Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Spontanes Öffnen von Firefox während eines Spieles

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.07.2013, 15:55   #1
annoukh
 
Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Während ich auf einem eingeschränkten Benutzerkonto ein Spiel im Vollbildmodus spielte, wechselte auf einmal die Bildschirmanzeige zum Windows-Explorer, genauer zu einem neu geöffneten Firefox-Fenster. Während ich das sah öffneten sich im Hintergrund weitere neue Firefox-Fenster, die alle die Startseite von Firefox zeigten.

Da mir das verdächtig erschien öffnete ich den Taskmanager und sah ganz oben in der Prozessliste den Eintrag atieclxx.exe, der mir bisher nie aufgefallen war. Er lief mit einem Arbeitsspeicher von etwa 2000 K und einer geringen CPU-Auslastung.

Nach dem Schließen der Firefox-Fenster verschwand dieser Prozess wieder.

Dannach trat dieses Problem noch etwa 3 bis 4 Mal auf während ich spielte, beim zweiten Mal konnte ich wieder diesen Prozess im Taskmanager sehen.

Daraufhin unternahm ich folgendes:
-Ich googelte den Prozess und fand auf der Seite
atieclxx.exe Windows Prozess - Was ist das?
heraus, dass er ein Treiber meiner Hardware sein soll. Ja, ich besitze Hardware von ATI.
-Ich erstellte einen logfile mit Hijack This, der laut der online Logfileauswertung bis auf ein nich aktuelles Internet Explorer unaffällig war.
-Ich scante meinen PC mit AVG, später mit Avast Antivirus, beide fanden nichts.

Hier die erstellten Logs:

OTL.txt:

Code:
ATTFilter
OTL logfile created on: 12.07.2013 15:59:21 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\user\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,43 Gb Available Physical Memory | 80,51% Memory free
15,96 Gb Paging File | 14,41 Gb Available in Paging File | 90,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 803,94 Gb Free Space | 86,31% Space Free | Partition Type: NTFS
Drive D: | 6,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.12 15:52:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2013.07.12 15:51:20 | 000,050,477 | ---- | M] () -- C:\Users\user\Downloads\Defogger.exe
PRC - [2013.06.19 22:35:59 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.05.15 03:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.09.20 09:17:44 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
PRC - [2011.04.11 10:38:28 | 001,232,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.04.16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
PRC - [2009.12.01 11:43:12 | 002,519,040 | ---- | M] (Intel) -- C:\Program Files (x86)\Intel\AMT\UNS.exe
PRC - [2009.12.01 11:42:22 | 000,102,400 | ---- | M] (Intel) -- C:\Program Files (x86)\Intel\AMT\LMS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.12 15:51:20 | 000,050,477 | ---- | M] () -- C:\Users\user\Downloads\Defogger.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 12:55:58 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlms\wlms.exe -- (WLMS)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.06.26 17:44:07 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.19 22:35:59 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.04.19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 03:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.04.16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nCU)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.21 01:53:42 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2010.01.21 01:53:42 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.12.01 11:43:12 | 002,519,040 | ---- | M] (Intel) [Auto | Running] -- C:\Program Files (x86)\Intel\AMT\UNS.exe -- (UNS)
SRV - [2009.12.01 11:42:22 | 000,102,400 | ---- | M] (Intel) [Auto | Running] -- C:\Program Files (x86)\Intel\AMT\LMS.exe -- (LMS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.07.11 16:00:55 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.07.11 16:00:55 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.07.11 16:00:55 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.01.26 06:03:33 | 000,677,480 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.08.27 19:51:00 | 000,230,280 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3xhc.sys -- (rusb3xhc)
DRV:64bit: - [2012.08.27 19:50:58 | 000,114,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3hub.sys -- (rusb3hub)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.05.18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011.05.09 17:54:02 | 001,038,440 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RTL8192cu)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.03 17:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.02.10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.01.27 04:23:38 | 000,385,512 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.01.27 04:23:36 | 000,125,416 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.10.19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.07.13 17:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2010.06.21 11:56:20 | 000,027,240 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtlss.sys -- (rtlss)
DRV:64bit: - [2010.05.15 13:11:48 | 001,327,520 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010.03.04 12:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:48 | 000,378,368 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.6
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.ftp: "194.102.180.222"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.http: "194.102.180.222"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "194.102.180.222"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "194.102.180.222"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.07.11 16:00:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.05.30 14:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2013.07.11 15:53:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\1dcz4hba.default\extensions
[2013.06.30 20:47:07 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\1dcz4hba.default\extensions\firefox@ghostery.com
[2013.07.11 15:53:09 | 000,354,970 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\1dcz4hba.default\extensions\client@anonymox.net.xpi
[2013.06.04 15:23:07 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\1dcz4hba.default\extensions\stealthyextension@gmail.com.xpi
[2013.05.30 15:16:44 | 000,013,345 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\1dcz4hba.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2013.07.04 17:48:14 | 000,534,371 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\1dcz4hba.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.06.26 17:44:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.06.26 17:44:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17D4CD9E-AF68-419C-9353-B112ECE779EC}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.30 18:40:28 | 000,000,000 | R--D | M] - D:\Autorun -- [ UDF ]
O32 - AutoRun File - [2008.12.04 08:20:59 | 007,809,024 | R--- | M] () - D:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2008.11.20 16:01:11 | 001,090,920 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008.12.04 08:21:00 | 000,000,143 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{26b2bb00-cd1e-11e2-be50-08606e71a3de}\Shell - "" = AutoRun
O33 - MountPoints2\{26b2bb00-cd1e-11e2-be50-08606e71a3de}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.12 15:52:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013.07.11 16:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.07.11 16:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.07.11 16:00:49 | 000,378,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.07.11 16:00:49 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.07.11 16:00:46 | 000,072,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.07.11 16:00:45 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.07.11 16:00:44 | 001,030,952 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.07.11 16:00:34 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.07.11 16:00:34 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.07.11 16:00:01 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.07.11 15:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.07.11 15:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.07.11 15:47:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.07 17:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.07.07 17:12:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.07.07 16:49:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Diagnostics
[2013.07.06 18:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2013.07.04 18:23:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foldit
[2013.07.04 18:23:49 | 000,000,000 | ---D | C] -- C:\Foldit
[2013.06.30 20:31:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.06.30 20:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2013.06.30 20:23:44 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\EA Games
[2013.06.30 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\EA Games
[2013.06.30 20:21:06 | 000,000,000 | RH-D | C] -- C:\Users\user\AppData\Roaming\SecuROM
[2013.06.30 19:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.06.26 20:55:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics
[2013.06.26 20:55:07 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.06.26 19:56:16 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013.06.26 19:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013.06.26 19:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013.06.26 19:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.06.26 19:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013.06.26 19:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.06.26 19:24:31 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.06.26 19:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013.06.26 19:22:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.06.26 19:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013.06.26 19:21:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Help
[2013.06.26 19:21:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.06.26 19:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.06.26 19:21:09 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.06.26 19:16:32 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\HP
[2013.06.26 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.06.19 22:35:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\PunkBuster
[2013.06.12 19:28:52 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Assassin's Creed Revelations
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.12 15:52:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013.07.12 15:51:53 | 000,000,000 | ---- | M] () -- C:\Users\user\defogger_reenable
[2013.07.12 14:49:56 | 000,022,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.12 14:49:56 | 000,022,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.12 14:43:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.12 14:43:38 | 2133,417,983 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.11 16:00:55 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.07.11 16:00:55 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.07.11 16:00:55 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.07.11 16:00:55 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.07.11 16:00:55 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.07.11 16:00:55 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.07.11 16:00:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.07.10 17:33:56 | 000,435,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.10 08:33:59 | 001,518,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.10 08:33:59 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.10 08:33:59 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.10 08:33:59 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.10 08:33:59 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.07 18:51:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2013.07.07 16:48:47 | 000,001,157 | ---- | M] () -- C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
[2013.07.04 23:27:17 | 000,001,739 | ---- | M] () -- C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
[2013.07.04 21:37:11 | 000,280,976 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.07.04 21:37:11 | 000,280,976 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.07.04 18:23:56 | 000,001,416 | ---- | M] () -- C:\Users\Public\Desktop\Foldit.lnk
[2013.07.04 17:50:36 | 000,280,976 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.06.30 20:25:20 | 000,001,843 | ---- | M] () -- C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
[2013.06.30 20:06:43 | 001,547,900 | ---- | M] () -- C:\Users\user\Desktop\wallpaper-1666212.png
[2013.06.30 20:03:30 | 000,487,554 | ---- | M] () -- C:\Users\user\Desktop\wallpaper643060.jpg
[2013.06.19 22:35:59 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.12 15:51:53 | 000,000,000 | ---- | C] () -- C:\Users\user\defogger_reenable
[2013.07.11 16:00:55 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.07.11 16:00:55 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.07.11 16:00:55 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.07.11 16:00:44 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.07.11 16:00:41 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.07.11 16:00:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.07.07 18:51:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2013.07.07 16:48:47 | 000,001,157 | ---- | C] () -- C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
[2013.07.04 23:27:17 | 000,001,739 | ---- | C] () -- C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
[2013.07.04 18:23:56 | 000,001,416 | ---- | C] () -- C:\Users\Public\Desktop\Foldit.lnk
[2013.06.30 20:25:20 | 000,001,843 | ---- | C] () -- C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
[2013.06.30 20:06:41 | 001,547,900 | ---- | C] () -- C:\Users\user\Desktop\wallpaper-1666212.png
[2013.06.30 20:03:26 | 000,487,554 | ---- | C] () -- C:\Users\user\Desktop\wallpaper643060.jpg
[2013.06.19 22:35:25 | 000,280,976 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.06.09 01:11:09 | 000,280,976 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.06.09 01:11:05 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.05.30 14:30:59 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.12.13 09:39:08 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012.05.15 03:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.05.30 14:41:16 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG2013
[2013.06.04 17:15:32 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Canneverbe Limited
[2013.06.04 21:30:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenOffice.org
[2013.06.09 01:11:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PunkBuster
[2013.05.30 14:40:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUp Software
[2013.06.24 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ubisoft
 
========== Purity Check ==========
 
 

< End of report >
         
Extras.txt von OTL:

Code:
ATTFilter
OTL Extras logfile created on: 12.07.2013 15:59:21 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\user\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,43 Gb Available Physical Memory | 80,51% Memory free
15,96 Gb Paging File | 14,41 Gb Available in Paging File | 90,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 803,94 Gb Free Space | 86,31% Space Free | Partition Type: NTFS
Drive D: | 6,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5D343E30-44D3-4CCA-A49F-86B6DD9C08A4}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | 
"{69530CCB-C6C6-4AA1-9F4D-D5FE09BE9EF5}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | 
"{C37B0F70-E27C-48A9-8676-ACFF7F46B5F9}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0006887F-DAD9-4697-9BE3-7808C6D60FB7}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{0A991C8F-0616-4778-95C6-B7F82EEFB453}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{0B155776-38C4-46AC-A044-43EF3F10EA2D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | 
"{231E5BC8-36F7-4FCC-9F49-E8601E32E81C}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{2329FFA4-8047-473C-AC3A-9A47D0B334C2}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{271F94F3-9FCA-4FAB-B5A8-DB7C78F8468D}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{39172126-98B9-40A9-8439-96C24C36814D}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{3D15209C-CA7A-419F-B95D-38488086C739}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{3F0E699A-5388-454F-8A35-A01F6FAC0AFA}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{43D543EC-56E8-4553-9B75-4F93B8F19909}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{467A5D37-3334-47B9-9CA6-677293B039DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{47369869-B813-4F2B-A489-8B2FEBED4282}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{57326250-039B-4391-939A-569951D1105E}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{603654E0-0ED8-46C5-B985-5A9488AAE081}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{68010BDD-9532-480A-A7CC-77A13B0B9440}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | 
"{6BB3767A-1C97-44EC-A1F8-61E521033EDB}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\mirror's edge\binaries\mirrorsedge.exe | 
"{73479A91-F794-4F05-846D-A89F979B169C}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{7942F25C-F2A1-458A-B419-2290492CB170}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{7AEB7E34-DFE0-4D0E-909F-161079F2730E}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\mirror's edge\binaries\mirrorsedge.exe | 
"{7D53C179-0EDC-4689-AB03-08528CAFC30B}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{8001AF34-60D3-4CD5-ABA9-6120E295F2E5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | 
"{90382A40-85D0-4594-A63F-924D386751DE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | 
"{9097BB61-AFF5-4B98-AA45-7EB1F8DCBDDB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{9F1BFCDB-D9EF-4984-A7F8-09912C3179B4}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{A2C900EC-0FE0-4FB5-A45F-9EBC3A35E6E3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{A5A27BC8-A88A-497E-A2EC-BDA9B6A9D363}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{AD72F84C-1E6D-4427-A1A7-780DCA643FC0}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{AEDFCEB0-A4C5-4226-968D-C4E75AD54181}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{B4C8AE9E-8E96-4E95-BF15-E0A86E480CEB}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{B9F07C0B-3B8D-4892-91B1-02C3C6EA1C6E}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{BDC8722B-BFD1-48D0-ACA0-EC144448C660}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{C35340D8-B80F-4405-A56D-3A5532D216D6}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{C3651A80-68A8-4A63-B87F-F52179357468}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{C5495015-9502-435F-9BF1-3935692181A5}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{C6109CCA-88E7-4897-ACD2-AD1FA38AC956}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{C72926E6-A4F3-4138-BC6C-E5C8D041EDB1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{C7529AD7-B7E7-4F49-89C4-DC72CA85B2EF}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{C7D38AB0-7D7D-49D2-BD84-E6E6A9F3BAEE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | 
"{C977DA46-BB1B-476C-B9EF-0C45F0154FAB}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{D7DF9620-009E-4C54-AC4E-7D1326CDAC78}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{DD82EE93-C4F0-483A-B16F-37F6F34B7BC7}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{E1CB5D62-AE36-47A9-85E9-FEB92EFEC843}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{E417D9B7-1B38-4056-8A14-801818C77369}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{EB94D115-E006-4481-8F16-694CCF285886}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{F1319225-A88E-47DC-AF1D-EB8F791B3D7C}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe | 
"{F281F97A-FC2E-4B49-BA51-9AFEAAE67BC2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | 
"{F5A405F0-A067-47F0-BE78-FC787B7FF430}" = protocol=17 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{F7CD616E-88CE-4CE7-B215-F6FF0C9B9C03}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{F8373AB0-103E-47E8-B779-9280CBEECC19}" = protocol=6 | dir=in | app=c:\program files (x86)\games\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{F83FC624-C91D-4BA4-8B5D-82AD6C8CE5EF}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe | 
"{FA671EC2-DC0E-4F70-AEEC-EC012D910F7B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{40B91513-A7B9-94AB-5353-926FB1C07334}" = WMV9/VC-1 Video Playback
"{47B188E2-2447-5C40-15B6-9D49DC90BF5B}" = ATI Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8A61B820-598D-05B2-5F8D-7388E15AE2DB}" = AMD Drag and Drop Transcoding
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{AE7891D8-2340-4CD6-BA0A-6C8C01F7B4B4}" = AVG 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"GIMP-2_is1" = GIMP 2.8.4
"HECI" = Intel(R) Management Engine Interface
"MESOL" = Intel® Active-Management-Technologie
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17528CE4-C333-48FB-A9E4-D841E795CDCE}" = Renesas Electronics USB 3.0 Host Controller Driver
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITE Infrared Transceiver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2010
"{90140000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D12314F45EB}" = REALTEK Wireless LAN Driver and Utility
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia The Forgotten Sands™
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F38556C1-486C-C07B-4655-2F1BCF18C68A}" = Catalyst Control Center InstallProxy
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Foldit" = Foldit
"InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.OMUI.de-de" = Microsoft Office Language Pack 2010 - German/Deutsch
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PunkBusterSvc" = PunkBuster Services
"VLC media player" = VLC media player 2.0.7
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21.06.2013 00:45:46 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 21.06.2013 09:22:43 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 22.06.2013 11:22:33 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 23.06.2013 02:35:04 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 23.06.2013 09:24:00 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 24.06.2013 13:09:55 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 25.06.2013 12:14:49 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 25.06.2013 15:47:55 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 25.06.2013 15:56:51 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
Error - 26.06.2013 10:50:01 | Computer Name = user-PC | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
 
[ System Events ]
Error - 25.06.2013 15:56:51 | Computer Name = user-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 25.06.2013 15:57:01 | Computer Name = user-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 25.06.2013 16:35:50 | Computer Name = user-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 26.06.2013 10:50:00 | Computer Name = user-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\Rtlihvs.dll  Fehlercode: 126  
 
Error - 26.06.2013 10:50:01 | Computer Name = user-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 26.06.2013 10:50:13 | Computer Name = user-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 26.06.2013 13:06:51 | Computer Name = user-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst LanmanServer erreicht.
 
Error - 26.06.2013 13:07:21 | Computer Name = user-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst avgwd erreicht.
 
Error - 26.06.2013 13:07:51 | Computer Name = user-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst WSearch erreicht.
 
Error - 26.06.2013 13:08:21 | Computer Name = user-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
 
< End of report >
         

Den Logfile von GMER kann ich leider nicht posten, da sonst die maximale Zeichenanzahl für einen Beitrag überschritten wird.


Ich gebe zu, es könnte alles Paranoia sein, aber da ich bei meinem PC Online-Banking betreibe bin ich ein bissel nervös.


PS: Habe über das Wochenende keinen Zugriff auf diesen PC, also kann ich leider die nächsten 2 Tage keine Scans darauf durchführen.

Alt 12.07.2013, 16:29   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.07.2013, 18:13   #3
annoukh
 
Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Hier die FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by user (administrator) on 14-07-2013 19:09:20
Running from C:\Users\user\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\user\Desktop\Defogger.exe

==================== Registry (Whitelisted) ==================

MountPoints2: {26b2bb00-cd1e-11e2-be50-08606e71a3de} - "F:\WD SmartWare.exe" autoplay=true
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default
FF NetworkProxy: "ftp", "194.102.180.222"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "194.102.180.222"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "194.102.180.222"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "194.102.180.222"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\firefox@ghostery.com
FF Extension: client - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\client@anonymox.net.xpi
FF Extension: stealthyextension - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-06-19] ()
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel)
S2 WLMS; C:\Windows\system32\wlms\wlms.exe [19456 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-11] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-11] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-11] ()
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1038440 2011-05-09] (Realtek Semiconductor Corporation                           )
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 FXDrv32; \??\D:\FXDrv64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST
2013-07-14 19:07 - 2013-07-14 19:07 - 01777839 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-07-14 19:06 - 2013-07-14 19:06 - 00000470 _____ C:\Users\user\Desktop\defogger_disable.log
2013-07-14 19:02 - 2013-07-14 19:04 - 17737608 _____ (Adobe Systems Incorporated) C:\Users\user\Desktop\install_flash_player.exe
2013-07-12 16:37 - 2013-07-12 16:37 - 00408838 _____ C:\Users\user\Desktop\gmer.log
2013-07-12 16:12 - 2013-07-12 16:12 - 00377856 _____ C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-07-12 16:03 - 2013-07-12 16:03 - 00081810 _____ C:\Users\user\Desktop\OTL.Txt
2013-07-12 16:03 - 2013-07-12 16:03 - 00055540 _____ C:\Users\user\Desktop\Extras.Txt
2013-07-12 15:52 - 2013-07-12 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-07-12 15:51 - 2013-07-12 15:52 - 00000470 _____ C:\Users\user\Downloads\defogger_disable.log
2013-07-12 15:51 - 2013-07-12 15:51 - 00050477 _____ C:\Users\user\Desktop\Defogger.exe
2013-07-12 15:51 - 2013-07-12 15:51 - 00000000 _____ C:\Users\user\defogger_reenable
2013-07-12 15:07 - 2013-07-12 15:07 - 00000000 _____ C:\Users\user\Desktop\Neues Textdokument.txt
2013-07-11 16:10 - 2013-07-11 16:11 - 22937227 _____ C:\Users\user\Downloads\vlc-2.0.7-win32.exe
2013-07-11 16:00 - 2013-07-14 19:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-11 16:00 - 2013-07-11 16:00 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-11 16:00 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-11 16:00 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-11 16:00 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-11 15:59 - 2013-07-11 15:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-11 15:58 - 2013-07-11 15:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-11 15:54 - 2013-07-11 15:54 - 00000002 _____ C:\AvastSetup.log
2013-07-11 15:53 - 2013-07-11 15:54 - 06604352 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
2013-07-11 15:49 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-11 15:49 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-11 15:49 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-07-11 15:49 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-07-11 15:49 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-07-11 15:49 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-11 15:49 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-11 15:49 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-07-11 15:49 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-07-11 15:49 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-11 15:49 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-07-11 15:49 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-07-11 15:49 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-11 15:49 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-07-11 15:49 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-11 15:49 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-07-11 15:49 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-07-11 15:49 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-11 15:49 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-07-11 15:49 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-11 15:49 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-11 15:49 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-11 15:49 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-11 15:49 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00008355 _____ C:\Users\user\Desktop\hijackthis.log
2013-07-11 15:47 - 2013-07-11 15:49 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 15:46 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-11 15:46 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-11 15:46 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-11 15:46 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-11 15:46 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-11 15:46 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-11 15:46 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-10 21:09 - 2013-07-11 15:43 - 00008334 _____ C:\Users\Anna\Downloads\hijackthis.log
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 __RHD C:\Users\Anna\AppData\Roaming\SecuROM
2013-07-10 08:29 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 08:29 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 08:29 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 08:29 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 08:29 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 08:29 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-09 22:39 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 22:39 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 22:39 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 22:39 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 22:39 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-09 22:38 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 22:38 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 18:51 - 2013-07-07 18:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2013-07-07 18:50 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-07-07 18:50 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-07-07 17:56 - 2013-07-07 17:56 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101(1).exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:15 - 2013-07-07 17:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 17:14 - 2013-07-07 17:14 - 31714216 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-i586.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-07 17:13 - 2013-07-07 17:12 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-07 17:13 - 2013-07-07 17:12 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:12 - 2013-07-07 17:12 - 00000000 ____D C:\Program Files\Java
2013-07-07 17:11 - 2013-07-07 17:11 - 33150376 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-x64.exe
2013-07-07 17:09 - 2013-07-07 17:09 - 26728448 _____ C:\Users\user\Downloads\PhysX-9.12.1031-SystemSoftware.msi
2013-07-07 16:49 - 2013-07-07 16:49 - 00003002 _____ C:\Windows\System32\Tasks\{5DC30ED3-6969-4B61-BD86-89814C982B5E}
2013-07-07 16:48 - 2013-07-07 16:48 - 00001157 _____ C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
2013-07-06 18:52 - 2013-07-06 18:52 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-07-04 23:27 - 2013-07-04 23:27 - 00001739 _____ C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
2013-07-04 18:23 - 2013-07-06 18:40 - 00000000 ____D C:\Foldit
2013-07-04 18:23 - 2013-07-04 18:23 - 00001416 _____ C:\Users\Public\Desktop\Foldit.lnk
2013-07-04 18:22 - 2013-07-04 18:23 - 35728557 _____ C:\Users\user\Downloads\Foldit-win_x86.exe
2013-06-30 20:31 - 2013-06-30 20:31 - 00000000 ____D C:\Windows\system32\appmgmt
2013-06-30 20:25 - 2013-06-30 20:25 - 00001843 _____ C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
2013-06-30 20:23 - 2013-06-30 20:23 - 00000000 ____D C:\Users\user\Documents\EA Games
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 __RHD C:\Users\user\AppData\Roaming\SecuROM
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 ____D C:\Users\user\Desktop\EA Games
2013-06-30 20:15 - 2013-06-30 20:15 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101.exe
2013-06-30 19:56 - 2013-06-30 19:56 - 00000000 ____D C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2013-06-26 22:32 - 2013-06-26 22:32 - 00002118 _____ C:\Users\Anna\AppData\Local\recently-used.xbel
2013-06-26 20:55 - 2013-06-26 20:55 - 00000000 ____D C:\Windows\pss
2013-06-26 20:25 - 2013-06-26 20:42 - 00000000 ____D C:\Users\Anna\Desktop\2013-06-26
2013-06-26 19:44 - 2013-06-26 19:57 - 00000317 _____ C:\ProgramData\hpzinstall.log
2013-06-26 19:31 - 2013-06-26 19:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-26 19:23 - 2013-06-26 19:23 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-26 19:21 - 2013-07-07 15:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-26 19:21 - 2013-07-07 15:04 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2013-06-26 19:21 - 2013-06-26 19:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-26 19:21 - 2013-06-26 19:21 - 00000000 __RHD C:\MSOCache
2013-06-26 19:16 - 2013-06-26 19:16 - 00000000 ____D C:\Users\user\AppData\Roaming\HP
2013-06-26 19:13 - 2013-06-26 19:13 - 00000000 ____D C:\Users\Anna\Desktop\OFFICE2010
2013-06-26 17:44 - 2013-06-26 17:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-19 22:35 - 2013-07-04 21:37 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-19 22:35 - 2013-06-24 20:30 - 00000000 ____D C:\Users\user\AppData\Local\PunkBuster

==================== One Month Modified Files and Folders =======

2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST
2013-07-14 19:07 - 2013-07-14 19:07 - 01777839 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-07-14 19:06 - 2013-07-14 19:06 - 00000470 _____ C:\Users\user\Desktop\defogger_disable.log
2013-07-14 19:06 - 2013-05-30 14:28 - 00000000 ____D C:\ProgramData\MFAData
2013-07-14 19:04 - 2013-07-14 19:02 - 17737608 _____ (Adobe Systems Incorporated) C:\Users\user\Desktop\install_flash_player.exe
2013-07-14 19:01 - 2013-07-11 16:00 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-14 19:00 - 2011-05-16 00:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 19:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 19:00 - 2009-07-14 06:51 - 00041428 _____ C:\Windows\setupact.log
2013-07-12 16:38 - 2011-05-10 02:27 - 01843480 _____ C:\Windows\WindowsUpdate.log
2013-07-12 16:37 - 2013-07-12 16:37 - 00408838 _____ C:\Users\user\Desktop\gmer.log
2013-07-12 16:12 - 2013-07-12 16:12 - 00377856 _____ C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-07-12 16:03 - 2013-07-12 16:03 - 00081810 _____ C:\Users\user\Desktop\OTL.Txt
2013-07-12 16:03 - 2013-07-12 16:03 - 00055540 _____ C:\Users\user\Desktop\Extras.Txt
2013-07-12 15:52 - 2013-07-12 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-07-12 15:52 - 2013-07-12 15:51 - 00000470 _____ C:\Users\user\Downloads\defogger_disable.log
2013-07-12 15:51 - 2013-07-12 15:51 - 00050477 _____ C:\Users\user\Desktop\Defogger.exe
2013-07-12 15:51 - 2013-07-12 15:51 - 00000000 _____ C:\Users\user\defogger_reenable
2013-07-12 15:07 - 2013-07-12 15:07 - 00000000 _____ C:\Users\user\Desktop\Neues Textdokument.txt
2013-07-12 14:49 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-12 14:49 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-12 14:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-12 14:40 - 2011-05-10 03:05 - 00007648 _____ C:\Windows\PFRO.log
2013-07-11 16:11 - 2013-07-11 16:10 - 22937227 _____ C:\Users\user\Downloads\vlc-2.0.7-win32.exe
2013-07-11 16:03 - 2013-05-30 14:40 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-11 16:00 - 2013-07-11 16:00 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-11 15:59 - 2013-07-11 15:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-11 15:59 - 2013-07-11 15:58 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-11 15:54 - 2013-07-11 15:54 - 00000002 _____ C:\AvastSetup.log
2013-07-11 15:54 - 2013-07-11 15:53 - 06604352 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
2013-07-11 15:49 - 2013-07-11 15:47 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 15:48 - 2013-07-11 15:48 - 00008355 _____ C:\Users\user\Desktop\hijackthis.log
2013-07-11 15:48 - 2013-06-04 23:06 - 00000000 ____D C:\Users\Anna\Downloads\backups
2013-07-11 15:43 - 2013-07-10 21:09 - 00008334 _____ C:\Users\Anna\Downloads\hijackthis.log
2013-07-11 15:43 - 2013-05-22 15:45 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2013-07-10 23:17 - 2013-06-04 23:56 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Skype
2013-07-10 21:09 - 2013-06-02 22:28 - 00000000 ____D C:\Users\Anna\AppData\Local\VirtualStore
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 __RHD C:\Users\Anna\AppData\Roaming\SecuROM
2013-07-10 17:33 - 2009-07-14 06:45 - 00435296 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-10 17:32 - 2009-07-14 13:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 17:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 17:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 08:33 - 2009-07-14 12:54 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-07-10 08:33 - 2009-07-14 12:54 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-07-10 08:33 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-08 00:38 - 2013-06-02 21:51 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2013-07-07 18:51 - 2013-07-07 18:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2013-07-07 18:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-07 17:56 - 2013-07-07 17:56 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101(1).exe
2013-07-07 17:51 - 2013-06-02 22:27 - 00000000 ____D C:\Users\Anna
2013-07-07 17:51 - 2011-05-10 02:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-07 17:51 - 2011-05-10 02:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-07 17:50 - 2011-05-10 02:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-07 17:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-07 17:36 - 2009-07-14 13:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-07 17:15 - 2013-07-07 17:15 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:15 - 2013-07-07 17:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 17:15 - 2013-05-30 14:49 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-07 17:15 - 2013-05-30 14:49 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-07 17:14 - 2013-07-07 17:14 - 31714216 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-i586.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-07 17:12 - 2013-07-07 17:13 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-07 17:12 - 2013-07-07 17:13 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:12 - 2013-07-07 17:12 - 00000000 ____D C:\Program Files\Java
2013-07-07 17:11 - 2013-07-07 17:11 - 33150376 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-x64.exe
2013-07-07 17:09 - 2013-07-07 17:09 - 26728448 _____ C:\Users\user\Downloads\PhysX-9.12.1031-SystemSoftware.msi
2013-07-07 16:49 - 2013-07-07 16:49 - 00003002 _____ C:\Windows\System32\Tasks\{5DC30ED3-6969-4B61-BD86-89814C982B5E}
2013-07-07 16:48 - 2013-07-07 16:48 - 00001157 _____ C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
2013-07-07 15:07 - 2013-06-26 19:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 15:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-07 15:04 - 2013-06-26 19:21 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2013-07-06 18:52 - 2013-07-06 18:52 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-07-06 18:52 - 2013-06-02 19:04 - 00395294 _____ C:\Windows\DirectX.log
2013-07-06 18:40 - 2013-07-04 18:23 - 00000000 ____D C:\Foldit
2013-07-04 23:27 - 2013-07-04 23:27 - 00001739 _____ C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
2013-07-04 21:37 - 2013-06-19 22:35 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-04 21:37 - 2013-06-09 01:11 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-04 18:23 - 2013-07-04 18:23 - 00001416 _____ C:\Users\Public\Desktop\Foldit.lnk
2013-07-04 18:23 - 2013-07-04 18:22 - 35728557 _____ C:\Users\user\Downloads\Foldit-win_x86.exe
2013-07-04 17:50 - 2013-06-09 01:11 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-30 20:31 - 2013-06-30 20:31 - 00000000 ____D C:\Windows\system32\appmgmt
2013-06-30 20:25 - 2013-06-30 20:25 - 00001843 _____ C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
2013-06-30 20:23 - 2013-06-30 20:23 - 00000000 ____D C:\Users\user\Documents\EA Games
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 __RHD C:\Users\user\AppData\Roaming\SecuROM
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 ____D C:\Users\user\Desktop\EA Games
2013-06-30 20:15 - 2013-06-30 20:15 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101.exe
2013-06-30 19:56 - 2013-06-30 19:56 - 00000000 ____D C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2013-06-28 12:47 - 2013-05-30 14:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-26 22:40 - 2013-06-11 19:50 - 00000000 ____D C:\Users\Anna\.gimp-2.8
2013-06-26 22:32 - 2013-06-26 22:32 - 00002118 _____ C:\Users\Anna\AppData\Local\recently-used.xbel
2013-06-26 21:21 - 2013-06-02 22:28 - 00000000 ____D C:\Users\Anna\AppData\Local\Avg2013
2013-06-26 20:55 - 2013-06-26 20:55 - 00000000 ____D C:\Windows\pss
2013-06-26 20:55 - 2013-05-22 15:45 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-06-26 20:42 - 2013-06-26 20:25 - 00000000 ____D C:\Users\Anna\Desktop\2013-06-26
2013-06-26 19:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-26 19:57 - 2013-06-26 19:44 - 00000317 _____ C:\ProgramData\hpzinstall.log
2013-06-26 19:53 - 2013-06-04 22:55 - 00115304 _____ C:\Users\Anna\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 19:44 - 2013-05-30 14:35 - 00115304 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 19:32 - 2013-06-26 19:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-26 19:31 - 2013-06-26 19:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-26 19:31 - 2009-07-14 13:17 - 00000000 ____D C:\Windows\ShellNew
2013-06-26 19:31 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-26 19:23 - 2013-06-26 19:23 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-26 19:23 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-26 19:21 - 2013-06-26 19:21 - 00000000 __RHD C:\MSOCache
2013-06-26 19:16 - 2013-06-26 19:16 - 00000000 ____D C:\Users\user\AppData\Roaming\HP
2013-06-26 19:13 - 2013-06-26 19:13 - 00000000 ____D C:\Users\Anna\Desktop\OFFICE2010
2013-06-26 17:44 - 2013-06-26 17:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-24 20:30 - 2013-06-19 22:35 - 00000000 ____D C:\Users\user\AppData\Local\PunkBuster
2013-06-24 20:30 - 2013-06-02 19:08 - 00000000 ____D C:\Users\user\AppData\Roaming\Ubisoft
2013-06-24 00:57 - 2013-05-30 15:34 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-19 22:35 - 2013-06-12 19:28 - 00000000 ____D C:\Users\user\Documents\Assassin's Creed Revelations
2013-06-19 22:35 - 2013-06-09 01:11 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-18 06:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 21:07

==================== End Of Log ============================
         
--- --- ---

--- --- ---



hier die ADDITION:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2013
Ran by user at 2013-07-14 19:09:42
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 2013 (Version: 2013.0.2904)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Assassin's Creed (x32 Version: 1.00)
Assassin's Creed Brotherhood (x32 Version: 1.03)
Assassin's Creed II (x32 Version: 1.01)
Assassin's Creed Revelations 1.03 (x32 Version: 1.03)
ATI Catalyst Install Manager (Version: 3.0.816.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 13.0.3204)
Catalyst Control Center InstallProxy (x32 Version: 2011.0308.2325.42017)
CDBurnerXP (Version: 4.3.8.2523)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Foldit (x32)
GIMP 2.8.4 (Version: 2.8.4)
Intel(R) Management Engine Interface
Intel(R) Processor Graphics (x32 Version: 8.15.10.2266)
Intel® Active-Management-Technologie
ITE Infrared Transceiver (x32 Version: 1.00.0000)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Language Pack 2010 - German/Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Office O MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office X MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mirror's Edge™ (x32 Version: 1.0.1.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
NVIDIA 3D Vision Treiber 301.42 (Version: 301.42)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA ForceWare Network Access Manager (x32 Version: 1.00.7325.0)
NVIDIA Grafiktreiber 301.42 (Version: 301.42)
NVIDIA HD-Audiotreiber 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (x32 Version: 9.12.0213)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0142)
NVIDIA Systemsteuerung 301.42 (Version: 301.42)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Platform (x32 Version: 1.34)
Prince of Persia The Forgotten Sands™ (x32 Version: 1.0)
PunkBuster Services (x32 Version: 0.990)
Realtek Ethernet Controller Driver (x32 Version: 7.37.1229.2010)
REALTEK Wireless LAN Driver and Utility (x32 Version: 1.00.0180)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0)
Skype™ 6.3 (x32 Version: 6.3.107)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.7 (x32 Version: 2.0.7)
WinRAR 4.00 (64-Bit) (Version: 4.00.0)
WMV9/VC-1 Video Playback (Version: 1.00.0000)

==================== Restore Points  =========================

06-07-2013 16:50:03 Installed ProductName from default.wxl
07-07-2013 15:12:39 Installed Java 7 Update 25 (64-bit)
07-07-2013 15:15:01 Installed Java 7 Update 25
07-07-2013 15:18:33 vor_entfrenung NVidia
07-07-2013 15:22:43 Entfernt NVIDIA ForceWare Network Access Manager
07-07-2013 15:26:51 Wiederherstellungsvorgang
07-07-2013 15:57:01 Installed Mirror's Edge Patch
07-07-2013 16:50:40 Windows Update
10-07-2013 06:22:37 Windows Update
11-07-2013 13:47:03 Windows Update
11-07-2013 13:59:15 avast! Free Antivirus Setup

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2AAA3D17-3688-4C5C-A55C-205C713F88FF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {88D6626E-1777-4242-BEC4-C3B037CFC979} - System32\Tasks\{5DC30ED3-6969-4B61-BD86-89814C982B5E} => C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe [2009-01-08] (EA Digital Illusions CE AB)
Task: {E97C03C3-5A83-4208-A7BC-BB86DFDBE2BC} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3424378060-3098743664-1317459497-1001

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2013 07:00:59 PM) (Source: LMS) (User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/12/2013 02:44:01 PM) (Source: LMS) (User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/12/2013 02:40:34 PM) (Source: LMS) (User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/11/2013 03:39:08 PM) (Source: LMS) (User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/10/2013 08:15:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.4760.1000, Zeitstempel: 0x4ba8fefd
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x129c
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (07/10/2013 05:33:57 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.Linq, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

Error: (07/10/2013 05:33:57 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Configuration, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (07/10/2013 05:33:57 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

Error: (07/10/2013 05:33:14 PM) (Source: LMS) (User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/10/2013 08:19:13 AM) (Source: LMS) (User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver


System errors:
=============
Error: (07/14/2013 07:01:15 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Realtek11nCU erreicht.

Error: (07/14/2013 07:00:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/14/2013 07:00:29 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎12.‎07.‎2013 um 17:14:22 unerwartet heruntergefahren.

Error: (07/12/2013 02:43:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/12/2013 02:40:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/12/2013 02:40:19 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2013 um 17:15:43 unerwartet heruntergefahren.

Error: (07/11/2013 03:39:13 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/11/2013 03:39:08 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/11/2013 03:39:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/10/2013 09:08:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126


Microsoft Office Sessions:
=========================
Error: (07/14/2013 07:00:59 PM) (Source: LMS)(User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/12/2013 02:44:01 PM) (Source: LMS)(User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/12/2013 02:40:34 PM) (Source: LMS)(User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/11/2013 03:39:08 PM) (Source: LMS)(User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/10/2013 08:15:47 PM) (Source: Application Error)(User: )
Description: OUTLOOK.EXE14.0.4760.10004ba8fefdKERNELBASE.dll6.1.7601.1801550b83c8ac06d007e0000c41f129c01ce7d9979b47c2fC:\PROGRA~2\MICROS~1\Office14\OUTLOOK.EXEC:\Windows\syswow64\KERNELBASE.dllbdc3db38-e98c-11e2-82af-08606e71a3de

Error: (07/10/2013 05:33:57 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.Linq, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

Error: (07/10/2013 05:33:57 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Configuration, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (07/10/2013 05:33:57 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

Error: (07/10/2013 05:33:14 PM) (Source: LMS)(User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver

Error: (07/10/2013 08:19:13 AM) (Source: LMS)(User: NT-AUTORITÄT)
Description: LMS Service cannot connect to HECI driver


==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 8174.12 MB
Available physical RAM: 6538.83 MB
Total Pagefile: 16346.42 MB
Available Pagefile: 14608.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7) (Fixed) (Total:931.41 GB) (Free:803.82 GB) NTFS (Disk=0 Partition=2)
Drive d: (Mirror's Edge) (CDROM) (Total:6.08 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D1B05904)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 14.07.2013, 19:06   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.07.2013, 20:57   #5
annoukh
 
Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



hier die COMBOFIX.txt

Code:
ATTFilter
ComboFix 13-07-14.01 - user 14.07.2013  21:35:27.1.6 - x64
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.49.1031.18.8174.6266 [GMT 2:00]
ausgeführt von:: c:\users\user\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-14 bis 2013-07-14  ))))))))))))))))))))))))))))))
.
.
2013-07-14 19:43 . 2013-07-14 19:43	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-07-14 19:43 . 2013-07-14 19:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-14 19:43 . 2013-07-14 19:43	--------	d-----w-	c:\users\Anna\AppData\Local\temp
2013-07-14 17:08 . 2013-07-14 17:08	--------	d-----w-	C:\FRST
2013-07-11 14:00 . 2013-07-11 14:00	378944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-07-11 14:00 . 2013-05-09 08:59	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-07-11 14:00 . 2013-05-09 08:59	72016	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-07-11 14:00 . 2013-05-09 08:59	64288	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-07-11 14:00 . 2013-07-11 14:00	189936	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-07-11 14:00 . 2013-07-11 14:00	1030952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-07-11 14:00 . 2013-05-09 08:59	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-07-11 14:00 . 2013-05-09 08:59	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-07-11 14:00 . 2013-05-09 08:58	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-07-11 14:00 . 2013-05-09 08:58	41664	----a-w-	c:\windows\avastSS.scr
2013-07-11 13:59 . 2013-07-11 13:59	--------	d-----w-	c:\program files\AVAST Software
2013-07-11 13:58 . 2013-07-11 13:59	--------	d-----w-	c:\programdata\AVAST Software
2013-07-11 13:46 . 2012-08-24 18:05	340992	----a-w-	c:\windows\system32\schannel.dll
2013-07-11 13:46 . 2012-08-24 16:57	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2013-07-11 13:46 . 2012-08-24 18:13	154480	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2013-07-11 13:46 . 2012-08-24 18:09	458712	----a-w-	c:\windows\system32\drivers\cng.sys
2013-07-11 13:46 . 2012-08-24 18:03	1448448	----a-w-	c:\windows\system32\lsasrv.dll
2013-07-11 13:46 . 2012-08-24 16:57	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2013-07-11 13:46 . 2012-08-24 16:53	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2013-07-10 15:49 . 2013-07-10 15:49	--------	d--h--r-	c:\users\Anna\AppData\Roaming\SecuROM
2013-07-09 20:39 . 2013-06-04 06:00	624128	----a-w-	c:\windows\system32\qedit.dll
2013-07-09 20:38 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-09 20:38 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-07 16:50 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2013-07-07 16:50 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2013-07-07 15:54 . 2013-07-07 15:54	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Microsoft
2013-07-07 15:15 . 2013-07-07 15:15	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-07 15:15 . 2013-07-07 15:15	--------	d-----w-	c:\program files (x86)\Java
2013-07-07 15:13 . 2013-07-07 15:12	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-07-07 15:13 . 2013-07-07 15:12	312232	----a-w-	c:\windows\system32\javaws.exe
2013-07-07 15:13 . 2013-07-07 15:12	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-07 15:13 . 2013-07-07 15:12	189352	----a-w-	c:\windows\system32\javaw.exe
2013-07-07 15:13 . 2013-07-07 15:12	188840	----a-w-	c:\windows\system32\java.exe
2013-07-07 15:13 . 2013-07-07 15:12	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-07 15:12 . 2013-07-07 15:12	--------	d-----w-	c:\program files\Java
2013-07-07 14:49 . 2013-07-07 16:41	--------	d-----w-	c:\users\user\AppData\Local\Diagnostics
2013-07-06 16:52 . 2013-07-06 16:52	--------	d-----w-	c:\program files (x86)\EA Games
2013-07-04 16:23 . 2013-07-06 16:40	--------	d-----w-	C:\Foldit
2013-06-30 18:31 . 2013-06-30 18:31	--------	d-----w-	c:\windows\system32\appmgmt
2013-06-30 18:30 . 2013-06-30 18:30	--------	d-----w-	c:\programdata\EA Logs
2013-06-30 18:21 . 2013-06-30 18:21	--------	d--h--r-	c:\users\user\AppData\Roaming\SecuROM
2013-06-30 18:16 . 2004-10-22 00:13	32768	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-06-30 18:16 . 2004-10-22 00:18	749568	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2013-06-30 18:16 . 2004-10-22 00:17	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2013-06-30 18:16 . 2004-10-22 00:17	274432	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2013-06-30 18:16 . 2004-10-22 00:16	180224	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2013-06-30 18:16 . 2004-10-22 00:16	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2013-06-30 18:16 . 2013-06-30 18:16	323716	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2013-06-30 18:16 . 2013-06-30 18:16	192644	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2013-06-30 17:56 . 2013-06-30 17:56	--------	d-----w-	c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2013-06-30 17:56 . 2013-06-30 17:56	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-06-26 18:55 . 2013-06-26 18:55	--------	d-----w-	c:\users\user\AppData\Local\ElevatedDiagnostics
2013-06-26 17:31 . 2013-06-26 17:32	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2013-06-26 17:24 . 2013-06-26 17:24	--------	d-----w-	c:\program files (x86)\Microsoft Synchronization Services
2013-06-26 17:24 . 2013-06-26 17:24	--------	d-----w-	c:\windows\PCHEALTH
2013-06-26 17:24 . 2013-06-26 17:24	--------	d-----w-	c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-06-26 17:22 . 2013-06-26 17:22	--------	d-----w-	c:\program files\Microsoft Office
2013-06-26 17:22 . 2013-06-26 17:22	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2013-06-26 17:21 . 2013-07-07 13:04	--------	d-----w-	c:\users\user\AppData\Local\Microsoft Help
2013-06-26 17:21 . 2013-07-07 13:07	--------	d-----w-	c:\programdata\Microsoft Help
2013-06-26 17:21 . 2013-06-26 17:21	--------	d-----r-	C:\MSOCache
2013-06-26 17:16 . 2013-06-26 17:16	--------	d-----w-	c:\users\user\AppData\Roaming\HP
2013-06-19 20:35 . 2013-07-04 19:37	280976	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-06-19 20:35 . 2013-06-24 18:30	--------	d-----w-	c:\users\user\AppData\Local\PunkBuster
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-14 17:44 . 2013-05-30 12:47	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-14 17:44 . 2013-05-30 12:47	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-07 15:15 . 2013-05-30 12:49	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-07-07 15:15 . 2013-05-30 12:49	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-07-04 19:37 . 2013-06-08 23:11	280976	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-07-04 15:50 . 2013-06-08 23:11	280976	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-06-23 22:57 . 2013-05-30 13:34	78277128	----a-w-	c:\windows\system32\MRT.exe
2013-06-19 20:35 . 2013-06-08 23:11	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-06-08 07:28 . 2013-06-08 07:28	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-06-08 07:28 . 2013-06-08 07:28	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-06-08 07:28 . 2013-06-08 07:28	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-06-08 07:28 . 2013-06-08 07:28	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-06-08 07:28 . 2013-06-08 07:28	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-06-08 07:28 . 2013-06-08 07:28	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-06-08 07:28 . 2013-06-08 07:28	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-06-08 07:28 . 2013-06-08 07:28	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-06-08 07:28 . 2013-06-08 07:28	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-06-08 07:28 . 2013-06-08 07:28	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-06-08 07:28 . 2013-06-08 07:28	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-06-08 07:28 . 2013-06-08 07:28	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-06-08 07:28 . 2013-06-08 07:28	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-06-08 07:28 . 2013-06-08 07:28	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-06-08 07:28 . 2013-06-08 07:28	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-06-08 07:28 . 2013-06-08 07:28	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-06-08 07:28 . 2013-06-08 07:28	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-06-08 07:28 . 2013-06-08 07:28	197120	----a-w-	c:\windows\system32\msrating.dll
2013-06-08 07:28 . 2013-06-08 07:28	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-06-08 07:28 . 2013-06-08 07:28	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-06-08 07:28 . 2013-06-08 07:28	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-06-08 07:28 . 2013-06-08 07:28	81408	----a-w-	c:\windows\system32\icardie.dll
2013-06-08 07:28 . 2013-06-08 07:28	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-06-08 07:28 . 2013-06-08 07:28	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-06-08 07:28 . 2013-06-08 07:28	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-06-08 07:28 . 2013-06-08 07:28	441856	----a-w-	c:\windows\system32\html.iec
2013-06-08 07:28 . 2013-06-08 07:28	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-06-08 07:28 . 2013-06-08 07:28	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-06-08 07:28 . 2013-06-08 07:28	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-06-08 07:28 . 2013-06-08 07:28	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-06-08 07:28 . 2013-06-08 07:28	235008	----a-w-	c:\windows\system32\url.dll
2013-06-08 07:28 . 2013-06-08 07:28	216064	----a-w-	c:\windows\system32\msls31.dll
2013-06-08 07:28 . 2013-06-08 07:28	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-06-08 07:28 . 2013-06-08 07:28	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-06-08 07:28 . 2013-06-08 07:28	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-06-08 07:28 . 2013-06-08 07:28	144896	----a-w-	c:\windows\system32\wextract.exe
2013-06-08 07:28 . 2013-06-08 07:28	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-06-08 07:28 . 2013-06-08 07:28	102912	----a-w-	c:\windows\system32\inseng.dll
2013-06-08 07:28 . 2013-06-08 07:28	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-06-08 07:28 . 2013-06-08 07:28	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-06-08 07:28 . 2013-06-08 07:28	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-06-08 07:28 . 2013-06-08 07:28	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-06-08 07:28 . 2013-06-08 07:28	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-06-08 07:28 . 2013-06-08 07:28	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-06-08 07:28 . 2013-06-08 07:28	149504	----a-w-	c:\windows\system32\occache.dll
2013-06-08 07:28 . 2013-06-08 07:28	13824	----a-w-	c:\windows\system32\mshta.exe
2013-06-08 07:28 . 2013-06-08 07:28	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-06-08 07:28 . 2013-06-08 07:28	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-06-08 07:28 . 2013-06-08 07:28	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-06-08 07:26 . 2013-06-08 07:26	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-06-08 07:26 . 2013-06-08 07:26	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-06-08 07:26 . 2013-06-08 07:26	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-06-08 07:26 . 2013-06-08 07:26	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-06-08 07:26 . 2013-06-08 07:26	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-06-08 07:26 . 2013-06-08 07:26	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-06-08 07:26 . 2013-06-08 07:26	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-06-08 07:26 . 2013-06-08 07:26	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-06-08 07:26 . 2013-06-08 07:26	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-08 07:26 . 2013-06-08 07:26	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-06-08 07:26 . 2013-06-08 07:26	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-06-08 07:26 . 2013-06-08 07:26	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-06-08 07:26 . 2013-06-08 07:26	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-06-08 07:26 . 2013-06-08 07:26	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-06-08 07:26 . 2013-06-08 07:26	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-06-08 07:26 . 2013-06-08 07:26	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-06-08 07:26 . 2013-06-08 07:26	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-06-08 07:26 . 2013-06-08 07:26	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-06-08 07:26 . 2013-06-08 07:26	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-06-08 07:26 . 2013-06-08 07:26	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-06-08 07:26 . 2013-06-08 07:26	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-06-08 07:26 . 2013-06-08 07:26	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2013-06-08 07:26 . 2013-06-08 07:26	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-06-08 07:26 . 2013-06-08 07:26	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-06-08 07:26 . 2013-06-08 07:26	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-06-08 07:26 . 2013-06-08 07:26	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-05-24 2439072]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 WLMS;Windows Licensing Monitoring Service;c:\windows\system32\wlms\wlms.exe;c:\windows\SYSNATIVE\wlms\wlms.exe [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
R3 FXDrv32;FXDrv32;d:\fxdrv64.sys;d:\FXDrv64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11-Drahtlosgerätetreiber;c:\windows\system32\DRIVERS\RTL85n64.sys;c:\windows\SYSNATIVE\DRIVERS\RTL85n64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files (x86)\Intel\AMT\UNS.exe;c:\program files (x86)\Intel\AMT\UNS.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
S3 rtlss;Service for enabling selective suspend to RTL device;c:\windows\system32\Drivers\rtlss.sys;c:\windows\SYSNATIVE\Drivers\rtlss.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-30 17:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-20 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-20 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-20 418328]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\
FF - prefs.js: network.proxy.ftp - 194.102.180.222
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 194.102.180.222
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 194.102.180.222
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 194.102.180.222
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-05-30 15:16; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-05-30 15:16; {4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF - ExtSQL: 2013-05-30 15:16; firefox@ghostery.com; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2013-06-04 15:23; stealthyextension@gmail.com; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\extensions\stealthyextension@gmail.com.xpi
FF - ExtSQL: 2013-06-26 16:56; client@anonymox.net; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-07-11 16:00; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3424378060-3098743664-1317459497-1001\Software\SecuROM\License information*]
"datasecu"=hex:e9,77,2d,6d,a7,65,54,9e,93,52,0d,f5,fa,63,66,cb,68,de,89,ff,67,
   42,83,ea,44,93,a5,3c,d7,27,9f,19,dd,96,30,35,54,83,e9,6d,09,e0,dc,ba,e4,43,\
"rkeysecu"=hex:80,5b,c5,43,89,a8,e9,fa,38,60,b3,06,18,f0,ae,53
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-14  21:53:17
ComboFix-quarantined-files.txt  2013-07-14 19:53
.
Vor Suchlauf: 7 Verzeichnis(se), 863.190.282.240 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 863.000.940.544 Bytes frei
.
- - End Of File - - 6652807516C7CA9AFD2CAFD8539F8986
A36C5E4F47E84449FF07ED3517B43A31
         
Muss ich nach der Anwendung von Combofix obligat einen Neustart durchführen?


Alt 14.07.2013, 21:46   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Nee, CF startet den Rechner alleine neu wenn nötig

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Spontanes Öffnen von Firefox während eines Spieles

Alt 14.07.2013, 23:12   #7
annoukh
 
Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



AdwCleaner.txt

Code:
ATTFilter
# AdwCleaner v2.305 - Datei am 14/07/2013 um 23:53:10 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzer : user - USER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\user\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

*************************

AdwCleaner[S1].txt - [596 octets] - [14/07/2013 23:53:10]

########## EOF - C:\AdwCleaner[S1].txt - [655 octets] ##########
         
JRT.txt

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 7 Enterprise x64
Ran by user on 15.07.2013 at  0:00:24,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\1dcz4hba.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2013 at  0:05:03,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und das neue FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by user (administrator) on 15-07-2013 00:09:35
Running from C:\Users\user\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
() C:\Users\user\Desktop\Defogger.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default
FF NetworkProxy: "ftp", "194.102.180.222"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "194.102.180.222"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "194.102.180.222"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "194.102.180.222"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\firefox@ghostery.com
FF Extension: client - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\client@anonymox.net.xpi
FF Extension: stealthyextension - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-06-19] ()
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel)
S2 WLMS; C:\Windows\system32\wlms\wlms.exe [19456 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-11] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-11] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-11] ()
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1038440 2011-05-09] (Realtek Semiconductor Corporation                           )
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 FXDrv32; \??\D:\FXDrv64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 00:05 - 2013-07-15 00:06 - 00000752 _____ C:\Users\user\Desktop\JRT.txt
2013-07-15 00:00 - 2013-07-15 00:00 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 23:55 - 2013-07-14 23:55 - 00000723 _____ C:\Users\user\Desktop\AdwCleaner[S1].txt
2013-07-14 23:53 - 2013-07-14 23:53 - 00000723 _____ C:\AdwCleaner[S1].txt
2013-07-14 23:51 - 2013-07-14 23:51 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-07-14 23:49 - 2013-07-14 23:49 - 00662345 _____ C:\Users\user\Desktop\adwcleaner.exe
2013-07-14 21:57 - 2013-07-14 21:57 - 00026325 _____ C:\Users\user\Desktop\Combofix.txt
2013-07-14 21:53 - 2013-07-14 21:53 - 00026325 _____ C:\ComboFix.txt
2013-07-14 21:36 - 2013-07-14 21:36 - 00000000 ____D C:\Users\user\Desktop\Übung_AdM
2013-07-14 21:32 - 2013-07-14 21:53 - 00000000 ____D C:\Qoobox
2013-07-14 21:32 - 2013-07-14 21:50 - 00000000 ____D C:\Windows\erdnt
2013-07-14 21:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-14 21:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-14 21:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-14 21:29 - 2013-07-14 21:30 - 05088557 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2013-07-14 21:23 - 2013-07-14 22:59 - 23727225 _____ C:\Users\user\Desktop\Lösung Übung TUK.rar
2013-07-14 19:45 - 2013-07-14 23:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 19:45 - 2013-07-14 19:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 19:09 - 2013-07-14 19:10 - 00016266 _____ C:\Users\user\Desktop\Addition.txt
2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST
2013-07-14 19:07 - 2013-07-14 19:07 - 01777839 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-07-14 19:06 - 2013-07-15 00:09 - 00000470 _____ C:\Users\user\Desktop\defogger_disable.log
2013-07-12 16:37 - 2013-07-12 16:37 - 00408838 _____ C:\Users\user\Desktop\gmer.log
2013-07-12 16:12 - 2013-07-12 16:12 - 00377856 _____ C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-07-12 16:03 - 2013-07-12 16:03 - 00081810 _____ C:\Users\user\Desktop\OTL.Txt
2013-07-12 16:03 - 2013-07-12 16:03 - 00055540 _____ C:\Users\user\Desktop\Extras.Txt
2013-07-12 15:52 - 2013-07-12 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-07-12 15:51 - 2013-07-12 15:52 - 00000470 _____ C:\Users\user\Downloads\defogger_disable.log
2013-07-12 15:51 - 2013-07-12 15:51 - 00050477 _____ C:\Users\user\Desktop\Defogger.exe
2013-07-12 15:51 - 2013-07-12 15:51 - 00000000 _____ C:\Users\user\defogger_reenable
2013-07-11 16:10 - 2013-07-11 16:11 - 22937227 _____ C:\Users\user\Downloads\vlc-2.0.7-win32.exe
2013-07-11 16:00 - 2013-07-14 19:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-11 16:00 - 2013-07-11 16:00 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-11 16:00 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-11 16:00 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-11 16:00 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-11 15:59 - 2013-07-11 15:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-11 15:58 - 2013-07-11 15:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-11 15:54 - 2013-07-11 15:54 - 00000002 _____ C:\AvastSetup.log
2013-07-11 15:53 - 2013-07-11 15:54 - 06604352 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
2013-07-11 15:49 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-11 15:49 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-11 15:49 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-07-11 15:49 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-07-11 15:49 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-07-11 15:49 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-11 15:49 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-11 15:49 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-07-11 15:49 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-07-11 15:49 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-11 15:49 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-07-11 15:49 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-07-11 15:49 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-11 15:49 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-07-11 15:49 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-11 15:49 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-07-11 15:49 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-07-11 15:49 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-11 15:49 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-07-11 15:49 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-11 15:49 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-11 15:49 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-11 15:49 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-11 15:49 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-11 15:47 - 2013-07-11 15:49 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 15:46 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-11 15:46 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-11 15:46 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-11 15:46 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-11 15:46 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-11 15:46 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-11 15:46 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-10 21:09 - 2013-07-11 15:43 - 00008334 _____ C:\Users\Anna\Downloads\hijackthis.log
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 __RHD C:\Users\Anna\AppData\Roaming\SecuROM
2013-07-10 08:29 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 08:29 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 08:29 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 08:29 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 08:29 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 08:29 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-09 22:39 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 22:39 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 22:39 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 22:39 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 22:39 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-09 22:38 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 22:38 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 18:51 - 2013-07-07 18:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2013-07-07 18:50 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-07-07 18:50 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-07-07 17:56 - 2013-07-07 17:56 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101(1).exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:15 - 2013-07-07 17:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 17:14 - 2013-07-07 17:14 - 31714216 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-i586.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-07 17:13 - 2013-07-07 17:12 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-07 17:13 - 2013-07-07 17:12 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:12 - 2013-07-07 17:12 - 00000000 ____D C:\Program Files\Java
2013-07-07 17:11 - 2013-07-07 17:11 - 33150376 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-x64.exe
2013-07-07 17:09 - 2013-07-07 17:09 - 26728448 _____ C:\Users\user\Downloads\PhysX-9.12.1031-SystemSoftware.msi
2013-07-07 16:49 - 2013-07-07 16:49 - 00003002 _____ C:\Windows\System32\Tasks\{5DC30ED3-6969-4B61-BD86-89814C982B5E}
2013-07-07 16:48 - 2013-07-07 16:48 - 00001157 _____ C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
2013-07-06 18:52 - 2013-07-06 18:52 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-07-04 23:27 - 2013-07-04 23:27 - 00001739 _____ C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
2013-07-04 18:23 - 2013-07-06 18:40 - 00000000 ____D C:\Foldit
2013-07-04 18:23 - 2013-07-04 18:23 - 00001416 _____ C:\Users\Public\Desktop\Foldit.lnk
2013-07-04 18:22 - 2013-07-04 18:23 - 35728557 _____ C:\Users\user\Downloads\Foldit-win_x86.exe
2013-06-30 20:31 - 2013-06-30 20:31 - 00000000 ____D C:\Windows\system32\appmgmt
2013-06-30 20:25 - 2013-06-30 20:25 - 00001843 _____ C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
2013-06-30 20:23 - 2013-06-30 20:23 - 00000000 ____D C:\Users\user\Documents\EA Games
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 __RHD C:\Users\user\AppData\Roaming\SecuROM
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 ____D C:\Users\user\Desktop\EA Games
2013-06-30 20:15 - 2013-06-30 20:15 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101.exe
2013-06-30 19:56 - 2013-06-30 19:56 - 00000000 ____D C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2013-06-26 22:32 - 2013-06-26 22:32 - 00002118 _____ C:\Users\Anna\AppData\Local\recently-used.xbel
2013-06-26 20:55 - 2013-06-26 20:55 - 00000000 ____D C:\Windows\pss
2013-06-26 20:25 - 2013-06-26 20:42 - 00000000 ____D C:\Users\Anna\Desktop\2013-06-26
2013-06-26 19:44 - 2013-06-26 19:57 - 00000317 _____ C:\ProgramData\hpzinstall.log
2013-06-26 19:31 - 2013-06-26 19:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-26 19:23 - 2013-06-26 19:23 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-26 19:21 - 2013-07-07 15:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-26 19:21 - 2013-07-07 15:04 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2013-06-26 19:21 - 2013-06-26 19:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-26 19:21 - 2013-06-26 19:21 - 00000000 ___RD C:\MSOCache
2013-06-26 19:16 - 2013-06-26 19:16 - 00000000 ____D C:\Users\user\AppData\Roaming\HP
2013-06-26 19:13 - 2013-06-26 19:13 - 00000000 ____D C:\Users\Anna\Desktop\OFFICE2010
2013-06-26 17:44 - 2013-06-26 17:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-19 22:35 - 2013-07-04 21:37 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-19 22:35 - 2013-06-24 20:30 - 00000000 ____D C:\Users\user\AppData\Local\PunkBuster

==================== One Month Modified Files and Folders =======

2013-07-15 00:09 - 2013-07-14 19:06 - 00000470 _____ C:\Users\user\Desktop\defogger_disable.log
2013-07-15 00:06 - 2013-07-15 00:05 - 00000752 _____ C:\Users\user\Desktop\JRT.txt
2013-07-15 00:05 - 2011-05-10 02:27 - 01854404 _____ C:\Windows\WindowsUpdate.log
2013-07-15 00:02 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 00:02 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 00:00 - 2013-07-15 00:00 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 23:55 - 2013-07-14 23:55 - 00000723 _____ C:\Users\user\Desktop\AdwCleaner[S1].txt
2013-07-14 23:55 - 2011-05-16 00:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 23:55 - 2011-05-10 03:05 - 00008194 _____ C:\Windows\PFRO.log
2013-07-14 23:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 23:55 - 2009-07-14 06:51 - 00041484 _____ C:\Windows\setupact.log
2013-07-14 23:53 - 2013-07-14 23:53 - 00000723 _____ C:\AdwCleaner[S1].txt
2013-07-14 23:51 - 2013-07-14 23:51 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-07-14 23:49 - 2013-07-14 23:49 - 00662345 _____ C:\Users\user\Desktop\adwcleaner.exe
2013-07-14 23:48 - 2013-06-02 21:51 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2013-07-14 23:35 - 2013-07-14 19:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 22:59 - 2013-07-14 21:23 - 23727225 _____ C:\Users\user\Desktop\Lösung Übung TUK.rar
2013-07-14 21:57 - 2013-07-14 21:57 - 00026325 _____ C:\Users\user\Desktop\Combofix.txt
2013-07-14 21:53 - 2013-07-14 21:53 - 00026325 _____ C:\ComboFix.txt
2013-07-14 21:53 - 2013-07-14 21:32 - 00000000 ____D C:\Qoobox
2013-07-14 21:53 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-14 21:50 - 2013-07-14 21:32 - 00000000 ____D C:\Windows\erdnt
2013-07-14 21:43 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-14 21:36 - 2013-07-14 21:36 - 00000000 ____D C:\Users\user\Desktop\Übung_AdM
2013-07-14 21:30 - 2013-07-14 21:29 - 05088557 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2013-07-14 19:45 - 2013-07-14 19:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 19:44 - 2013-05-30 14:47 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-14 19:44 - 2013-05-30 14:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-14 19:10 - 2013-07-14 19:09 - 00016266 _____ C:\Users\user\Desktop\Addition.txt
2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST
2013-07-14 19:07 - 2013-07-14 19:07 - 01777839 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-07-14 19:06 - 2013-05-30 14:28 - 00000000 ____D C:\ProgramData\MFAData
2013-07-14 19:01 - 2013-07-11 16:00 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-12 16:37 - 2013-07-12 16:37 - 00408838 _____ C:\Users\user\Desktop\gmer.log
2013-07-12 16:12 - 2013-07-12 16:12 - 00377856 _____ C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-07-12 16:03 - 2013-07-12 16:03 - 00081810 _____ C:\Users\user\Desktop\OTL.Txt
2013-07-12 16:03 - 2013-07-12 16:03 - 00055540 _____ C:\Users\user\Desktop\Extras.Txt
2013-07-12 15:52 - 2013-07-12 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-07-12 15:52 - 2013-07-12 15:51 - 00000470 _____ C:\Users\user\Downloads\defogger_disable.log
2013-07-12 15:51 - 2013-07-12 15:51 - 00050477 _____ C:\Users\user\Desktop\Defogger.exe
2013-07-12 15:51 - 2013-07-12 15:51 - 00000000 _____ C:\Users\user\defogger_reenable
2013-07-12 14:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-11 16:11 - 2013-07-11 16:10 - 22937227 _____ C:\Users\user\Downloads\vlc-2.0.7-win32.exe
2013-07-11 16:03 - 2013-05-30 14:40 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-11 16:00 - 2013-07-11 16:00 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-11 15:59 - 2013-07-11 15:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-11 15:59 - 2013-07-11 15:58 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-11 15:54 - 2013-07-11 15:54 - 00000002 _____ C:\AvastSetup.log
2013-07-11 15:54 - 2013-07-11 15:53 - 06604352 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
2013-07-11 15:49 - 2013-07-11 15:47 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 15:48 - 2013-06-04 23:06 - 00000000 ____D C:\Users\Anna\Downloads\backups
2013-07-11 15:43 - 2013-07-10 21:09 - 00008334 _____ C:\Users\Anna\Downloads\hijackthis.log
2013-07-11 15:43 - 2013-05-22 15:45 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2013-07-10 23:17 - 2013-06-04 23:56 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Skype
2013-07-10 21:09 - 2013-06-02 22:28 - 00000000 ____D C:\Users\Anna\AppData\Local\VirtualStore
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 __RHD C:\Users\Anna\AppData\Roaming\SecuROM
2013-07-10 17:33 - 2009-07-14 06:45 - 00435296 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-10 17:32 - 2009-07-14 13:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 17:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 17:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 08:33 - 2009-07-14 12:54 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-07-10 08:33 - 2009-07-14 12:54 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-07-10 08:33 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-07 18:51 - 2013-07-07 18:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2013-07-07 18:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-07 17:56 - 2013-07-07 17:56 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101(1).exe
2013-07-07 17:51 - 2013-06-02 22:27 - 00000000 ____D C:\Users\Anna
2013-07-07 17:51 - 2011-05-10 02:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-07 17:51 - 2011-05-10 02:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-07 17:50 - 2011-05-10 02:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-07 17:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-07 17:36 - 2009-07-14 13:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-07 17:15 - 2013-07-07 17:15 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:15 - 2013-07-07 17:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 17:15 - 2013-05-30 14:49 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-07 17:15 - 2013-05-30 14:49 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-07 17:14 - 2013-07-07 17:14 - 31714216 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-i586.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-07 17:12 - 2013-07-07 17:13 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-07 17:12 - 2013-07-07 17:13 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:12 - 2013-07-07 17:12 - 00000000 ____D C:\Program Files\Java
2013-07-07 17:11 - 2013-07-07 17:11 - 33150376 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-x64.exe
2013-07-07 17:09 - 2013-07-07 17:09 - 26728448 _____ C:\Users\user\Downloads\PhysX-9.12.1031-SystemSoftware.msi
2013-07-07 16:49 - 2013-07-07 16:49 - 00003002 _____ C:\Windows\System32\Tasks\{5DC30ED3-6969-4B61-BD86-89814C982B5E}
2013-07-07 16:48 - 2013-07-07 16:48 - 00001157 _____ C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
2013-07-07 15:07 - 2013-06-26 19:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 15:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-07 15:04 - 2013-06-26 19:21 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2013-07-06 18:52 - 2013-07-06 18:52 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-07-06 18:52 - 2013-06-02 19:04 - 00395294 _____ C:\Windows\DirectX.log
2013-07-06 18:40 - 2013-07-04 18:23 - 00000000 ____D C:\Foldit
2013-07-04 23:27 - 2013-07-04 23:27 - 00001739 _____ C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
2013-07-04 21:37 - 2013-06-19 22:35 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-04 21:37 - 2013-06-09 01:11 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-04 18:23 - 2013-07-04 18:23 - 00001416 _____ C:\Users\Public\Desktop\Foldit.lnk
2013-07-04 18:23 - 2013-07-04 18:22 - 35728557 _____ C:\Users\user\Downloads\Foldit-win_x86.exe
2013-07-04 17:50 - 2013-06-09 01:11 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-30 20:31 - 2013-06-30 20:31 - 00000000 ____D C:\Windows\system32\appmgmt
2013-06-30 20:25 - 2013-06-30 20:25 - 00001843 _____ C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
2013-06-30 20:23 - 2013-06-30 20:23 - 00000000 ____D C:\Users\user\Documents\EA Games
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 __RHD C:\Users\user\AppData\Roaming\SecuROM
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 ____D C:\Users\user\Desktop\EA Games
2013-06-30 20:15 - 2013-06-30 20:15 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101.exe
2013-06-30 19:56 - 2013-06-30 19:56 - 00000000 ____D C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2013-06-28 12:47 - 2013-05-30 14:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-26 22:40 - 2013-06-11 19:50 - 00000000 ____D C:\Users\Anna\.gimp-2.8
2013-06-26 22:32 - 2013-06-26 22:32 - 00002118 _____ C:\Users\Anna\AppData\Local\recently-used.xbel
2013-06-26 21:21 - 2013-06-02 22:28 - 00000000 ____D C:\Users\Anna\AppData\Local\Avg2013
2013-06-26 20:55 - 2013-06-26 20:55 - 00000000 ____D C:\Windows\pss
2013-06-26 20:55 - 2013-05-22 15:45 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-06-26 20:42 - 2013-06-26 20:25 - 00000000 ____D C:\Users\Anna\Desktop\2013-06-26
2013-06-26 19:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-26 19:57 - 2013-06-26 19:44 - 00000317 _____ C:\ProgramData\hpzinstall.log
2013-06-26 19:53 - 2013-06-04 22:55 - 00115304 _____ C:\Users\Anna\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 19:44 - 2013-05-30 14:35 - 00115304 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 19:32 - 2013-06-26 19:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-26 19:31 - 2013-06-26 19:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-26 19:31 - 2009-07-14 13:17 - 00000000 ____D C:\Windows\ShellNew
2013-06-26 19:31 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-26 19:23 - 2013-06-26 19:23 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-26 19:23 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-26 19:21 - 2013-06-26 19:21 - 00000000 ___RD C:\MSOCache
2013-06-26 19:16 - 2013-06-26 19:16 - 00000000 ____D C:\Users\user\AppData\Roaming\HP
2013-06-26 19:13 - 2013-06-26 19:13 - 00000000 ____D C:\Users\Anna\Desktop\OFFICE2010
2013-06-26 17:44 - 2013-06-26 17:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-24 20:30 - 2013-06-19 22:35 - 00000000 ____D C:\Users\user\AppData\Local\PunkBuster
2013-06-24 20:30 - 2013-06-02 19:08 - 00000000 ____D C:\Users\user\AppData\Roaming\Ubisoft
2013-06-24 00:57 - 2013-05-30 15:34 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-19 22:35 - 2013-06-12 19:28 - 00000000 ____D C:\Users\user\Documents\Assassin's Creed Revelations
2013-06-19 22:35 - 2013-06-09 01:11 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-18 06:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 21:07

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Danke für die schnelle Hilfe, auch um diese Uhrzeit :-)

Geändert von annoukh (14.07.2013 um 23:19 Uhr)

Alt 15.07.2013, 08:09   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 19:39   #9
annoukh
 
Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Der Scan verläuft bei meiner externen Festplatte sehr langsam (etwa alle 10 Sekunden eine Datei).

Ich habe eine Vermutung das es hardwarebedingt ist, weil die externe Festplatte alle 5 bis 12 Sekunden klickt und dann kein Summen der Festplatte mehr zu hören ist.

Kann ich den Scan auch ohne die externe Festplatte machen? Sonst wird der Scan vor 3 Uhr morgen nicht fertig und ich fühle mich unwohl bei einem Scan mit ausgeschalteter Firewall und ausgeschaltetem Antivirenprogramm.

Alt 15.07.2013, 20:34   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Klar lass die Externe weg
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 20:55   #11
annoukh
 
Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Hier die logs:

ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f189a25cfd386f4b8a9616587a82725c
# engine=14406
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-15 07:39:13
# local_time=2013-07-15 09:39:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 365898 150627025 0 0
# compatibility_mode=1045 16777213 100 77 9215 61054737 0 0
# compatibility_mode=5893 16776573 100 94 8824 125547003 0 0
# scanned=150557
# found=0
# cleaned=0
# scan_time=8474
         
checkup.txt von SecurityCheck

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.69  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 25  
 Adobe Flash Player 11.8.800.94  
 Adobe Reader XI  
 Mozilla Firefox (22.0) 
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und das neuste FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by user (administrator) on 15-07-2013 21:45:20
Running from C:\Users\user\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Users\user\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default
FF NetworkProxy: "ftp", "194.102.180.222"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "194.102.180.222"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "194.102.180.222"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "194.102.180.222"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\firefox@ghostery.com
FF Extension: client - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\client@anonymox.net.xpi
FF Extension: stealthyextension - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1dcz4hba.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-06-19] ()
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel)
S2 WLMS; C:\Windows\system32\wlms\wlms.exe [19456 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-11] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-11] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-11] ()
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1038440 2011-05-09] (Realtek Semiconductor Corporation                           )
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 FXDrv32; \??\D:\FXDrv64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 21:44 - 2013-07-15 21:44 - 00000764 _____ C:\Users\user\Desktop\checkup.txt
2013-07-15 21:42 - 2013-07-15 21:42 - 00891022 _____ C:\Users\user\Desktop\SecurityCheck.exe
2013-07-15 21:41 - 2013-07-15 21:41 - 00001110 _____ C:\Users\user\Desktop\ESET.txt
2013-07-15 19:13 - 2013-07-15 19:13 - 02347384 _____ (ESET) C:\Users\user\Desktop\esetsmartinstaller_enu.exe
2013-07-15 06:57 - 2013-07-15 06:57 - 00000000 ____D C:\Users\user\Desktop\Autoruns
2013-07-15 00:30 - 2013-05-02 02:06 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-07-15 00:05 - 2013-07-15 00:06 - 00000752 _____ C:\Users\user\Desktop\JRT.txt
2013-07-15 00:00 - 2013-07-15 00:00 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 23:55 - 2013-07-14 23:55 - 00000723 _____ C:\Users\user\Desktop\AdwCleaner[S1].txt
2013-07-14 23:53 - 2013-07-14 23:53 - 00000723 _____ C:\AdwCleaner[S1].txt
2013-07-14 23:51 - 2013-07-14 23:51 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-07-14 23:49 - 2013-07-14 23:49 - 00662345 _____ C:\Users\user\Desktop\adwcleaner.exe
2013-07-14 21:57 - 2013-07-14 21:57 - 00026325 _____ C:\Users\user\Desktop\Combofix.txt
2013-07-14 21:53 - 2013-07-14 21:53 - 00026325 _____ C:\ComboFix.txt
2013-07-14 21:36 - 2013-07-14 21:36 - 00000000 ____D C:\Users\user\Desktop\Übung_AdM
2013-07-14 21:32 - 2013-07-14 21:53 - 00000000 ____D C:\Qoobox
2013-07-14 21:32 - 2013-07-14 21:50 - 00000000 ____D C:\Windows\erdnt
2013-07-14 21:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-14 21:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-14 21:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-14 21:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-14 21:29 - 2013-07-14 21:30 - 05088557 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2013-07-14 21:23 - 2013-07-14 22:59 - 23727225 _____ C:\Users\user\Desktop\Lösung Übung TUK.rar
2013-07-14 19:45 - 2013-07-15 21:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 19:45 - 2013-07-14 19:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 19:09 - 2013-07-14 19:10 - 00016266 _____ C:\Users\user\Desktop\Addition.txt
2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST
2013-07-14 19:07 - 2013-07-14 19:07 - 01777839 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-07-14 19:06 - 2013-07-15 19:14 - 00000470 _____ C:\Users\user\Desktop\defogger_disable.log
2013-07-12 16:37 - 2013-07-12 16:37 - 00408838 _____ C:\Users\user\Desktop\gmer.log
2013-07-12 16:12 - 2013-07-12 16:12 - 00377856 _____ C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-07-12 16:03 - 2013-07-12 16:03 - 00081810 _____ C:\Users\user\Desktop\OTL.Txt
2013-07-12 16:03 - 2013-07-12 16:03 - 00055540 _____ C:\Users\user\Desktop\Extras.Txt
2013-07-12 15:52 - 2013-07-12 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-07-12 15:51 - 2013-07-12 15:52 - 00000470 _____ C:\Users\user\Downloads\defogger_disable.log
2013-07-12 15:51 - 2013-07-12 15:51 - 00050477 _____ C:\Users\user\Desktop\Defogger.exe
2013-07-12 15:51 - 2013-07-12 15:51 - 00000000 _____ C:\Users\user\defogger_reenable
2013-07-11 16:10 - 2013-07-11 16:11 - 22937227 _____ C:\Users\user\Downloads\vlc-2.0.7-win32.exe
2013-07-11 16:00 - 2013-07-14 19:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-11 16:00 - 2013-07-11 16:00 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-11 16:00 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-11 16:00 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-11 16:00 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-11 16:00 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-11 15:59 - 2013-07-11 15:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-11 15:58 - 2013-07-11 15:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-11 15:54 - 2013-07-11 15:54 - 00000002 _____ C:\AvastSetup.log
2013-07-11 15:53 - 2013-07-11 15:54 - 06604352 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
2013-07-11 15:49 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-11 15:49 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-11 15:49 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-07-11 15:49 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-07-11 15:49 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-07-11 15:49 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-11 15:49 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-11 15:49 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-07-11 15:49 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-07-11 15:49 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-11 15:49 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-07-11 15:49 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-07-11 15:49 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-11 15:49 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-07-11 15:49 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-11 15:49 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-07-11 15:49 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-07-11 15:49 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-11 15:49 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-07-11 15:49 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-11 15:49 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-11 15:49 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-11 15:49 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-11 15:49 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-11 15:47 - 2013-07-11 15:49 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 15:46 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-11 15:46 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-11 15:46 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-11 15:46 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-11 15:46 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-11 15:46 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-11 15:46 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-10 21:09 - 2013-07-11 15:43 - 00008334 _____ C:\Users\Anna\Downloads\hijackthis.log
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 __RHD C:\Users\Anna\AppData\Roaming\SecuROM
2013-07-10 08:29 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 08:29 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 08:29 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 08:29 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 08:29 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 08:29 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 08:29 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 08:29 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 08:29 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 08:29 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-09 22:39 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 22:39 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 22:39 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 22:39 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 22:39 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-09 22:38 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 22:38 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 18:51 - 2013-07-07 18:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2013-07-07 18:50 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-07-07 18:50 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-07-07 17:56 - 2013-07-07 17:56 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101(1).exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:15 - 2013-07-07 17:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 17:14 - 2013-07-07 17:14 - 31714216 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-i586.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-07 17:13 - 2013-07-07 17:12 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-07 17:13 - 2013-07-07 17:12 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:13 - 2013-07-07 17:12 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:12 - 2013-07-07 17:12 - 00000000 ____D C:\Program Files\Java
2013-07-07 17:11 - 2013-07-07 17:11 - 33150376 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-x64.exe
2013-07-07 17:09 - 2013-07-07 17:09 - 26728448 _____ C:\Users\user\Downloads\PhysX-9.12.1031-SystemSoftware.msi
2013-07-07 16:49 - 2013-07-07 16:49 - 00003002 _____ C:\Windows\System32\Tasks\{5DC30ED3-6969-4B61-BD86-89814C982B5E}
2013-07-07 16:48 - 2013-07-07 16:48 - 00001157 _____ C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
2013-07-06 18:52 - 2013-07-06 18:52 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-07-04 23:27 - 2013-07-04 23:27 - 00001739 _____ C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
2013-07-04 18:23 - 2013-07-06 18:40 - 00000000 ____D C:\Foldit
2013-07-04 18:23 - 2013-07-04 18:23 - 00001416 _____ C:\Users\Public\Desktop\Foldit.lnk
2013-07-04 18:22 - 2013-07-04 18:23 - 35728557 _____ C:\Users\user\Downloads\Foldit-win_x86.exe
2013-06-30 20:31 - 2013-06-30 20:31 - 00000000 ____D C:\Windows\system32\appmgmt
2013-06-30 20:25 - 2013-06-30 20:25 - 00001843 _____ C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
2013-06-30 20:23 - 2013-06-30 20:23 - 00000000 ____D C:\Users\user\Documents\EA Games
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 __RHD C:\Users\user\AppData\Roaming\SecuROM
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 ____D C:\Users\user\Desktop\EA Games
2013-06-30 20:15 - 2013-06-30 20:15 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101.exe
2013-06-30 19:56 - 2013-06-30 19:56 - 00000000 ____D C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2013-06-26 22:32 - 2013-06-26 22:32 - 00002118 _____ C:\Users\Anna\AppData\Local\recently-used.xbel
2013-06-26 20:55 - 2013-06-26 20:55 - 00000000 ____D C:\Windows\pss
2013-06-26 20:25 - 2013-06-26 20:42 - 00000000 ____D C:\Users\Anna\Desktop\2013-06-26
2013-06-26 19:44 - 2013-06-26 19:57 - 00000317 _____ C:\ProgramData\hpzinstall.log
2013-06-26 19:31 - 2013-06-26 19:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-26 19:23 - 2013-06-26 19:23 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-26 19:21 - 2013-07-07 15:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-26 19:21 - 2013-07-07 15:04 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2013-06-26 19:21 - 2013-06-26 19:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-26 19:21 - 2013-06-26 19:21 - 00000000 ___RD C:\MSOCache
2013-06-26 19:16 - 2013-06-26 19:16 - 00000000 ____D C:\Users\user\AppData\Roaming\HP
2013-06-26 19:13 - 2013-06-26 19:13 - 00000000 ____D C:\Users\Anna\Desktop\OFFICE2010
2013-06-26 17:44 - 2013-06-26 17:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-19 22:35 - 2013-07-04 21:37 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-19 22:35 - 2013-06-24 20:30 - 00000000 ____D C:\Users\user\AppData\Local\PunkBuster

==================== One Month Modified Files and Folders =======

2013-07-15 21:44 - 2013-07-15 21:44 - 00000764 _____ C:\Users\user\Desktop\checkup.txt
2013-07-15 21:42 - 2013-07-15 21:42 - 00891022 _____ C:\Users\user\Desktop\SecurityCheck.exe
2013-07-15 21:41 - 2013-07-15 21:41 - 00001110 _____ C:\Users\user\Desktop\ESET.txt
2013-07-15 21:35 - 2013-07-14 19:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 19:16 - 2011-05-10 02:27 - 01893283 _____ C:\Windows\WindowsUpdate.log
2013-07-15 19:14 - 2013-07-14 19:06 - 00000470 _____ C:\Users\user\Desktop\defogger_disable.log
2013-07-15 19:13 - 2013-07-15 19:13 - 02347384 _____ (ESET) C:\Users\user\Desktop\esetsmartinstaller_enu.exe
2013-07-15 19:09 - 2009-07-14 12:54 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-07-15 19:09 - 2009-07-14 12:54 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-07-15 19:09 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-15 19:07 - 2013-05-30 14:28 - 00000000 ____D C:\ProgramData\MFAData
2013-07-15 19:07 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 19:07 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 19:01 - 2011-05-16 00:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-15 19:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 19:01 - 2009-07-14 06:51 - 00041596 _____ C:\Windows\setupact.log
2013-07-15 06:57 - 2013-07-15 06:57 - 00000000 ____D C:\Users\user\Desktop\Autoruns
2013-07-15 00:06 - 2013-07-15 00:05 - 00000752 _____ C:\Users\user\Desktop\JRT.txt
2013-07-15 00:00 - 2013-07-15 00:00 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 23:55 - 2013-07-14 23:55 - 00000723 _____ C:\Users\user\Desktop\AdwCleaner[S1].txt
2013-07-14 23:55 - 2011-05-10 03:05 - 00008194 _____ C:\Windows\PFRO.log
2013-07-14 23:53 - 2013-07-14 23:53 - 00000723 _____ C:\AdwCleaner[S1].txt
2013-07-14 23:51 - 2013-07-14 23:51 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-07-14 23:49 - 2013-07-14 23:49 - 00662345 _____ C:\Users\user\Desktop\adwcleaner.exe
2013-07-14 23:48 - 2013-06-02 21:51 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2013-07-14 22:59 - 2013-07-14 21:23 - 23727225 _____ C:\Users\user\Desktop\Lösung Übung TUK.rar
2013-07-14 21:57 - 2013-07-14 21:57 - 00026325 _____ C:\Users\user\Desktop\Combofix.txt
2013-07-14 21:53 - 2013-07-14 21:53 - 00026325 _____ C:\ComboFix.txt
2013-07-14 21:53 - 2013-07-14 21:32 - 00000000 ____D C:\Qoobox
2013-07-14 21:53 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-14 21:50 - 2013-07-14 21:32 - 00000000 ____D C:\Windows\erdnt
2013-07-14 21:43 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-14 21:36 - 2013-07-14 21:36 - 00000000 ____D C:\Users\user\Desktop\Übung_AdM
2013-07-14 21:30 - 2013-07-14 21:29 - 05088557 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2013-07-14 19:45 - 2013-07-14 19:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 19:44 - 2013-05-30 14:47 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-14 19:44 - 2013-05-30 14:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-14 19:10 - 2013-07-14 19:09 - 00016266 _____ C:\Users\user\Desktop\Addition.txt
2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST
2013-07-14 19:07 - 2013-07-14 19:07 - 01777839 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-07-14 19:01 - 2013-07-11 16:00 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-12 16:37 - 2013-07-12 16:37 - 00408838 _____ C:\Users\user\Desktop\gmer.log
2013-07-12 16:12 - 2013-07-12 16:12 - 00377856 _____ C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-07-12 16:03 - 2013-07-12 16:03 - 00081810 _____ C:\Users\user\Desktop\OTL.Txt
2013-07-12 16:03 - 2013-07-12 16:03 - 00055540 _____ C:\Users\user\Desktop\Extras.Txt
2013-07-12 15:52 - 2013-07-12 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-07-12 15:52 - 2013-07-12 15:51 - 00000470 _____ C:\Users\user\Downloads\defogger_disable.log
2013-07-12 15:51 - 2013-07-12 15:51 - 00050477 _____ C:\Users\user\Desktop\Defogger.exe
2013-07-12 15:51 - 2013-07-12 15:51 - 00000000 _____ C:\Users\user\defogger_reenable
2013-07-12 14:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-11 16:11 - 2013-07-11 16:10 - 22937227 _____ C:\Users\user\Downloads\vlc-2.0.7-win32.exe
2013-07-11 16:03 - 2013-05-30 14:40 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-11 16:00 - 2013-07-11 16:00 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-11 16:00 - 2013-07-11 16:00 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-11 15:59 - 2013-07-11 15:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-11 15:59 - 2013-07-11 15:58 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-11 15:54 - 2013-07-11 15:54 - 00000002 _____ C:\AvastSetup.log
2013-07-11 15:54 - 2013-07-11 15:53 - 06604352 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
2013-07-11 15:49 - 2013-07-11 15:47 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 15:48 - 2013-06-04 23:06 - 00000000 ____D C:\Users\Anna\Downloads\backups
2013-07-11 15:43 - 2013-07-10 21:09 - 00008334 _____ C:\Users\Anna\Downloads\hijackthis.log
2013-07-11 15:43 - 2013-05-22 15:45 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2013-07-10 23:17 - 2013-06-04 23:56 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Skype
2013-07-10 21:09 - 2013-06-02 22:28 - 00000000 ____D C:\Users\Anna\AppData\Local\VirtualStore
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 __RHD C:\Users\Anna\AppData\Roaming\SecuROM
2013-07-10 17:33 - 2009-07-14 06:45 - 00435296 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-10 17:32 - 2009-07-14 13:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 17:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 17:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-07 18:51 - 2013-07-07 18:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2013-07-07 18:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-07 17:56 - 2013-07-07 17:56 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101(1).exe
2013-07-07 17:51 - 2013-06-02 22:27 - 00000000 ____D C:\Users\Anna
2013-07-07 17:51 - 2011-05-10 02:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-07 17:51 - 2011-05-10 02:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-07 17:50 - 2011-05-10 02:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-07 17:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-07 17:36 - 2009-07-14 13:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-07 17:15 - 2013-07-07 17:15 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:15 - 2013-07-07 17:15 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:15 - 2013-07-07 17:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 17:15 - 2013-05-30 14:49 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-07 17:15 - 2013-05-30 14:49 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-07 17:14 - 2013-07-07 17:14 - 31714216 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-i586.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-07 17:12 - 2013-07-07 17:13 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-07 17:12 - 2013-07-07 17:13 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:12 - 2013-07-07 17:13 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:12 - 2013-07-07 17:12 - 00000000 ____D C:\Program Files\Java
2013-07-07 17:11 - 2013-07-07 17:11 - 33150376 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-7u25-windows-x64.exe
2013-07-07 17:09 - 2013-07-07 17:09 - 26728448 _____ C:\Users\user\Downloads\PhysX-9.12.1031-SystemSoftware.msi
2013-07-07 16:49 - 2013-07-07 16:49 - 00003002 _____ C:\Windows\System32\Tasks\{5DC30ED3-6969-4B61-BD86-89814C982B5E}
2013-07-07 16:48 - 2013-07-07 16:48 - 00001157 _____ C:\Users\user\Desktop\MirrorsEdge-MCE.lnk
2013-07-07 15:07 - 2013-06-26 19:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 15:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-07 15:04 - 2013-06-26 19:21 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2013-07-06 18:52 - 2013-07-06 18:52 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-07-06 18:52 - 2013-06-02 19:04 - 00395294 _____ C:\Windows\DirectX.log
2013-07-06 18:40 - 2013-07-04 18:23 - 00000000 ____D C:\Foldit
2013-07-04 23:27 - 2013-07-04 23:27 - 00001739 _____ C:\Users\user\Desktop\4. Semester - Verknüpfung.lnk
2013-07-04 21:37 - 2013-06-19 22:35 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-04 21:37 - 2013-06-09 01:11 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-04 18:23 - 2013-07-04 18:23 - 00001416 _____ C:\Users\Public\Desktop\Foldit.lnk
2013-07-04 18:23 - 2013-07-04 18:22 - 35728557 _____ C:\Users\user\Downloads\Foldit-win_x86.exe
2013-07-04 17:50 - 2013-06-09 01:11 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-30 20:31 - 2013-06-30 20:31 - 00000000 ____D C:\Windows\system32\appmgmt
2013-06-30 20:25 - 2013-06-30 20:25 - 00001843 _____ C:\Users\user\Desktop\Mines-PerfectPortable.exe.lnk
2013-06-30 20:23 - 2013-06-30 20:23 - 00000000 ____D C:\Users\user\Documents\EA Games
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 __RHD C:\Users\user\AppData\Roaming\SecuROM
2013-06-30 20:21 - 2013-06-30 20:21 - 00000000 ____D C:\Users\user\Desktop\EA Games
2013-06-30 20:15 - 2013-06-30 20:15 - 19712016 _____ (Macrovision Corporation) C:\Users\user\Downloads\mirrors_edge_patch_101.exe
2013-06-30 19:56 - 2013-06-30 19:56 - 00000000 ____D C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2013-06-28 12:47 - 2013-05-30 14:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-26 22:40 - 2013-06-11 19:50 - 00000000 ____D C:\Users\Anna\.gimp-2.8
2013-06-26 22:32 - 2013-06-26 22:32 - 00002118 _____ C:\Users\Anna\AppData\Local\recently-used.xbel
2013-06-26 21:21 - 2013-06-02 22:28 - 00000000 ____D C:\Users\Anna\AppData\Local\Avg2013
2013-06-26 20:55 - 2013-06-26 20:55 - 00000000 ____D C:\Windows\pss
2013-06-26 20:55 - 2013-05-22 15:45 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-06-26 20:42 - 2013-06-26 20:25 - 00000000 ____D C:\Users\Anna\Desktop\2013-06-26
2013-06-26 19:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-26 19:57 - 2013-06-26 19:44 - 00000317 _____ C:\ProgramData\hpzinstall.log
2013-06-26 19:53 - 2013-06-04 22:55 - 00115304 _____ C:\Users\Anna\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 19:44 - 2013-05-30 14:35 - 00115304 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 19:32 - 2013-06-26 19:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-26 19:31 - 2013-06-26 19:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-26 19:31 - 2009-07-14 13:17 - 00000000 ____D C:\Windows\ShellNew
2013-06-26 19:31 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-26 19:24 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-26 19:23 - 2013-06-26 19:23 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-26 19:23 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-26 19:22 - 2013-06-26 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-26 19:21 - 2013-06-26 19:21 - 00000000 ___RD C:\MSOCache
2013-06-26 19:16 - 2013-06-26 19:16 - 00000000 ____D C:\Users\user\AppData\Roaming\HP
2013-06-26 19:13 - 2013-06-26 19:13 - 00000000 ____D C:\Users\Anna\Desktop\OFFICE2010
2013-06-26 17:44 - 2013-06-26 17:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-24 20:30 - 2013-06-19 22:35 - 00000000 ____D C:\Users\user\AppData\Local\PunkBuster
2013-06-24 20:30 - 2013-06-02 19:08 - 00000000 ____D C:\Users\user\AppData\Roaming\Ubisoft
2013-06-24 00:57 - 2013-05-30 15:34 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-19 22:35 - 2013-06-12 19:28 - 00000000 ____D C:\Users\user\Documents\Assassin's Creed Revelations
2013-06-19 22:35 - 2013-06-09 01:11 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-18 06:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 21:07

==================== End Of Log ============================
         
--- --- ---

--- --- ---




Bisher keine weiteren Probleme mehr, nur ein paar Fragen:

Wie stark war mein PC verseucht deiner Meinung nach? Da er erst wenige Monate in Benutzung ist, macht es mir Sorgen, dass es schon so schnell Probleme gab.

Kann ic die verwendeten Programme jetzt alle löschen?

Darf ich die Programme adwcleaner und JRT auch zum überprüfen und automatischen Entfernen von Malware auf meinen anderen PCs benutzen?

Danke für deine Hilfe

Alt 16.07.2013, 07:12   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Zitat:
Wie stark war mein PC verseucht deiner Meinung nach? Da er erst wenige Monate in Benutzung ist, macht es mir Sorgen, dass es schon so schnell Probleme gab.
Adware, kommt meist beim Installieren von Programmen,wenn man nicht aufpasst.
Zitat:
Kann ic die verwendeten Programme jetzt alle löschen?
machen wir jetzt im Anschluss
Zitat:
Darf ich die Programme adwcleaner und JRT auch zum überprüfen und automatischen Entfernen von Malware auf meinen anderen PCs benutzen?
die werden jetzt entfernt, kannst Dir aber die Links oder die Seite filepony.de speichern, und sie dort bei Bedarf neu laden, dann sind sie auch aktuell.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.07.2013, 20:59   #13
annoukh
 
Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Jetzt ist alles wieder normal, nur hochfahren tut er ziemlich langsam.

DAnke für deine Hilfe ^^

Alt 19.07.2013, 09:25   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Spontanes Öffnen von Firefox während eines Spieles - Standard

Spontanes Öffnen von Firefox während eines Spieles



Gern Geschehen

Las mal TFC laufen wie beschrieben und räum den Autostart auf. zur Not mal testweise AV deinstallieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Spontanes Öffnen von Firefox während eines Spieles
adobe reader xi, antivirus, bho, browser, e-banking, error, excel, firefox, firefox atieclxx.exe, flash player, helper, hijack, hijack this, homepage, iexplore.exe, install.exe, installation, internet explorer, logfile, mozilla, plug-in, problem, realtek, registry, scan, security, senden, software, taskmanager, usb, visual studio, windows-explorer, wsearch



Ähnliche Themen: Spontanes Öffnen von Firefox während eines Spieles


  1. Ordner nach Update-Neustart während eines CCleaner-Prozesses
    Alles rund um Windows - 18.10.2015 (1)
  2. Windows 8 Evtl Malware nach Fehlklick während eines Livestreams
    Log-Analyse und Auswertung - 29.09.2015 (13)
  3. FF Anzeige unerwünschter Seite bei öffnen eines neuen Tab
    Plagegeister aller Art und deren Bekämpfung - 20.09.2015 (18)
  4. Windows 8.1 Firefox: Problem mit Werbeseiten, Werbung beim Öffnen eines neuen Tabs
    Log-Analyse und Auswertung - 24.02.2014 (9)
  5. Win7 und Mozilla firefox: Unerwünschte Werbung bei jedem Klick und öffnen eines neues Fensters
    Log-Analyse und Auswertung - 12.02.2014 (19)
  6. Trojaner - genügt Öffnen eines Zip-Mailanhangs?
    Plagegeister aller Art und deren Bekämpfung - 25.11.2013 (7)
  7. Vista 32bit: Adobe Flash Player funktioniert nicht mehrHallo, während eines Downloads und gleichzeitigem Spielens ist mein PC mit Bluescree
    Log-Analyse und Auswertung - 05.11.2013 (5)
  8. Beim Öffnen eines neuen Tabs in Firefox erscheint permanent Claro Search
    Plagegeister aller Art und deren Bekämpfung - 09.02.2013 (26)
  9. MyStart beim öffnen eines Chromefensters
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (3)
  10. Trojaner bei Öffnen eines angeblichen Kaufvertrages eingefangen
    Plagegeister aller Art und deren Bekämpfung - 04.06.2012 (23)
  11. Unerwünschtes Öffnen eines (Phishing) Links
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (3)
  12. Angehen eines Problems bei Firefox | Firefox arbeitet nicht mehr ordnungsgemäß.
    Alles rund um Windows - 23.06.2010 (4)
  13. Trojanermeldung beim Öffnen eines Internetbrowsers
    Plagegeister aller Art und deren Bekämpfung - 21.07.2009 (20)
  14. Pop Up bei öffnen eines ordners
    Mülltonne - 30.11.2008 (0)
  15. Virus Fehler beim Öffnen eines Ordners !!!
    Log-Analyse und Auswertung - 23.08.2008 (12)
  16. Vista mit Warnmeldungen beim Öffnen eines Ordners
    Plagegeister aller Art und deren Bekämpfung - 29.07.2008 (12)
  17. Virusmeldung beim öffnen eines ordners!!!
    Log-Analyse und Auswertung - 24.07.2008 (7)

Zum Thema Spontanes Öffnen von Firefox während eines Spieles - Während ich auf einem eingeschränkten Benutzerkonto ein Spiel im Vollbildmodus spielte, wechselte auf einmal die Bildschirmanzeige zum Windows-Explorer, genauer zu einem neu geöffneten Firefox-Fenster. Während ich das sah öffneten sich - Spontanes Öffnen von Firefox während eines Spieles...
Archiv
Du betrachtest: Spontanes Öffnen von Firefox während eines Spieles auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.