuermann\Desktop\JRT.exe

2013-10-02 21:23 - 2013-10-02 21:21 - 00000000 ____D C:\AdwCleaner

2013-10-02 21:20 - 2013-10-02 21:20 - 01045226 _____ C:\Users\Steuermann\Desktop\adwcleaner.exe

2013-10-02 17:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET

2013-10-02 06:29 - 2011-06-25 05:13 - 00000000 ____D C:\Program Files\Common Files\Steam

2013-10-02 06:28 - 2011-05-20 22:56 - 01590370 _____ C:\Windows\system32\PerfStringBackup.INI

2013-10-02 06:19 - 2013-10-02 05:39 - 00000000 ____D C:\Users\Steuermann\Desktop\mbar

2013-10-02 06:11 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-02 05:47 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-02 05:35 - 2013-10-02 05:35 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Steuermann\Desktop\mbar-1.07.0.1005.exe

2013-10-02 05:33 - 2013-09-28 10:16 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 19:48 - 2013-10-01 19:48 - 00131072 ____N C:\Windows\Minidump\100113-17453-01.dmp

2013-10-01 19:48 - 2013-09-25 17:14 - 00000000 ____D C:\Windows\Minidump

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 09:07 - 2011-06-21 09:27 - 00149748 _____ C:\Windows\PFRO.log

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 23:58 - 2013-09-30 23:58 - 00131072 ____N C:\Windows\Minidump\093013-15609-01.dmp

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:58 - 2013-09-29 23:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:58 - 2011-05-20 23:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Startmenü

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Netzwerkumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Druckumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Musik

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Bilder

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\Verlauf

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help

2013-09-29 23:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 22:46 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Mozilla

2013-09-29 22:43 - 2011-05-21 01:00 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Mozilla

2013-09-29 22:38 - 2011-05-20 22:56 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\VirtualStore

2013-09-29 20:43 - 2012-07-11 21:56 - 00000958 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-29 19:46 - 2011-05-23 04:03 - 00000000 ____D C:\Program Files\Common Files\Nero

2013-09-29 19:45 - 2011-05-23 04:07 - 00000000 ____D C:\Program Files\Nero

2013-09-29 19:45 - 2011-05-23 04:04 - 00000000 ____D C:\ProgramData\Nero

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:46 - 2011-05-21 15:37 - 00000000 ____D C:\Users\Kjeld

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 10:46 - 2013-09-28 10:46 - 00131072 ____N C:\Windows\Minidump\092813-16328-01.dmp

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 19:13 - 2013-09-27 19:13 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Secunia PSI

2013-09-27 17:59 - 2011-05-29 18:55 - 00000680 __RSH C:\Users\Kaleun Tobsen\ntuser.pol

2013-09-27 17:25 - 2013-08-25 14:27 - 00000000 ____D C:\ProgramData\Samsung

2013-09-27 17:25 - 2011-05-20 23:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2013-09-27 17:16 - 2013-08-30 19:58 - 00000000 ____D C:\Program Files\Free FLV Converter

2013-09-27 17:15 - 2013-08-07 00:51 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Amazon

2013-09-27 17:15 - 2013-08-07 00:50 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-09-27 17:08 - 2013-09-27 17:08 - 00160128 _____ C:\Windows\Minidump\092713-16234-01.dmp

2013-09-27 13:49 - 2013-09-27 13:49 - 00131072 ____N C:\Windows\Minidump\092713-14921-01.dmp

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-27 08:00 - 2013-09-27 08:00 - 00160296 _____ C:\Windows\Minidump\092713-20203-01.dmp

2013-09-26 23:13 - 2013-07-28 20:09 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Downloaded Installations

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-26 22:47 - 2013-01-20 21:09 - 00000000 ____D C:\Program Files\TomTom HOME 2

2013-09-26 22:45 - 2013-01-20 21:07 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Downloaded Installations

2013-09-25 17:13 - 2013-09-25 17:13 - 00131072 ____N C:\Windows\Minidump\092513-17171-01.dmp

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-17 07:36 - 2012-09-01 16:23 - 00000000 ____D C:\ProgramData\CanonIJPLM

2013-09-16 10:43 - 2011-05-21 21:23 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\vlc

2013-09-12 10:51 - 2013-09-29 23:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-12 10:51 - 2013-09-29 23:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-12 10:51 - 2013-09-29 23:32 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-12 08:28 - 2013-09-29 23:56 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 22:27 - 2013-09-29 23:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-11 17:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache

2013-09-11 17:08 - 2009-07-14 06:33 - 00283096 _____ C:\Windows\system32\FNTCACHE.DAT

2013-09-11 17:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE

2013-09-11 17:02 - 2013-07-17 10:28 - 00000000 ____D C:\Windows\system32\MRT

2013-09-11 16:56 - 2011-05-21 13:23 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-09-11 13:58 - 2012-12-16 13:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2013-09-11 13:58 - 2012-12-16 13:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2013-09-08 17:50 - 2011-05-29 19:33 - 00000680 __RSH C:\Users\Steuermann\ntuser.pol

2013-09-08 17:50 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity

2013-09-08 10:34 - 2013-09-08 10:34 - 00000000 ____D C:\Users\Kjeld\AppData\Local\Unity

2013-09-08 10:34 - 2011-05-29 19:27 - 00043800 __RSH C:\Users\Kjeld\ntuser.pol

2013-09-04 13:34 - 2013-05-07 15:36 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-09-04 13:34 - 2013-03-23 10:00 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-09-04 13:34 - 2013-03-23 10:00 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
 

Some content of TEMP:

====================

C:\Users\Kaleun Tobsen\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Kaleun Tobsen\AppData\Local\Temp\nvStInst.exe

C:\Users\Kaleun Tobsen\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-10-02 20:58
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013

Ran by Kaleun Tobsen at 2013-10-03 13:28:29

Running from C:\Users\Steuermann\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

7-Zip 4.65

Adobe Flash Player 11 Plugin (Version: 11.8.800.168)

Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)

Adobe Shockwave Player 12.0 (Version: 12.0.4.144)

Air Conflicts - Secret Wars

Anno 1404 (Version: 1.00.0000)

ANNO 1404 (Version: 1.03.0000)

Avira Free Antivirus (Version: 13.0.0.4052)

BEHRINGER USB AUDIO DRIVER

C9

Call of Duty: Modern Warfare 3 - Multiplayer

Canon Easy-PhotoPrint EX

Canon MP Navigator EX 4.0

Canon MP280 series Benutzerregistrierung

Canon MP280 series MP Drivers

Canon My Printer

Canon Solution Menu EX

Chivalry: Medieval Warfare

Chivalry: Medieval Warfare Dedicated Server

Crysis 2 Maximum Edition

DAEMON Tools Lite (Version: 4.45.1.0236)

doPDF 7.3 printer

DVD Shrink 3.2

Fraps

From Dust

GeForce Experience NvStream Client Components (Version: 0.1.87)

Google Earth Plug-in (Version: 7.1.1.1888)

High-Definition Video Playback 10 (Version: 7.0.11400.29.0)

HijackThis 1.99.1 (Version: 1.99.1)

HTC BMP USB Driver (Version: 1.0.5375)

HTC Driver Installer (Version: 4.1.0.001)

IPTInstaller (Version: 4.0.8)

Java 7 Update 40 (Version: 7.0.400)

Java Auto Updater (Version: 2.1.9.8)

Left 4 Dead 2

LEGO Insel 2

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft Office Excel Viewer (Version: 12.0.6425.1000)

Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Word 2000 SR-1 (Version: 9.00.3821)

Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)

Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)

Mozilla Firefox 24.0 (x86 de) (Version: 24.0)

MSVC80_x86_v2 (Version: 1.0.3.0)

MSVC90_x86 (Version: 1.0.1.2)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)

MyFreeCodec

Native Instruments AC Box Combo

Native Instruments Controller Editor

Native Instruments Controller Editor (Version: 1.4.3.891)

Native Instruments Guitar Rig 5

Native Instruments Guitar Rig 5 (Version: 5.1.0.2641)

Native Instruments Guitar Rig Mobile I/O

Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)

Native Instruments Guitar Rig Session I/O

Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)

Native Instruments Plexi Combo

Native Instruments Rig Kontrol 3

Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)

Native Instruments Service Center

Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)

Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)

Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)

Nero Burning ROM 10 (Version: 10.0.11100.10.100)

Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)

Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)

Nero Control Center 10 (Version: 10.0.12000.1.4)

Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)

Nero Core Components 10 (Version: 2.0.13700.0.1)

Nero CoverDesigner 10 (Version: 5.0.10900.11.100)

Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)

Nero DiscCopyGadget 10 Help (CHM) (Version: 1.0.10600)

Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)

Nero Dolby Files 10 (Version: 2.0.11000.0.10)

Nero Express 10 (Version: 10.0.11000.10.100)

Nero Express 10 Help (CHM) (Version: 1.0.10700)

Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)

Nero MediaHub 10 (Version: 1.0.13400.11.100)

Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)

Nero Multimedia Suite 10 (Version: 10.0.13100)

Nero Recode 10 (Version: 4.6.10900.4.100)

Nero Recode 10 Help (CHM) (Version: 1.0.10600)

Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)

Nero SoundTrax 10 (Version: 4.6.10600.2.100)

Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)

Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)

Nero Update (Version: 1.0.0017)

Nero Vision 10 (Version: 7.0.11100.8.100)

Nero Vision 10 Help (CHM) (Version: 1.0.10600)

Nero WaveEditor 10 (Version: 5.6.10600.2.100)

Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)

Nokia Connectivity Cable Driver (Version: 7.1.172.0)

Nokia Suite (Version: 3.8.30.0)

NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)

NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)

NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)

NVIDIA Grafiktreiber 327.23 (Version: 327.23)

NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.133.902)

NVIDIA PhysX (Version: 9.13.0725)

NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2723)

NVIDIA Systemsteuerung 327.23 (Version: 327.23)

NVIDIA Update 8.3.14 (Version: 8.3.14)

NVIDIA Update Components (Version: 8.3.14)

NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)

Pando Media Booster (Version: 2.6.0.1)

PC Connectivity Solution (Version: 12.0.109.0)

Platform (Version: 1.34)

Plex Media Server (Version: 0.9.709)

ProtectDisc Driver, Version 11 (Version: 11.0.0.14)

Ravensburger tiptoi

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)

SereneScreen Marine Aquarium 3 (Version: 3.0)

SHIELD Streaming (Version: 1.05.28)

Silent Hunter 5 (Version: 1.2.0)

SpeedFan (remove only)

Star Trek Online

Steam (Version: 1.0.0.0)

swMSM (Version: 12.0.0.1)

The Witcher Enhanced Edition (Version: 1.4.5.1280)

TomTom HOME (Version: 2.9.6)

TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)

Ubisoft Game Launcher (Version: 1.0.0.0)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)

VIA Plattform-Geräte-Manager (Version: 1.34)

VLC media player 2.0.8 (Version: 2.0.8)

Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
 

==================== Restore Points  =========================
 

29-09-2013 21:52:19 Windows Update

29-09-2013 22:06:20 Windows Update

02-10-2013 04:24:50 Windows Update
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {370AA733-D1BB-4C8C-AB30-3B3F94074278} - System32\Tasks\{D67E6597-BC7C-4668-9462-16503426D3FF} => C:\Program Files\Skype\\Phone\Skype.exe

Task: {51DADA01-E481-4D72-9E08-8968AEF72C80} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)

Task: {B3980805-BD27-4E8B-BD90-1B4907264FBD} - System32\Tasks\{CFCEE7A4-0485-4F11-90ED-86D5DFDD98AE} => D:\AnvSoft\Any DVD Converter Professional\DVDConvPro.exe

Task: {BC932AA5-465F-4070-BFF5-3A9BFB19D892} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-04] (Google Inc.)

Task: {D64EBAB2-A63D-4567-8421-899C488D32F1} - System32\Tasks\Launch HTC Sync Loader => D:\HTC\HTC Sync 3.0\htcUPCTLoader.exe

Task: {EF3F1D5B-253A-4FD6-BBC5-60F16E28B617} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-04] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/03/2013 01:17:35 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/02/2013 10:26:41 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 27%

Total physical RAM: 3647.18 MB

Available physical RAM: 2645.89 MB

Total Pagefile: 7292.65 MB

Available Pagefile: 6025.1 MB

Total Virtual: 2799.88 MB

Available Virtual: 2657.12 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:95.7 GB) (Free:25.48 GB) NTFS

Drive d: (Progs) (Fixed) (Total:104.49 GB) (Free:31.08 GB) NTFS

Drive e: (Saves&Krempel) (Fixed) (Total:97.8 GB) (Free:16.35 GB) NTFS

Drive f: (Meine Dateien) (CDROM) (Total:0.44 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 0C400C3F)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=96 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Was ist bitte passiert als der Rechner sich aufgehängt hat? ich konnte dann nur noch den Schalter drücken weil sonst nichts mehr reagiert hat .. Bildschirm war schwarz also kein selbständiger Neustart wie sonst..

Code:

Error: (10/02/2013 10:26:10 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎02.‎10.‎2013 um 22:23:35 unerwartet heruntergefahren.
 

Error: (10/02/2013 10:19:15 PM) (Source: nvlddmkm) (User: )

Description: \Device\Video5!0702(24f8)

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {14BEAF31-2F07-455A-9506-7DD6375313FC} URL = http://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {256F019E-D724-4F34-AA92-D4685CED4F6C} URL = http://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {8A80A95D-C5D4-4E68-9A20-B024EFA83139} URL = http://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {C245B50F-78AB-47FC-BD47-1994ECF31884} URL = http://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {D56DB2F8-2990-41FA-ACAD-560A8278758A} URL = http://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {FD904BDB-A855-4050-A54B-804644E9DD6D} URL = http://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013

Ran by Kaleun Tobsen at 2013-10-03 14:17:21 Run:2

Running from C:\Users\Steuermann\Desktop

Boot Mode: Normal
 

==============================================
 

Content of fixlist:

*****************

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {14BEAF31-2F07-455A-9506-7DD6375313FC} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {256F019E-D724-4F34-AA92-D4685CED4F6C} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {8A80A95D-C5D4-4E68-9A20-B024EFA83139} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {C245B50F-78AB-47FC-BD47-1994ECF31884} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {D56DB2F8-2990-41FA-ACAD-560A8278758A} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

SearchScopes: HKCU - {FD904BDB-A855-4050-A54B-804644E9DD6D} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=364cad10-7b45-4778-9854-f1c4ac14d5f7&pid=freewarede&mode=bounce&k=0

         

*****************
 

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14BEAF31-2F07-455A-9506-7DD6375313FC} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{14BEAF31-2F07-455A-9506-7DD6375313FC} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{256F019E-D724-4F34-AA92-D4685CED4F6C} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{256F019E-D724-4F34-AA92-D4685CED4F6C} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A80A95D-C5D4-4E68-9A20-B024EFA83139} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{8A80A95D-C5D4-4E68-9A20-B024EFA83139} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C245B50F-78AB-47FC-BD47-1994ECF31884} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{C245B50F-78AB-47FC-BD47-1994ECF31884} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D56DB2F8-2990-41FA-ACAD-560A8278758A} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{D56DB2F8-2990-41FA-ACAD-560A8278758A} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FD904BDB-A855-4050-A54B-804644E9DD6D} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{FD904BDB-A855-4050-A54B-804644E9DD6D} => Key not found.
 

==== End of Fixlog ====

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Code:

Malwarebytes Anti-Malware (Test) 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.10.03.04
 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 10.0.9200.16686

Kaleun Tobsen :: KALEUNTOBSEN-PC [Administrator]
 

Schutz: Aktiviert
 

03.10.2013 14:43:18

mbam-log-2013-10-03 (14-43-18).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 309340

Laufzeit: 6 Minute(n), 3 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Code:

ESETSmartInstaller@High as downloader log:

all ok

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=18ce3a4a6386dc4ab7eac6e39ff8a5a7

# engine=15344

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-10-03 04:31:29

# local_time=2013-10-03 06:31:29 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=1799 16775165 100 97 18821 16796116 11603 0

# compatibility_mode=5893 16776573 100 94 129898 132449080 0 0

# scanned=348651

# found=0

# cleaned=0

# scan_time=12541

Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

hmm, also das cursorgekasper ist vorbei .. aber ich hatte schon wieder n bluescreen bei dem nichtmal der netzteilschalter noch funktionierte -.-

bis diese probleme anfingen lief das system absolut stabil und abstürze kamen nie vor.
was kann das sein?

Hier nochmal n scan .. was sind die errors im additional??

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013

Ran by Kaleun Tobsen (administrator) on KALEUNTOBSEN-PC on 07-10-2013 20:49:57

Running from C:\Users\Steuermann\Desktop\Pflege\Analyse

Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

(TomTom) D:\TomTom HOME 2\TomTomHOMEService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [360448 2009-07-14] (Microsoft Corporation)

HKCU\...\Run: [] - [x]

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

MountPoints2: {5c6a935b-8322-11e0-9b51-806e6f6e6963} - F:\Msetup4.exe

HKU\Kjeld\...\Policies\system: [LogonHoursAction] 2

HKU\Kjeld\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla\Firefox\Profiles\let28wvc.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)

R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4176896 2011-12-05] (Native Instruments GmbH)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)

R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 TomTomHOMEService; D:\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-07-02] (TomTom)

S3 xsherlock; C:\Windows\system32\xsherlock.xem [666720 2012-11-09] (Wellbia.com Co., Ltd.)
 

==================== Drivers (Whitelisted) ====================
 

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-06-13] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)

S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [340480 2007-11-06] (BEHRINGER)

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-13] (DT Soft Ltd)

R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-06-13] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()

S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)

R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-23] (Avira GmbH)

R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1077760 2009-08-17] (VIA Technologies, Inc.)

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]

S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x]

S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]

S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x]

S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [x]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]

S3 tsusbhub; system32\drivers\tsusbhub.sys [x]

S3 VGPU; System32\drivers\rdvgkmd.sys [x]

S3 vtany; \??\C:\Windows\vtany.sys [x]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-10-07 20:44 - 2013-10-07 20:44 - 296550204 _____ C:\Windows\MEMORY.DMP

2013-10-07 20:44 - 2013-10-07 20:44 - 00160440 _____ C:\Windows\Minidump\100713-17250-01.dmp

2013-10-07 08:57 - 2013-10-07 17:22 - 99717279 _____ C:\Windows\system32\玡圬b

2013-10-05 15:31 - 2013-10-05 15:31 - 00131072 ____N C:\Windows\Minidump\100513-17203-01.dmp

2013-10-05 10:08 - 2013-10-05 10:08 - 99319274 _____ C:\Windows\system32\㵚Z

2013-10-03 21:40 - 2013-10-03 21:40 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Malwarebytes

2013-10-03 14:33 - 2013-10-03 14:33 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Malwarebytes

2013-10-03 14:32 - 2013-10-03 14:32 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-10-03 14:32 - 2013-10-03 14:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-10-03 14:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-10-03 13:28 - 2013-10-03 13:28 - 00042034 _____ C:\Users\Steuermann\Desktop\FRST.txt

2013-10-02 22:10 - 2013-10-03 13:28 - 00011905 _____ C:\Users\Steuermann\Desktop\Addition.txt

2013-10-02 21:40 - 2013-10-02 21:40 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla

2013-10-02 21:36 - 2013-10-02 21:36 - 00000883 _____ C:\Users\Kaleun Tobsen\Desktop\JRT.txt

2013-10-02 21:33 - 2013-10-02 21:33 - 00000000 ____D C:\Windows\ERUNT

2013-10-02 21:21 - 2013-10-02 21:23 - 00000000 ____D C:\AdwCleaner

2013-10-02 21:20 - 2013-10-02 21:20 - 01045226 _____ C:\Users\Steuermann\Desktop\adwcleaner.exe

2013-10-02 05:47 - 2013-10-02 06:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-02 05:47 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 19:48 - 2013-10-01 19:48 - 00131072 ____N C:\Windows\Minidump\100113-17453-01.dmp

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 23:58 - 2013-09-30 23:58 - 00131072 ____N C:\Windows\Minidump\093013-15609-01.dmp

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Startmenü

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Netzwerkumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Druckumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Musik

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Bilder

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\Verlauf

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2013-09-12 08:28 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-29 23:56 - 2013-09-12 08:28 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-29 23:56 - 2013-09-12 08:28 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-29 23:56 - 2013-09-11 22:27 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ___RD C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ___RD C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Mozilla

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Macromedia

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Avira

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Adobe

2013-09-29 23:56 - 2011-05-21 12:31 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\Mozilla

2013-09-29 23:56 - 2011-05-21 12:06 - 00000490 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\System (C) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 11:38 - 00000599 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\CCleaner.lnk

2013-09-29 23:56 - 2011-05-21 00:51 - 00000471 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\Progs (D) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:42 - 00000495 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\Saves&Krempel (E) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:15 - 00000532 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\PHILIPS External Hard Disk (G) - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:15 - 00000426 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\CD-Laufwerk - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-21 00:08 - 00000355 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\Desktop\Computer - Verknüpfung.lnk

2013-09-29 23:56 - 2011-05-20 23:58 - 00057560 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-09-29 23:56 - 2011-05-20 22:57 - 00001409 _____ C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-09-29 23:56 - 2011-05-20 22:56 - 00000020 ___SH C:\Users\UpdatusUser.KaleunTobsen-PC\ntuser.ini

2013-09-29 23:56 - 2011-05-20 22:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\VirtualStore

2013-09-29 23:55 - 2013-09-29 23:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:51 - 2013-09-12 10:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-29 23:51 - 2013-09-12 10:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-29 23:51 - 2013-09-12 10:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-29 23:51 - 2013-08-20 15:33 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys

2013-09-29 23:51 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll

2013-09-29 23:51 - 2013-06-16 14:38 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys

2013-09-29 23:51 - 2013-06-16 14:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll

2013-09-29 23:51 - 2013-01-29 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll

2013-09-29 23:32 - 2013-09-12 10:51 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 10:46 - 2013-09-28 10:46 - 00131072 ____N C:\Windows\Minidump\092813-16328-01.dmp

2013-09-28 10:16 - 2013-10-03 20:02 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 19:13 - 2013-09-27 19:13 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Secunia PSI

2013-09-27 17:08 - 2013-09-27 17:08 - 00160128 _____ C:\Windows\Minidump\092713-16234-01.dmp

2013-09-27 13:49 - 2013-09-27 13:49 - 00131072 ____N C:\Windows\Minidump\092713-14921-01.dmp

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-27 08:00 - 2013-09-27 08:00 - 00160296 _____ C:\Windows\Minidump\092713-20203-01.dmp

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-25 17:14 - 2013-10-07 20:44 - 00000000 ____D C:\Windows\Minidump

2013-09-25 17:13 - 2013-09-25 17:13 - 00131072 ____N C:\Windows\Minidump\092513-17171-01.dmp

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 17:03 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-11 17:03 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-09-11 17:03 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-11 17:03 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-09-11 17:03 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-11 17:03 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-11 16:55 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-09-11 16:55 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2013-09-11 16:55 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-09-11 16:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-09-11 16:54 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-09-11 16:54 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2013-09-11 16:54 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-11 16:54 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity

2013-09-08 10:34 - 2013-09-08 10:34 - 00000000 ____D C:\Users\Kjeld\AppData\Local\Unity
 

==================== One Month Modified Files and Folders =======
 

2013-10-07 20:47 - 2011-05-20 22:50 - 01554234 _____ C:\Windows\WindowsUpdate.log

2013-10-07 20:45 - 2012-08-04 15:20 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-07 20:44 - 2013-10-07 20:44 - 296550204 _____ C:\Windows\MEMORY.DMP

2013-10-07 20:44 - 2013-10-07 20:44 - 00160440 _____ C:\Windows\Minidump\100713-17250-01.dmp

2013-10-07 20:44 - 2013-09-25 17:14 - 00000000 ____D C:\Windows\Minidump

2013-10-07 20:44 - 2012-09-15 17:31 - 00000000 ____D C:\ProgramData\NVIDIA

2013-10-07 20:44 - 2011-06-13 09:50 - 02473587 _____ C:\Windows\setupact.log

2013-10-07 20:44 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-10-07 20:44 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-07 19:58 - 2012-12-16 13:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-07 19:58 - 2012-08-04 15:20 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-07 17:22 - 2013-10-07 08:57 - 99717279 _____ C:\Windows\system32\玡圬b

2013-10-07 09:03 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-07 09:03 - 2009-07-14 06:34 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-05 15:31 - 2013-10-05 15:31 - 00131072 ____N C:\Windows\Minidump\100513-17203-01.dmp

2013-10-05 10:08 - 2013-10-05 10:08 - 99319274 _____ C:\Windows\system32\㵚Z

2013-10-03 21:40 - 2013-10-03 21:40 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Malwarebytes

2013-10-03 20:11 - 2011-06-21 09:27 - 00151764 _____ C:\Windows\PFRO.log

2013-10-03 20:02 - 2013-09-28 10:16 - 00000000 ____D C:\Users\Steuermann\Desktop\Pflege

2013-10-03 14:54 - 2011-05-20 22:56 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI

2013-10-03 14:33 - 2013-10-03 14:33 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Malwarebytes

2013-10-03 14:32 - 2013-10-03 14:32 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-10-03 14:32 - 2013-10-03 14:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-10-03 13:28 - 2013-10-03 13:28 - 00042034 _____ C:\Users\Steuermann\Desktop\FRST.txt

2013-10-03 13:28 - 2013-10-02 22:10 - 00011905 _____ C:\Users\Steuermann\Desktop\Addition.txt

2013-10-02 21:40 - 2013-10-02 21:40 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Roaming\Mozilla

2013-10-02 21:36 - 2013-10-02 21:36 - 00000883 _____ C:\Users\Kaleun Tobsen\Desktop\JRT.txt

2013-10-02 21:33 - 2013-10-02 21:33 - 00000000 ____D C:\Windows\ERUNT

2013-10-02 21:23 - 2013-10-02 21:21 - 00000000 ____D C:\AdwCleaner

2013-10-02 21:20 - 2013-10-02 21:20 - 01045226 _____ C:\Users\Steuermann\Desktop\adwcleaner.exe

2013-10-02 17:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET

2013-10-02 06:29 - 2011-06-25 05:13 - 00000000 ____D C:\Program Files\Common Files\Steam

2013-10-02 06:11 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-02 05:47 - 2013-10-02 05:47 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-01 20:12 - 2013-10-01 20:12 - 00000000 ____D C:\FRST

2013-10-01 19:48 - 2013-10-01 19:48 - 00131072 ____N C:\Windows\Minidump\100113-17453-01.dmp

2013-10-01 19:46 - 2013-10-01 19:46 - 98609570 _____ C:\Windows\system32\鱦Ԭi

2013-10-01 00:34 - 2013-10-01 00:34 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-10-01 00:34 - 2013-10-01 00:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-09-30 23:58 - 2013-09-30 23:58 - 00131072 ____N C:\Windows\Minidump\093013-15609-01.dmp

2013-09-30 00:03 - 2013-09-30 00:03 - 00000000 ____D C:\Users\Steuermann\AppData\Local\NVIDIA

2013-09-29 23:58 - 2013-09-29 23:58 - 00001311 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-09-29 23:58 - 2013-09-29 23:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-09-29 23:58 - 2011-05-20 23:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-09-29 23:57 - 2013-09-29 23:57 - 00000000 ____D C:\Program Files\AGEIA Technologies

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Startmenü

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Netzwerkumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Druckumgebung

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Musik

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\Documents\Eigene Bilder

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 _SHDL C:\Users\UpdatusUser.KaleunTobsen-PC\AppData\Local\Verlauf

2013-09-29 23:56 - 2013-09-29 23:56 - 00000000 ____D C:\Users\UpdatusUser.KaleunTobsen-PC

2013-09-29 23:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help

2013-09-29 23:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports

2013-09-29 23:06 - 2013-09-29 23:06 - 00000000 ____D C:\Program Files\Secunia

2013-09-29 22:46 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Mozilla

2013-09-29 22:43 - 2011-05-21 01:00 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Mozilla

2013-09-29 22:38 - 2011-05-20 22:56 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\VirtualStore

2013-09-29 20:43 - 2012-07-11 21:56 - 00000958 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-09-29 20:35 - 2013-09-29 20:35 - 00000000 ____D C:\Windows\system32\Adobe

2013-09-29 19:46 - 2011-05-23 04:03 - 00000000 ____D C:\Program Files\Common Files\Nero

2013-09-29 19:45 - 2011-05-23 04:07 - 00000000 ____D C:\Program Files\Nero

2013-09-29 19:45 - 2011-05-23 04:04 - 00000000 ____D C:\ProgramData\Nero

2013-09-28 17:03 - 2013-09-28 17:03 - 98430869 _____ C:\Windows\system32\윁l

2013-09-28 11:46 - 2011-05-21 15:37 - 00000000 ____D C:\Users\Kjeld

2013-09-28 11:00 - 2013-09-28 11:00 - 00000000 ____D C:\ProgramData\Oracle

2013-09-28 10:59 - 2013-09-28 10:59 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2013-09-28 10:59 - 2013-09-28 10:59 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\ProgramData\Sun

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Java

2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Program Files\Common Files\Java

2013-09-28 10:46 - 2013-09-28 10:46 - 00131072 ____N C:\Windows\Minidump\092813-16328-01.dmp

2013-09-28 09:32 - 2013-09-28 09:32 - 98372650 _____ C:\Windows\system32\悿딹f

2013-09-27 19:13 - 2013-09-27 19:13 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Secunia PSI

2013-09-27 17:59 - 2011-05-29 18:55 - 00000680 __RSH C:\Users\Kaleun Tobsen\ntuser.pol

2013-09-27 17:25 - 2013-08-25 14:27 - 00000000 ____D C:\ProgramData\Samsung

2013-09-27 17:25 - 2011-05-20 23:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2013-09-27 17:16 - 2013-08-30 19:58 - 00000000 ____D C:\Program Files\Free FLV Converter

2013-09-27 17:15 - 2013-08-07 00:51 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Amazon

2013-09-27 17:15 - 2013-08-07 00:50 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-09-27 17:08 - 2013-09-27 17:08 - 00160128 _____ C:\Windows\Minidump\092713-16234-01.dmp

2013-09-27 13:49 - 2013-09-27 13:49 - 00131072 ____N C:\Windows\Minidump\092713-14921-01.dmp

2013-09-27 08:03 - 2013-09-27 08:03 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-09-27 08:00 - 2013-09-27 08:00 - 00160296 _____ C:\Windows\Minidump\092713-20203-01.dmp

2013-09-26 23:13 - 2013-07-28 20:09 - 00000000 ____D C:\Users\Kaleun Tobsen\AppData\Local\Downloaded Installations

2013-09-26 23:12 - 2013-09-26 23:12 - 00000000 ____D C:\Program Files\MarkAny

2013-09-26 22:47 - 2013-01-20 21:09 - 00000000 ____D C:\Program Files\TomTom HOME 2

2013-09-26 22:45 - 2013-01-20 21:07 - 00000000 ____D C:\Users\Steuermann\AppData\Local\Downloaded Installations

2013-09-25 17:13 - 2013-09-25 17:13 - 00131072 ____N C:\Windows\Minidump\092513-17171-01.dmp

2013-09-25 17:01 - 2013-09-25 17:01 - 97729025 _____ C:\Windows\system32\쮆`

2013-09-25 11:01 - 2013-09-25 11:01 - 97673008 _____ C:\Windows\system32\쀼n

2013-09-17 07:36 - 2012-09-01 16:23 - 00000000 ____D C:\ProgramData\CanonIJPLM

2013-09-16 10:43 - 2011-05-21 21:23 - 00000000 ____D C:\Users\Steuermann\AppData\Roaming\vlc

2013-09-12 10:51 - 2013-09-29 23:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 12947360 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-09-12 10:51 - 2013-09-29 23:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll

2013-09-12 10:51 - 2013-09-29 23:51 - 00017699 _____ C:\Windows\system32\nvinfo.pb

2013-09-12 10:51 - 2013-09-29 23:32 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-09-12 08:28 - 2013-09-29 23:56 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-09-12 08:28 - 2013-09-29 23:56 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe

2013-09-11 22:27 - 2013-09-29 23:56 - 03361114 _____ C:\Windows\system32\nvcoproc.bin

2013-09-11 17:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache

2013-09-11 17:08 - 2009-07-14 06:33 - 00283096 _____ C:\Windows\system32\FNTCACHE.DAT

2013-09-11 17:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE

2013-09-11 17:02 - 2013-07-17 10:28 - 00000000 ____D C:\Windows\system32\MRT

2013-09-11 16:56 - 2011-05-21 13:23 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-09-11 13:58 - 2012-12-16 13:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2013-09-11 13:58 - 2012-12-16 13:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2013-09-08 17:50 - 2011-05-29 19:33 - 00000680 __RSH C:\Users\Steuermann\ntuser.pol

2013-09-08 17:50 - 2011-05-21 12:35 - 00000000 ____D C:\Users\Steuermann

2013-09-08 10:54 - 2013-09-08 10:54 - 00000000 ____D C:\Users\Kjeld\AppData\Roaming\Unity

2013-09-08 10:34 - 2013-09-08 10:34 - 00000000 ____D C:\Users\Kjeld\AppData\Local\Unity

2013-09-08 10:34 - 2011-05-29 19:27 - 00043800 __RSH C:\Users\Kjeld\ntuser.pol
 

Some content of TEMP:

====================

C:\Users\Kaleun Tobsen\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Kaleun Tobsen\AppData\Local\Temp\nvStInst.exe

C:\Users\Kaleun Tobsen\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-10-02 20:58
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013

Ran by Kaleun Tobsen at 2013-10-07 20:51:06

Running from C:\Users\Steuermann\Desktop\Pflege\Analyse

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

7-Zip 4.65

Adobe Flash Player 11 Plugin (Version: 11.8.800.168)

Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)

Adobe Shockwave Player 12.0 (Version: 12.0.4.144)

Air Conflicts - Secret Wars

Anno 1404 (Version: 1.00.0000)

ANNO 1404 (Version: 1.03.0000)

Avira Free Antivirus (Version: 13.0.0.4052)

BEHRINGER USB AUDIO DRIVER

C9

Call of Duty: Modern Warfare 3 - Multiplayer

Canon Easy-PhotoPrint EX

Canon MP Navigator EX 4.0

Canon MP280 series Benutzerregistrierung

Canon MP280 series MP Drivers

Canon My Printer

Canon Solution Menu EX

Chivalry: Medieval Warfare

Chivalry: Medieval Warfare Dedicated Server

Crysis 2 Maximum Edition

DAEMON Tools Lite (Version: 4.45.1.0236)

doPDF 7.3 printer

DVD Shrink 3.2

Fraps

From Dust

GeForce Experience NvStream Client Components (Version: 0.1.87)

Google Earth Plug-in (Version: 7.1.1.1888)

High-Definition Video Playback 10 (Version: 7.0.11400.29.0)

HijackThis 1.99.1 (Version: 1.99.1)

HTC BMP USB Driver (Version: 1.0.5375)

HTC Driver Installer (Version: 4.1.0.001)

IPTInstaller (Version: 4.0.8)

Java 7 Update 40 (Version: 7.0.400)

Java Auto Updater (Version: 2.1.9.8)

Left 4 Dead 2

LEGO Insel 2

Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft Office Excel Viewer (Version: 12.0.6425.1000)

Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Word 2000 SR-1 (Version: 9.00.3821)

Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)

Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)

Mozilla Firefox 24.0 (x86 de) (Version: 24.0)

MSVC80_x86_v2 (Version: 1.0.3.0)

MSVC90_x86 (Version: 1.0.1.2)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)

MyFreeCodec

Native Instruments AC Box Combo

Native Instruments Controller Editor

Native Instruments Controller Editor (Version: 1.4.3.891)

Native Instruments Guitar Rig 5

Native Instruments Guitar Rig 5 (Version: 5.1.0.2641)

Native Instruments Guitar Rig Mobile I/O

Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)

Native Instruments Guitar Rig Session I/O

Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)

Native Instruments Plexi Combo

Native Instruments Rig Kontrol 3

Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)

Native Instruments Service Center

Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)

Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)

Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)

Nero Burning ROM 10 (Version: 10.0.11100.10.100)

Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)

Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)

Nero Control Center 10 (Version: 10.0.12000.1.4)

Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)

Nero Core Components 10 (Version: 2.0.13700.0.1)

Nero CoverDesigner 10 (Version: 5.0.10900.11.100)

Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)

Nero DiscCopyGadget 10 Help (CHM) (Version: 1.0.10600)

Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)

Nero Dolby Files 10 (Version: 2.0.11000.0.10)

Nero Express 10 (Version: 10.0.11000.10.100)

Nero Express 10 Help (CHM) (Version: 1.0.10700)

Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)

Nero MediaHub 10 (Version: 1.0.13400.11.100)

Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)

Nero Multimedia Suite 10 (Version: 10.0.13100)

Nero Recode 10 (Version: 4.6.10900.4.100)

Nero Recode 10 Help (CHM) (Version: 1.0.10600)

Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)

Nero SoundTrax 10 (Version: 4.6.10600.2.100)

Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)

Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)

Nero Update (Version: 1.0.0017)

Nero Vision 10 (Version: 7.0.11100.8.100)

Nero Vision 10 Help (CHM) (Version: 1.0.10600)

Nero WaveEditor 10 (Version: 5.6.10600.2.100)

Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)

Nokia Connectivity Cable Driver (Version: 7.1.172.0)

Nokia Suite (Version: 3.8.30.0)

NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)

NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)

NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)

NVIDIA Grafiktreiber 327.23 (Version: 327.23)

NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.133.902)

NVIDIA PhysX (Version: 9.13.0725)

NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2723)

NVIDIA Systemsteuerung 327.23 (Version: 327.23)

NVIDIA Update 8.3.14 (Version: 8.3.14)

NVIDIA Update Components (Version: 8.3.14)

NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)

Pando Media Booster (Version: 2.6.0.1)

PC Connectivity Solution (Version: 12.0.109.0)

Platform (Version: 1.34)

Plex Media Server (Version: 0.9.709)

ProtectDisc Driver, Version 11 (Version: 11.0.0.14)

Ravensburger tiptoi

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)

SereneScreen Marine Aquarium 3 (Version: 3.0)

SHIELD Streaming (Version: 1.05.28)

Silent Hunter 5 (Version: 1.2.0)

SpeedFan (remove only)

Star Trek Online

Steam (Version: 1.0.0.0)

swMSM (Version: 12.0.0.1)

The Witcher Enhanced Edition (Version: 1.4.5.1280)

TomTom HOME (Version: 2.9.6)

TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)

Ubisoft Game Launcher (Version: 1.0.0.0)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)

VIA Plattform-Geräte-Manager (Version: 1.34)

VLC media player 2.0.8 (Version: 2.0.8)

Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
 

==================== Restore Points  =========================
 

29-09-2013 21:52:19 Windows Update

29-09-2013 22:06:20 Windows Update

02-10-2013 04:24:50 Windows Update
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {370AA733-D1BB-4C8C-AB30-3B3F94074278} - System32\Tasks\{D67E6597-BC7C-4668-9462-16503426D3FF} => C:\Program Files\Skype\\Phone\Skype.exe

Task: {51DADA01-E481-4D72-9E08-8968AEF72C80} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)

Task: {B3980805-BD27-4E8B-BD90-1B4907264FBD} - System32\Tasks\{CFCEE7A4-0485-4F11-90ED-86D5DFDD98AE} => D:\AnvSoft\Any DVD Converter Professional\DVDConvPro.exe

Task: {BC932AA5-465F-4070-BFF5-3A9BFB19D892} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-04] (Google Inc.)

Task: {D64EBAB2-A63D-4567-8421-899C488D32F1} - System32\Tasks\Launch HTC Sync Loader => D:\HTC\HTC Sync 3.0\htcUPCTLoader.exe

Task: {EF3F1D5B-253A-4FD6-BBC5-60F16E28B617} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-04] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x800700b7
 

Error: (10/07/2013 08:46:07 PM) (Source: WMPNetworkSvc) (User: )

Description: 00x800700b7hxxp://+:10243/WMPNSSv4/702009801/
 

Error: (10/07/2013 08:44:21 PM) (Source: BugCheck) (User: )

Description: 0x00000124 (0x00000000, 0xb12bf01c, 0xb2000040, 0x00000800)C:\Windows\MEMORY.DMP100713-17250-01
 

Error: (10/07/2013 08:44:14 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎07.‎10.‎2013 um 20:37:38 unerwartet heruntergefahren.
 
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 29%

Total physical RAM: 3647.18 MB

Available physical RAM: 2560.89 MB

Total Pagefile: 7292.65 MB

Available Pagefile: 5878.02 MB

Total Virtual: 2799.88 MB

Available Virtual: 2665.12 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:95.7 GB) (Free:23.6 GB) NTFS

Drive d: (Progs) (Fixed) (Total:104.49 GB) (Free:31.08 GB) NTFS

Drive e: (Saves&Krempel) (Fixed) (Total:97.8 GB) (Free:16.35 GB) NTFS

Drive f: (Meine Dateien) (CDROM) (Total:0.44 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 0C400C3F)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=96 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================