Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Problem mit dem Safesaver

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.01.2014, 17:06   #1
Naitsirch
 
Problem mit dem Safesaver - Standard

Problem mit dem Safesaver



Hallo zusammen,

habe einige Probleme mit Chrome. Es ist der SafeSaver-Virus und ein Addon das "NewSiaVer 1.1" heisst. Habe mal FRST drüberlaufen lassen und bitte Euch, da mal einen Blick drauf zu werfen.

System ist Windows 7 64 Bit und Chrome-Version 32.0.1700.76 m.

Hier das Log:
Zitat:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 02
Ran by Christian (administrator) on CHRISTIAN-PC on 27-01-2014 08:43:24
Running from C:\Users\Christian\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Valve Corporation) F:\Programme\Steam\Steam.exe
(AVM Berlin) C:\Users\Christian\AppData\Local\Apps\2.0\EYACQ913.WOT\14H727DA.263\frit..tion_8488884cfbcefd60_0002.0003_f308b4c1084cd0fd\fritzbox-usb-fernanschluss.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Electronic Arts) F:\Programme\Origin\Origin.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\spotify.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(AppWork GmbH) C:\Program Files (x86)\JDownloader 2\JDownloader 2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() F:\Programme\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() F:\Programme\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exe
() F:\Programme\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.68\deploy\LolClient.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Razer StarcraftII Driver] - C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] - F:\Programme\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Christian\AppData\Local\Apps\2.0\EYACQ913.WOT\14H727DA.263\frit..tion_8488884cfbcefd60_0002.0003_f308b4c1084cd0fd\AVMAutoStart.exe [139264 2012-12-14] (AVM Berlin)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKCU\...\Run: [Steam] - F:\Programme\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [EADM] - F:\Programme\Origin\Origin.exe [3551576 2013-11-21] (Electronic Arts)
HKCU\...\Run: [Spotify] - C:\Users\Christian\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-14] (Spotify Ltd)
MountPoints2: {42ae44d0-6876-11e1-ac1c-c86000002ab6} - E:\autorun.exe
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Jenny\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5C8B50A2ED26CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {99BC27D2-F902-47AF-9DD0-0318A8C47761} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: EuxstraSavaings - {58C53017-23B7-9274-45C0-A870D54B3741} - C:\ProgramData\EuxstraSavaings\H0.x64.dll No File
BHO: No Name - {C385781F-DDBA-B39A-7583-F796D0C830D5} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\CHRIST~1\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "type", 0
FF Keyword.URL: hxxp://www.google.de/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-02-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-02-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-02-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-22]

Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Extension: (No Name) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (No Name) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2013-08-24]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghfllpjdokbgncpodfihobhledndlmdb [2014-01-01]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdbpbfpcldeegniokancfjolgpjeofc [2013-09-13]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpccpcaielehgefaagocjkkgkafaabdp [2013-09-17]
CHR Extension: (FVD Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-03-08]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-07-20] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
S3 Microsoft SharePoint Workspace Audit Service; F:\Programme\Microsoft Office\Office14\GROOVE.EXE [30798512 2013-03-09] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-11-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-11-22] ()

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-13] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-13] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-13] ()
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-03-09] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-14] (AVM Berlin)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-26] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ALSysIO; \??\C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz135; \??\C:\Users\CHRIST~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 PROCEXP151; \??\C:\Windows\system32\Drivers\PROCEXP151.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 08:43 - 2014-01-27 08:43 - 00023880 _____ C:\Users\Christian\Desktop\FRST.txt
2014-01-26 22:16 - 2014-01-27 08:42 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-26 22:14 - 2014-01-26 22:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (2).exe
2014-01-26 21:24 - 2014-01-26 21:24 - 00000000 ____D C:\Users\Christian\AppData\Local\Anvisoft
2014-01-26 21:18 - 2014-01-27 08:43 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-26 21:10 - 2014-01-26 21:10 - 00000000 ____D C:\FRST
2014-01-26 21:09 - 2014-01-26 21:10 - 02078208 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2014-01-26 21:07 - 2014-01-26 21:07 - 01236282 _____ C:\Users\Christian\Desktop\AdwCleaner.exe
2014-01-26 21:02 - 2014-01-26 21:02 - 00000000 ____D C:\Windows\ERUNT
2014-01-25 14:24 - 2014-01-25 15:17 - 3192264704 _____ C:\Users\Christian\Desktop\X15-65741.iso
2014-01-24 18:55 - 2014-01-24 18:57 - 64010585 _____ C:\Users\Christian\Desktop\8820851129keyNjXXTioG3gQend1390600424dataWfUH165250BAreftag541216213210112891822557419mp4.mp4
2014-01-24 18:52 - 2014-01-24 18:52 - 02379143 _____ C:\Users\Christian\Desktop\AzHotPorncom - Beautiful Hip and Leg of Tall Asian Woman - XVIDEOSCOM.flv
2014-01-24 18:32 - 2014-01-24 18:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (1).exe
2014-01-19 22:19 - 2014-01-19 22:19 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-19 22:17 - 2014-01-19 22:18 - 37739976 _____ (Google Inc.) C:\Users\Christian\Desktop\ChromeStandalone32Setup.exe
2014-01-17 19:38 - 2014-01-27 08:38 - 00002016 _____ C:\Windows\setupact.log
2014-01-17 19:38 - 2014-01-20 22:14 - 00001154 _____ C:\Windows\PFRO.log
2014-01-17 19:38 - 2014-01-17 19:38 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:28 - 2014-01-17 19:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-16 18:33 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 18:33 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 18:33 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 18:34 - 2014-01-14 18:42 - 82572688 _____ C:\Users\Christian\Desktop\malesubmission - Domme Boots Trample slaves cock Two - EroProfile.mp4
2014-01-12 21:02 - 2014-01-17 19:29 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-12 21:00 - 2014-01-12 21:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (1).exe
2014-01-10 11:00 - 2014-01-10 11:00 - 00000000 ____D C:\Users\Christian\AppData\Roaming\LavasoftStatistics
2014-01-10 09:13 - 2014-01-10 09:13 - 00002305 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-01-10 09:12 - 2014-01-10 09:12 - 00000085 _____ C:\Windows\wininit.ini
2014-01-10 09:11 - 2014-01-10 09:11 - 01725064 _____ C:\Users\Christian\Desktop\Adaware_Installer_11.1.exe
2014-01-10 09:11 - 2014-01-10 09:11 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-10 09:06 - 2014-01-11 21:26 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-10 09:06 - 2014-01-10 09:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-10 09:06 - 2014-01-10 09:06 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-10 09:02 - 2014-01-10 09:04 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Christian\Desktop\spybot-2.2.25.exe
2014-01-08 15:19 - 2014-01-08 15:19 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-08 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-08 15:15 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00451872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstusb.sys
2014-01-08 15:15 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-08 15:15 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-08 15:15 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-08 15:15 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-08 15:15 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-08 15:15 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 14:45 - 2014-01-08 14:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-08 14:01 - 2014-01-08 14:06 - 262041840 _____ (NVIDIA Corporation) C:\Users\Christian\Desktop\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-01-08 12:16 - 2014-01-08 12:16 - 00000000 _____ C:\autoexec.bat
2014-01-08 12:15 - 2014-01-08 14:45 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-08 12:15 - 2014-01-08 12:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-08 12:12 - 2014-01-08 12:12 - 00003182 _____ C:\Windows\System32\Tasks\{7C0A1FE8-960B-4093-AA26-ADFD9DC8072B}
2014-01-07 17:44 - 2014-01-07 17:45 - 35143116 _____ C:\Users\Christian\Desktop\Japanese girls in white boots torture cock - xHamstercom.flv
2014-01-07 17:35 - 2014-01-07 17:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer.exe
2014-01-07 12:50 - 2014-01-07 12:50 - 00052572 _____ C:\Windows\Cmicnfgp.ini.cfl
2014-01-07 12:50 - 2014-01-07 12:50 - 00000985 _____ C:\Windows\Cmicnfgp.ini.imi
2014-01-07 12:50 - 2014-01-07 12:50 - 00000924 _____ C:\Windows\system\Cmicnfgp.ini
2014-01-07 12:50 - 2014-01-07 12:50 - 00000142 _____ C:\Windows\system\Dlap.pfx
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ASUS
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files\ASUS Xonar Essence STX Audio
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-07 12:50 - 2013-03-28 11:23 - 00004986 ____N C:\Windows\Cmicnfgp.ini.cfg
2014-01-07 12:50 - 2013-03-21 10:11 - 00827904 ____N C:\Windows\system32\Cmeauoxy.exe
2014-01-07 12:50 - 2012-11-20 11:24 - 12935168 ____N (C-Media Corporation) C:\Windows\SysWOW64\CmiCnfgp.dll
2014-01-07 12:50 - 2012-09-28 15:45 - 00465408 ____N (C-Media Electronics Inc.) C:\Windows\system32\cmasiopx.dll
2014-01-07 12:50 - 2012-09-28 15:45 - 00303104 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\cmasiop.dll
2014-01-07 12:50 - 2012-06-06 09:56 - 00143360 ____N C:\Windows\SysWOW64\VmixP8.dll
2014-01-07 12:50 - 2012-06-04 14:15 - 04533760 ____N C:\Windows\system32\CmiCnfgp.cpl
2014-01-07 12:50 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv2.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv642.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv64.dll
2014-01-07 12:50 - 2010-09-28 17:35 - 00000491 ____N C:\Windows\cmudaxp.ini
2014-01-07 12:50 - 2010-06-25 12:25 - 00000061 ____N C:\Windows\system32\cmasiopx.ini
2014-01-07 12:50 - 2010-06-25 12:25 - 00000057 ____N C:\Windows\SysWOW64\cmasiop.ini
2014-01-07 12:50 - 2009-08-19 16:00 - 00359424 ____N C:\Windows\system32\CmiInstallResAll64.dll
2014-01-07 12:50 - 2008-07-11 15:04 - 00200704 ____N C:\Windows\SysWOW64\HsMgr.exe
2014-01-07 12:50 - 2008-07-11 15:03 - 00282112 ____N C:\Windows\system\HsMgr64.exe
2014-01-07 12:50 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\SysWOW64\Cm_Oal.dll
2014-01-07 12:50 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\system32\Cm_Oal.dll
2014-01-07 12:50 - 2007-11-05 01:30 - 01144983 ____N C:\Windows\KB936225x64.msu
2014-01-07 12:50 - 2006-10-06 05:45 - 00524768 _____ (Microsoft Corporation) C:\Windows\difxapi.dll
2014-01-07 12:50 - 2006-09-13 10:21 - 00200704 ____N (C-Media) C:\Windows\SysWOW64\Cmpaoxy.dll
2014-01-07 12:49 - 2013-06-07 15:50 - 00000000 ____D C:\Users\Christian\Desktop\STX-1.06(W7-QR)
2014-01-07 12:49 - 2013-04-11 19:21 - 02734080 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudaxp.sys
2014-01-07 12:49 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\SysWOW64\CmiFltr.dll
2014-01-07 12:49 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\system\CmiFltr.dll
2014-01-07 12:49 - 2013-04-11 19:21 - 00032768 _____ (C-Media Electronics Inc.) C:\Windows\system32\cmudaxp.dll
2014-01-07 12:40 - 2014-01-07 12:41 - 11797337 _____ C:\Users\Christian\Desktop\PCI_STX_7_0_8_1821_Win7.rar
2014-01-07 12:39 - 2014-01-26 22:11 - 00000000 ____D C:\AdwCleaner
2014-01-01 23:47 - 2014-01-01 23:47 - 00000000 ____D C:\ProgramData\caclggnefeonhpfllpjfgiiciglaphki
2014-01-01 23:46 - 2014-01-10 18:43 - 00000000 ____D C:\ProgramData\EuxstraSavaings
2014-01-01 23:46 - 2014-01-01 23:47 - 00000000 ____D C:\ProgramData\1a94de5c6e97b406
2013-12-31 00:56 - 2014-01-08 15:19 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA Corporation
2013-12-31 00:26 - 2013-12-31 00:26 - 03821064 _____ C:\Users\Christian\Desktop\battlelog-web-plugins_2.3.2_130.exe

==================== One Month Modified Files and Folders =======

2014-01-27 08:43 - 2014-01-27 08:43 - 00023880 _____ C:\Users\Christian\Desktop\FRST.txt
2014-01-27 08:43 - 2014-01-26 21:18 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-27 08:42 - 2014-01-26 22:16 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-27 08:41 - 2012-07-10 19:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-27 08:41 - 2012-01-31 23:22 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2014-01-27 08:38 - 2014-01-17 19:38 - 00002016 _____ C:\Windows\setupact.log
2014-01-27 08:38 - 2013-03-20 22:27 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2014-01-27 08:38 - 2013-01-12 23:23 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 08:38 - 2012-08-28 10:35 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Spotify
2014-01-27 08:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 08:37 - 2013-01-30 23:11 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-26 23:58 - 2012-01-31 22:30 - 01623547 _____ C:\Windows\WindowsUpdate.log
2014-01-26 23:00 - 2013-01-12 23:23 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-26 22:20 - 2009-07-14 05:45 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 22:20 - 2009-07-14 05:45 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 22:19 - 2009-07-14 18:58 - 00712396 _____ C:\Windows\system32\perfh007.dat
2014-01-26 22:19 - 2009-07-14 18:58 - 00155486 _____ C:\Windows\system32\perfc007.dat
2014-01-26 22:19 - 2009-07-14 06:13 - 01651686 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-26 22:16 - 2012-02-18 16:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2014-01-26 22:14 - 2014-01-26 22:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (2).exe
2014-01-26 22:11 - 2014-01-07 12:39 - 00000000 ____D C:\AdwCleaner
2014-01-26 21:24 - 2014-01-26 21:24 - 00000000 ____D C:\Users\Christian\AppData\Local\Anvisoft
2014-01-26 21:10 - 2014-01-26 21:10 - 00000000 ____D C:\FRST
2014-01-26 21:10 - 2014-01-26 21:09 - 02078208 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2014-01-26 21:07 - 2014-01-26 21:07 - 01236282 _____ C:\Users\Christian\Desktop\AdwCleaner.exe
2014-01-26 21:02 - 2014-01-26 21:02 - 00000000 ____D C:\Windows\ERUNT
2014-01-25 15:17 - 2014-01-25 14:24 - 3192264704 _____ C:\Users\Christian\Desktop\X15-65741.iso
2014-01-24 18:57 - 2014-01-24 18:55 - 64010585 _____ C:\Users\Christian\Desktop\8820851129keyNjXXTioG3gQend1390600424dataWfUH165250BAreftag541216213210112891822557419mp4.mp4
2014-01-24 18:52 - 2014-01-24 18:52 - 02379143 _____ C:\Users\Christian\Desktop\AzHotPorncom - Beautiful Hip and Leg of Tall Asian Woman - XVIDEOSCOM.flv
2014-01-24 18:33 - 2014-01-24 18:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (1).exe
2014-01-20 22:21 - 2012-08-28 10:35 - 00000000 ____D C:\Users\Christian\AppData\Local\Spotify
2014-01-20 22:21 - 2012-03-22 20:10 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2014-01-20 22:14 - 2014-01-17 19:38 - 00001154 _____ C:\Windows\PFRO.log
2014-01-19 22:19 - 2014-01-19 22:19 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-19 22:19 - 2012-03-22 20:10 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-19 22:18 - 2014-01-19 22:17 - 37739976 _____ (Google Inc.) C:\Users\Christian\Desktop\ChromeStandalone32Setup.exe
2014-01-17 20:19 - 2012-02-01 18:19 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-17 20:04 - 2012-02-01 18:19 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-17 19:57 - 2012-01-31 22:58 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Winamp
2014-01-17 19:38 - 2014-01-17 19:38 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:38 - 2012-12-02 19:11 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-17 19:37 - 2012-01-31 22:30 - 00000000 ____D C:\Users\Christian
2014-01-17 19:32 - 2013-08-15 13:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\uTorrent
2014-01-17 19:32 - 2012-03-07 19:48 - 00000000 ____D C:\Users\Christian\AppData\Roaming\DAEMON Tools Lite
2014-01-17 19:32 - 2012-02-05 19:32 - 00000000 ____D C:\Windows\Minidump
2014-01-17 19:32 - 2012-02-01 05:23 - 00000000 ____D C:\Windows\Panther
2014-01-17 19:32 - 2012-01-31 23:29 - 00000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2014-01-17 19:32 - 2012-01-31 22:55 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2014-01-17 19:29 - 2014-01-12 21:02 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-17 19:29 - 2013-12-06 03:03 - 00000000 ____D C:\Users\Christian\AppData\Local\Unity
2014-01-17 19:29 - 2012-04-10 20:06 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-17 19:28 - 2014-01-17 19:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-17 19:28 - 2013-01-30 23:03 - 00000000 ____D C:\Program Files\CCleaner
2014-01-17 17:27 - 2009-07-14 05:45 - 00353072 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 00:18 - 2013-08-14 20:41 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 00:17 - 2012-01-31 23:27 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 00:14 - 2013-10-15 22:09 - 00000000 ____D C:\Users\Christian\AppData\Local\Battle.net
2014-01-14 18:42 - 2014-01-14 18:34 - 82572688 _____ C:\Users\Christian\Desktop\malesubmission - Domme Boots Trample slaves cock Two - EroProfile.mp4
2014-01-12 21:00 - 2014-01-12 21:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (1).exe
2014-01-11 21:26 - 2014-01-10 09:06 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-10 18:43 - 2014-01-01 23:46 - 00000000 ____D C:\ProgramData\EuxstraSavaings
2014-01-10 11:00 - 2014-01-10 11:00 - 00000000 ____D C:\Users\Christian\AppData\Roaming\LavasoftStatistics
2014-01-10 09:13 - 2014-01-10 09:13 - 00002305 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-01-10 09:12 - 2014-01-10 09:12 - 00000085 _____ C:\Windows\wininit.ini
2014-01-10 09:12 - 2014-01-10 09:06 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-10 09:11 - 2014-01-10 09:11 - 01725064 _____ C:\Users\Christian\Desktop\Adaware_Installer_11.1.exe
2014-01-10 09:11 - 2014-01-10 09:11 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-10 09:06 - 2014-01-10 09:06 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-10 09:04 - 2014-01-10 09:02 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Christian\Desktop\spybot-2.2.25.exe
2014-01-08 15:19 - 2014-01-08 15:19 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-08 15:19 - 2013-12-31 00:56 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA Corporation
2014-01-08 15:19 - 2013-10-23 16:21 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA
2014-01-08 15:19 - 2013-02-06 20:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-08 15:17 - 2012-01-31 22:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-08 15:17 - 2012-01-31 22:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-08 14:45 - 2014-01-08 12:15 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-08 14:06 - 2014-01-08 14:01 - 262041840 _____ (NVIDIA Corporation) C:\Users\Christian\Desktop\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-01-08 12:16 - 2014-01-08 12:16 - 00000000 _____ C:\autoexec.bat
2014-01-08 12:15 - 2014-01-08 12:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-08 12:12 - 2014-01-08 12:12 - 00003182 _____ C:\Windows\System32\Tasks\{7C0A1FE8-960B-4093-AA26-ADFD9DC8072B}
2014-01-07 17:45 - 2014-01-07 17:44 - 35143116 _____ C:\Users\Christian\Desktop\Japanese girls in white boots torture cock - xHamstercom.flv
2014-01-07 17:35 - 2014-01-07 17:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer.exe
2014-01-07 13:46 - 2013-01-16 19:58 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-07 12:50 - 2014-01-07 12:50 - 00052572 _____ C:\Windows\Cmicnfgp.ini.cfl
2014-01-07 12:50 - 2014-01-07 12:50 - 00000985 _____ C:\Windows\Cmicnfgp.ini.imi
2014-01-07 12:50 - 2014-01-07 12:50 - 00000924 _____ C:\Windows\system\Cmicnfgp.ini
2014-01-07 12:50 - 2014-01-07 12:50 - 00000142 _____ C:\Windows\system\Dlap.pfx
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ASUS
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files\ASUS Xonar Essence STX Audio
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-07 12:50 - 2012-04-30 20:49 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00111616 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00102400 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-01-07 12:50 - 2012-01-31 23:06 - 00091496 _____ C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-07 12:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2014-01-07 12:44 - 2013-02-27 15:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-07 12:41 - 2014-01-07 12:40 - 11797337 _____ C:\Users\Christian\Desktop\PCI_STX_7_0_8_1821_Win7.rar
2014-01-07 11:42 - 2013-11-03 20:04 - 00000000 ____D C:\Windows\AutoKMS
2014-01-07 10:40 - 2012-08-26 14:14 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-01 23:47 - 2014-01-01 23:47 - 00000000 ____D C:\ProgramData\caclggnefeonhpfllpjfgiiciglaphki
2014-01-01 23:47 - 2014-01-01 23:46 - 00000000 ____D C:\ProgramData\1a94de5c6e97b406
2013-12-31 00:27 - 2013-05-04 08:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-12-31 00:26 - 2013-12-31 00:26 - 03821064 _____ C:\Users\Christian\Desktop\battlelog-web-plugins_2.3.2_130.exe
2013-12-30 23:14 - 2012-03-22 21:23 - 01628774 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe
C:\Users\Christian\AppData\Local\Temp\SHSetup.exe
C:\Users\Jenny\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 14:53

==================== End Of Log ============================
Danke schonmal jetzt :-)

Gruss
Christian

Alt 27.01.2014, 23:11   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Problem mit dem Safesaver - Standard

Problem mit dem Safesaver



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Alt 28.01.2014, 19:57   #3
Naitsirch
 
Problem mit dem Safesaver - Standard

Problem mit dem Safesaver



Malwarebyteslog:
Zitat:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.28.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Christian :: CHRISTIAN-PC [Administrator]

Schutz: Deaktiviert

28.01.2014 18:04:57
mbam-log-2014-01-28 (18-04-57).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 443196
Laufzeit: 19 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
ADWCleanerlog:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.017 - Bericht erstellt am 26/01/2014 um 22:11:16
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Christian - CHRISTIAN-PC
# Gestartet von : C:\Users\Christian\Desktop\AdwCleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v19.0 (de)

[ Datei : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gfrh7vdi.default\prefs.js ]


[ Datei : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\prefs.js ]


[ Datei : C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\z1p8rde6.default\prefs.js ]


-\\ Google Chrome v32.0.1700.76

[ Datei : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [39460 octets] - [07/01/2014 12:41:38]
AdwCleaner[R1].txt - [1262 octets] - [08/01/2014 12:11:38]
AdwCleaner[R2].txt - [1394 octets] - [26/01/2014 22:09:45]
AdwCleaner[S0].txt - [37921 octets] - [07/01/2014 12:43:28]
AdwCleaner[S1].txt - [1323 octets] - [08/01/2014 12:12:40]
AdwCleaner[S2].txt - [1315 octets] - [26/01/2014 22:11:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1375 octets] ##########
         
--- --- ---


Jungwaretoollog:
Zitat:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Christian on 28.01.2014 at 19:07:42,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.01.2014 at 19:55:56,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST-Log:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Christian (administrator) on CHRISTIAN-PC on 28-01-2014 19:56:43
Running from C:\Users\Christian\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Windows\SysWOW64\HsMgr.exe
(CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Windows\system\HsMgr64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(AVM Berlin) C:\Users\Christian\AppData\Local\Apps\2.0\EYACQ913.WOT\14H727DA.263\frit..tion_8488884cfbcefd60_0002.0003_f308b4c1084cd0fd\fritzbox-usb-fernanschluss.exe
(Valve Corporation) F:\Programme\Steam\Steam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Electronic Arts) F:\Programme\Origin\Origin.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\spotify.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(AppWork GmbH) C:\Program Files (x86)\JDownloader 2\JDownloader 2.exe
() F:\Programme\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() F:\Programme\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exe
() F:\Programme\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.68\deploy\LolClient.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Program Files\WinRAR\WinRAR.exe
() C:\Program Files\WinRAR\WinRAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Razer StarcraftII Driver] - C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] - F:\Programme\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Christian\AppData\Local\Apps\2.0\EYACQ913.WOT\14H727DA.263\frit..tion_8488884cfbcefd60_0002.0003_f308b4c1084cd0fd\AVMAutoStart.exe [139264 2012-12-14] (AVM Berlin)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKCU\...\Run: [Steam] - F:\Programme\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [EADM] - F:\Programme\Origin\Origin.exe [3551576 2013-11-21] (Electronic Arts)
HKCU\...\Run: [Spotify] - C:\Users\Christian\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-14] (Spotify Ltd)
MountPoints2: {42ae44d0-6876-11e1-ac1c-c86000002ab6} - E:\autorun.exe
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Jenny\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5C8B50A2ED26CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {99BC27D2-F902-47AF-9DD0-0318A8C47761} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: EuxstraSavaings - {58C53017-23B7-9274-45C0-A870D54B3741} - C:\ProgramData\EuxstraSavaings\H0.x64.dll No File
BHO: No Name - {C385781F-DDBA-B39A-7583-F796D0C830D5} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\CHRIST~1\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "type", 0
FF Keyword.URL: hxxp://www.google.de/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-02-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-02-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-02-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-22]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2013-08-24]
CHR Extension: (FVD Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-03-08]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-07-20] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
S3 Microsoft SharePoint Workspace Audit Service; F:\Programme\Microsoft Office\Office14\GROOVE.EXE [30798512 2013-03-09] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-11-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-11-22] ()

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-13] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-13] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-13] ()
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-03-09] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-14] (AVM Berlin)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-26] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ALSysIO; \??\C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz135; \??\C:\Users\CHRIST~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 PROCEXP151; \??\C:\Windows\system32\Drivers\PROCEXP151.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 19:56 - 2014-01-28 19:56 - 00000000 ____D C:\Users\Christian\Desktop\FRST-OlderVersion
2014-01-28 19:55 - 2014-01-28 19:55 - 00000629 _____ C:\Users\Christian\Desktop\JRT.txt
2014-01-28 18:04 - 2014-01-28 18:04 - 01037068 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-01-28 18:03 - 2014-01-28 18:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (2).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 01166132 _____ C:\Users\Christian\Desktop\adwcleaner (1).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 18:03 - 2014-01-28 18:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 18:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-27 08:43 - 2014-01-28 19:56 - 00022524 _____ C:\Users\Christian\Desktop\FRST.txt
2014-01-26 22:16 - 2014-01-27 08:42 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-26 22:14 - 2014-01-26 22:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (2).exe
2014-01-26 21:24 - 2014-01-26 21:24 - 00000000 ____D C:\Users\Christian\AppData\Local\Anvisoft
2014-01-26 21:18 - 2014-01-27 08:43 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-26 21:10 - 2014-01-28 19:56 - 00000000 ____D C:\FRST
2014-01-26 21:09 - 2014-01-28 19:56 - 02079232 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2014-01-26 21:07 - 2014-01-26 21:07 - 01236282 _____ C:\Users\Christian\Desktop\AdwCleaner.exe
2014-01-26 21:02 - 2014-01-26 21:02 - 00000000 ____D C:\Windows\ERUNT
2014-01-25 14:24 - 2014-01-25 15:17 - 3192264704 _____ C:\Users\Christian\Desktop\X15-65741.iso
2014-01-24 18:55 - 2014-01-24 18:57 - 64010585 _____ C:\Users\Christian\Desktop\8820851129keyNjXXTioG3gQend1390600424dataWfUH165250BAreftag541216213210112891822557419mp4.mp4
2014-01-24 18:52 - 2014-01-24 18:52 - 02379143 _____ C:\Users\Christian\Desktop\AzHotPorncom - Beautiful Hip and Leg of Tall Asian Woman - XVIDEOSCOM.flv
2014-01-24 18:32 - 2014-01-24 18:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (1).exe
2014-01-19 22:19 - 2014-01-19 22:19 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-19 22:17 - 2014-01-19 22:18 - 37739976 _____ (Google Inc.) C:\Users\Christian\Desktop\ChromeStandalone32Setup.exe
2014-01-17 19:38 - 2014-01-28 17:54 - 00002352 _____ C:\Windows\setupact.log
2014-01-17 19:38 - 2014-01-27 22:17 - 00001734 _____ C:\Windows\PFRO.log
2014-01-17 19:38 - 2014-01-17 19:38 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:28 - 2014-01-17 19:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-16 18:33 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 18:33 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 18:33 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 18:34 - 2014-01-14 18:42 - 82572688 _____ C:\Users\Christian\Desktop\malesubmission - Domme Boots Trample slaves cock Two - EroProfile.mp4
2014-01-12 21:02 - 2014-01-17 19:29 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-12 21:00 - 2014-01-12 21:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (1).exe
2014-01-10 11:00 - 2014-01-10 11:00 - 00000000 ____D C:\Users\Christian\AppData\Roaming\LavasoftStatistics
2014-01-10 09:13 - 2014-01-10 09:13 - 00002305 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-01-10 09:12 - 2014-01-10 09:12 - 00000085 _____ C:\Windows\wininit.ini
2014-01-10 09:11 - 2014-01-10 09:11 - 01725064 _____ C:\Users\Christian\Desktop\Adaware_Installer_11.1.exe
2014-01-10 09:11 - 2014-01-10 09:11 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-10 09:06 - 2014-01-11 21:26 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-10 09:06 - 2014-01-10 09:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-10 09:06 - 2014-01-10 09:06 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-10 09:02 - 2014-01-10 09:04 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Christian\Desktop\spybot-2.2.25.exe
2014-01-08 15:19 - 2014-01-08 15:19 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-08 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-08 15:15 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00451872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstusb.sys
2014-01-08 15:15 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-08 15:15 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-08 15:15 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-08 15:15 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-08 15:15 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-08 15:15 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 14:45 - 2014-01-08 14:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-08 14:01 - 2014-01-08 14:06 - 262041840 _____ (NVIDIA Corporation) C:\Users\Christian\Desktop\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-01-08 12:16 - 2014-01-08 12:16 - 00000000 _____ C:\autoexec.bat
2014-01-08 12:15 - 2014-01-08 14:45 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-08 12:15 - 2014-01-08 12:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-08 12:12 - 2014-01-08 12:12 - 00003182 _____ C:\Windows\System32\Tasks\{7C0A1FE8-960B-4093-AA26-ADFD9DC8072B}
2014-01-07 17:44 - 2014-01-07 17:45 - 35143116 _____ C:\Users\Christian\Desktop\Japanese girls in white boots torture cock - xHamstercom.flv
2014-01-07 17:35 - 2014-01-07 17:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer.exe
2014-01-07 12:50 - 2014-01-07 12:50 - 00052572 _____ C:\Windows\Cmicnfgp.ini.cfl
2014-01-07 12:50 - 2014-01-07 12:50 - 00000985 _____ C:\Windows\Cmicnfgp.ini.imi
2014-01-07 12:50 - 2014-01-07 12:50 - 00000924 _____ C:\Windows\system\Cmicnfgp.ini
2014-01-07 12:50 - 2014-01-07 12:50 - 00000142 _____ C:\Windows\system\Dlap.pfx
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ASUS
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files\ASUS Xonar Essence STX Audio
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-07 12:50 - 2013-03-28 11:23 - 00004986 ____N C:\Windows\Cmicnfgp.ini.cfg
2014-01-07 12:50 - 2013-03-21 10:11 - 00827904 ____N C:\Windows\system32\Cmeauoxy.exe
2014-01-07 12:50 - 2012-11-20 11:24 - 12935168 ____N (C-Media Corporation) C:\Windows\SysWOW64\CmiCnfgp.dll
2014-01-07 12:50 - 2012-09-28 15:45 - 00465408 ____N (C-Media Electronics Inc.) C:\Windows\system32\cmasiopx.dll
2014-01-07 12:50 - 2012-09-28 15:45 - 00303104 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\cmasiop.dll
2014-01-07 12:50 - 2012-06-06 09:56 - 00143360 ____N C:\Windows\SysWOW64\VmixP8.dll
2014-01-07 12:50 - 2012-06-04 14:15 - 04533760 ____N C:\Windows\system32\CmiCnfgp.cpl
2014-01-07 12:50 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv2.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv642.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv64.dll
2014-01-07 12:50 - 2010-09-28 17:35 - 00000491 ____N C:\Windows\cmudaxp.ini
2014-01-07 12:50 - 2010-06-25 12:25 - 00000061 ____N C:\Windows\system32\cmasiopx.ini
2014-01-07 12:50 - 2010-06-25 12:25 - 00000057 ____N C:\Windows\SysWOW64\cmasiop.ini
2014-01-07 12:50 - 2009-08-19 16:00 - 00359424 ____N C:\Windows\system32\CmiInstallResAll64.dll
2014-01-07 12:50 - 2008-07-11 15:04 - 00200704 ____N C:\Windows\SysWOW64\HsMgr.exe
2014-01-07 12:50 - 2008-07-11 15:03 - 00282112 ____N C:\Windows\system\HsMgr64.exe
2014-01-07 12:50 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\SysWOW64\Cm_Oal.dll
2014-01-07 12:50 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\system32\Cm_Oal.dll
2014-01-07 12:50 - 2007-11-05 01:30 - 01144983 ____N C:\Windows\KB936225x64.msu
2014-01-07 12:50 - 2006-10-06 05:45 - 00524768 _____ (Microsoft Corporation) C:\Windows\difxapi.dll
2014-01-07 12:50 - 2006-09-13 10:21 - 00200704 ____N (C-Media) C:\Windows\SysWOW64\Cmpaoxy.dll
2014-01-07 12:49 - 2013-06-07 15:50 - 00000000 ____D C:\Users\Christian\Desktop\STX-1.06(W7-QR)
2014-01-07 12:49 - 2013-04-11 19:21 - 02734080 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudaxp.sys
2014-01-07 12:49 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\SysWOW64\CmiFltr.dll
2014-01-07 12:49 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\system\CmiFltr.dll
2014-01-07 12:49 - 2013-04-11 19:21 - 00032768 _____ (C-Media Electronics Inc.) C:\Windows\system32\cmudaxp.dll
2014-01-07 12:40 - 2014-01-07 12:41 - 11797337 _____ C:\Users\Christian\Desktop\PCI_STX_7_0_8_1821_Win7.rar
2014-01-07 12:39 - 2014-01-28 19:02 - 00000000 ____D C:\AdwCleaner
2014-01-01 23:47 - 2014-01-01 23:47 - 00000000 ____D C:\ProgramData\caclggnefeonhpfllpjfgiiciglaphki
2014-01-01 23:46 - 2014-01-10 18:43 - 00000000 ____D C:\ProgramData\EuxstraSavaings
2014-01-01 23:46 - 2014-01-01 23:47 - 00000000 ____D C:\ProgramData\1a94de5c6e97b406
2013-12-31 00:56 - 2014-01-08 15:19 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA Corporation
2013-12-31 00:26 - 2013-12-31 00:26 - 03821064 _____ C:\Users\Christian\Desktop\battlelog-web-plugins_2.3.2_130.exe

==================== One Month Modified Files and Folders =======

2014-01-28 19:56 - 2014-01-28 19:56 - 00000000 ____D C:\Users\Christian\Desktop\FRST-OlderVersion
2014-01-28 19:56 - 2014-01-27 08:43 - 00022524 _____ C:\Users\Christian\Desktop\FRST.txt
2014-01-28 19:56 - 2014-01-26 21:10 - 00000000 ____D C:\FRST
2014-01-28 19:56 - 2014-01-26 21:09 - 02079232 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2014-01-28 19:55 - 2014-01-28 19:55 - 00000629 _____ C:\Users\Christian\Desktop\JRT.txt
2014-01-28 19:41 - 2012-07-10 19:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 19:02 - 2014-01-07 12:39 - 00000000 ____D C:\AdwCleaner
2014-01-28 19:01 - 2012-01-31 23:29 - 00000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2014-01-28 19:00 - 2013-01-12 23:23 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 18:10 - 2012-01-31 23:22 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2014-01-28 18:04 - 2014-01-28 18:04 - 01037068 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-01-28 18:03 - 2014-01-28 18:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (2).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 01166132 _____ C:\Users\Christian\Desktop\adwcleaner (1).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 18:03 - 2014-01-28 18:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 18:02 - 2013-03-20 22:27 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2014-01-28 18:01 - 2009-07-14 05:45 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 18:01 - 2009-07-14 05:45 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 18:00 - 2013-01-12 23:23 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-28 18:00 - 2012-08-28 10:35 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Spotify
2014-01-28 17:59 - 2012-01-31 22:30 - 01685993 _____ C:\Windows\WindowsUpdate.log
2014-01-28 17:58 - 2009-07-14 18:58 - 00712396 _____ C:\Windows\system32\perfh007.dat
2014-01-28 17:58 - 2009-07-14 18:58 - 00155486 _____ C:\Windows\system32\perfc007.dat
2014-01-28 17:58 - 2009-07-14 06:13 - 01651686 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 17:54 - 2014-01-17 19:38 - 00002352 _____ C:\Windows\setupact.log
2014-01-28 17:54 - 2013-01-30 23:11 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-28 17:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 22:17 - 2014-01-17 19:38 - 00001734 _____ C:\Windows\PFRO.log
2014-01-27 22:17 - 2012-08-26 14:14 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-27 17:13 - 2012-02-18 16:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2014-01-27 10:54 - 2012-01-31 22:58 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Winamp
2014-01-27 08:43 - 2014-01-26 21:18 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-27 08:42 - 2014-01-26 22:16 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-26 22:14 - 2014-01-26 22:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (2).exe
2014-01-26 21:24 - 2014-01-26 21:24 - 00000000 ____D C:\Users\Christian\AppData\Local\Anvisoft
2014-01-26 21:07 - 2014-01-26 21:07 - 01236282 _____ C:\Users\Christian\Desktop\AdwCleaner.exe
2014-01-26 21:02 - 2014-01-26 21:02 - 00000000 ____D C:\Windows\ERUNT
2014-01-25 15:17 - 2014-01-25 14:24 - 3192264704 _____ C:\Users\Christian\Desktop\X15-65741.iso
2014-01-24 18:57 - 2014-01-24 18:55 - 64010585 _____ C:\Users\Christian\Desktop\8820851129keyNjXXTioG3gQend1390600424dataWfUH165250BAreftag541216213210112891822557419mp4.mp4
2014-01-24 18:52 - 2014-01-24 18:52 - 02379143 _____ C:\Users\Christian\Desktop\AzHotPorncom - Beautiful Hip and Leg of Tall Asian Woman - XVIDEOSCOM.flv
2014-01-24 18:33 - 2014-01-24 18:32 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (1).exe
2014-01-20 22:21 - 2012-08-28 10:35 - 00000000 ____D C:\Users\Christian\AppData\Local\Spotify
2014-01-20 22:21 - 2012-03-22 20:10 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2014-01-19 22:19 - 2014-01-19 22:19 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-19 22:19 - 2012-03-22 20:10 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-19 22:18 - 2014-01-19 22:17 - 37739976 _____ (Google Inc.) C:\Users\Christian\Desktop\ChromeStandalone32Setup.exe
2014-01-17 20:19 - 2012-02-01 18:19 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-17 20:04 - 2012-02-01 18:19 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-17 19:38 - 2014-01-17 19:38 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:38 - 2012-12-02 19:11 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-17 19:37 - 2012-01-31 22:30 - 00000000 ____D C:\Users\Christian
2014-01-17 19:32 - 2013-08-15 13:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\uTorrent
2014-01-17 19:32 - 2012-03-07 19:48 - 00000000 ____D C:\Users\Christian\AppData\Roaming\DAEMON Tools Lite
2014-01-17 19:32 - 2012-02-05 19:32 - 00000000 ____D C:\Windows\Minidump
2014-01-17 19:32 - 2012-02-01 05:23 - 00000000 ____D C:\Windows\Panther
2014-01-17 19:32 - 2012-01-31 22:55 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2014-01-17 19:29 - 2014-01-12 21:02 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-17 19:29 - 2013-12-06 03:03 - 00000000 ____D C:\Users\Christian\AppData\Local\Unity
2014-01-17 19:29 - 2012-04-10 20:06 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-17 19:28 - 2014-01-17 19:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-17 19:28 - 2013-01-30 23:03 - 00000000 ____D C:\Program Files\CCleaner
2014-01-17 17:27 - 2009-07-14 05:45 - 00353072 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 00:18 - 2013-08-14 20:41 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 00:17 - 2012-01-31 23:27 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 00:14 - 2013-10-15 22:09 - 00000000 ____D C:\Users\Christian\AppData\Local\Battle.net
2014-01-14 18:42 - 2014-01-14 18:34 - 82572688 _____ C:\Users\Christian\Desktop\malesubmission - Domme Boots Trample slaves cock Two - EroProfile.mp4
2014-01-12 21:00 - 2014-01-12 21:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (1).exe
2014-01-11 21:26 - 2014-01-10 09:06 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-10 18:43 - 2014-01-01 23:46 - 00000000 ____D C:\ProgramData\EuxstraSavaings
2014-01-10 11:00 - 2014-01-10 11:00 - 00000000 ____D C:\Users\Christian\AppData\Roaming\LavasoftStatistics
2014-01-10 09:13 - 2014-01-10 09:13 - 00002305 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-01-10 09:12 - 2014-01-10 09:12 - 00000085 _____ C:\Windows\wininit.ini
2014-01-10 09:12 - 2014-01-10 09:06 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-10 09:11 - 2014-01-10 09:11 - 01725064 _____ C:\Users\Christian\Desktop\Adaware_Installer_11.1.exe
2014-01-10 09:11 - 2014-01-10 09:11 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-10 09:06 - 2014-01-10 09:06 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-10 09:04 - 2014-01-10 09:02 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Christian\Desktop\spybot-2.2.25.exe
2014-01-08 15:19 - 2014-01-08 15:19 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-08 15:19 - 2013-12-31 00:56 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA Corporation
2014-01-08 15:19 - 2013-10-23 16:21 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA
2014-01-08 15:19 - 2013-02-06 20:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-08 15:17 - 2012-01-31 22:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-08 15:17 - 2012-01-31 22:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:45 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-08 14:45 - 2014-01-08 12:15 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-08 14:06 - 2014-01-08 14:01 - 262041840 _____ (NVIDIA Corporation) C:\Users\Christian\Desktop\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-01-08 12:16 - 2014-01-08 12:16 - 00000000 _____ C:\autoexec.bat
2014-01-08 12:15 - 2014-01-08 12:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-08 12:12 - 2014-01-08 12:12 - 00003182 _____ C:\Windows\System32\Tasks\{7C0A1FE8-960B-4093-AA26-ADFD9DC8072B}
2014-01-07 17:45 - 2014-01-07 17:44 - 35143116 _____ C:\Users\Christian\Desktop\Japanese girls in white boots torture cock - xHamstercom.flv
2014-01-07 17:35 - 2014-01-07 17:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer.exe
2014-01-07 13:46 - 2013-01-16 19:58 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-07 12:50 - 2014-01-07 12:50 - 00052572 _____ C:\Windows\Cmicnfgp.ini.cfl
2014-01-07 12:50 - 2014-01-07 12:50 - 00000985 _____ C:\Windows\Cmicnfgp.ini.imi
2014-01-07 12:50 - 2014-01-07 12:50 - 00000924 _____ C:\Windows\system\Cmicnfgp.ini
2014-01-07 12:50 - 2014-01-07 12:50 - 00000142 _____ C:\Windows\system\Dlap.pfx
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ASUS
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files\ASUS Xonar Essence STX Audio
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-07 12:50 - 2012-04-30 20:49 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00111616 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00102400 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-01-07 12:50 - 2012-01-31 23:06 - 00091496 _____ C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-07 12:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2014-01-07 12:44 - 2013-02-27 15:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-07 12:41 - 2014-01-07 12:40 - 11797337 _____ C:\Users\Christian\Desktop\PCI_STX_7_0_8_1821_Win7.rar
2014-01-07 11:42 - 2013-11-03 20:04 - 00000000 ____D C:\Windows\AutoKMS
2014-01-01 23:47 - 2014-01-01 23:47 - 00000000 ____D C:\ProgramData\caclggnefeonhpfllpjfgiiciglaphki
2014-01-01 23:47 - 2014-01-01 23:46 - 00000000 ____D C:\ProgramData\1a94de5c6e97b406
2013-12-31 00:27 - 2013-05-04 08:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-12-31 00:26 - 2013-12-31 00:26 - 03821064 _____ C:\Users\Christian\Desktop\battlelog-web-plugins_2.3.2_130.exe
2013-12-30 23:14 - 2012-03-22 21:23 - 01628774 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\SHSetup.exe
C:\Users\Jenny\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 14:53

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 29.01.2014, 12:09   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Problem mit dem Safesaver - Standard

Problem mit dem Safesaver




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.02.2014, 12:03   #5
Naitsirch
 
Problem mit dem Safesaver - Standard

Problem mit dem Safesaver



Sorry für die späte Antwort :-)

Eset:
Zitat:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3728673634fee546ac4d524beca06de7
# engine=16892
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-01 02:06:48
# local_time=2014-02-01 03:06:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 13367372 167930280 0 0
# compatibility_mode=5893 16776573 100 94 38192 142850258 0 0
# scanned=334520
# found=2
# cleaned=0
# scan_time=6591
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=E8FC93B3114C43BFB22DFCCCA05D2DD15B02E82E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2012-0507.B trojan" ac=I fn="C:\Users\Christian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\4babf7e1-27a51d33"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3728673634fee546ac4d524beca06de7
# engine=16898
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-01 07:08:13
# local_time=2014-02-01 08:08:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 13428657 167991565 0 0
# compatibility_mode=5893 16776573 100 94 64857 142911543 0 0
# scanned=936132
# found=26
# cleaned=0
# scan_time=25914
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=E8FC93B3114C43BFB22DFCCCA05D2DD15B02E82E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2012-0507.B trojan" ac=I fn="C:\Users\Christian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\4babf7e1-27a51d33"
sh=5EC4771161D85F0779D7CB52243FAC0F70615A0A ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.Kazaa.A application" ac=I fn="G:\Fun\Verschiedenes\Fun\Downloads\kmd.zip"
sh=5EC4771161D85F0779D7CB52243FAC0F70615A0A ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.Kazaa.A application" ac=I fn="G:\Fun\Verschiedenes\Spass-Programme\kmd.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="G:\Spiele\Assassins Creed I + II\Assassins Creed II\sr-acii.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="G:\Spiele\Batman - Arkham Asylum\tvm_baagoty.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="G:\Spiele\Die Siedler 7\Die Siedler 7.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="G:\Spiele\Need for Speed\Need for Speed Hot Pursuit\rld-nshp\rld-nshp.iso"
sh=FFC53B7A46588247E849AE45967C4D2BDB4808E2 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="H:\Program Files\LyricStar\chrome.crx"
sh=40312EF2E83695DC45736038F3498053CCFF5CB0 ft=1 fh=abb767be298cd193 vn="a variant of Win32/AdWare.AddLyrics.Z application" ac=I fn="H:\Program Files\LyricStar\lyricstar.dll"
sh=33F69E8D503B4B432EE4B857790BE6BD8CEF67E8 ft=1 fh=790be06fb4230405 vn="a variant of Win32/Adware.AddLyrics.I application" ac=I fn="H:\Program Files\LyricStar\LyricStarUpdater.exe"
sh=0144DAD6530EDBF83280FF7B7ACE933567C6AF13 ft=1 fh=1852f3471a1c93e3 vn="Win32/AdWare.Yontoo.F application" ac=I fn="H:\Program Files\Yontoo\Y2Desktop.Updater.exe"
sh=D9F91FA435BDBB0764D4CEC8ED99BFF722D87F93 ft=1 fh=602781cac6882f06 vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="H:\Program Files\Yontoo\YontooIEClient.dll"
sh=A8CDEEC800514CBEEE1E6C96E439C9FFC9C964F3 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="H:\Program Files\Yontoo\YontooLayers.crx"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="H:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll"
sh=75DFDC05C5D5F0C3B930B5B6871B6528EC9C22EA ft=1 fh=cff868ace0c06f1a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="H:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B application" ac=I fn="H:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js"
sh=20A169BF052604F74033EB21122CAA69759137D0 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="H:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js"
sh=D565F310CC9A2C7148B299F05B5F3BF5B13E9787 ft=1 fh=e83541bf1990c0ad vn="multiple threats" ac=I fn="H:\Users\Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20WMJY67\LyricStarb[1]"
sh=0F41DE6694929D4144318FAE8CF4DAEDC6E9CD11 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="H:\Users\Jenny\AppData\Local\Temp\che4C0.tmp"
sh=7600C619CF25AAF7CB541D651D82302A2DB8B217 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="H:\Users\Jenny\AppData\Local\Temp\cheA94A.tmp"
sh=D565F310CC9A2C7148B299F05B5F3BF5B13E9787 ft=1 fh=e83541bf1990c0ad vn="multiple threats" ac=I fn="H:\Users\Jenny\AppData\Local\Temp\happyl.exe"
sh=DA602313EC344E31F340105C29DF699267F73B84 ft=1 fh=34999f3f19837452 vn="multiple threats" ac=I fn="H:\Users\Jenny\AppData\Local\Temp\toolbar11082779.exe"
sh=F442E3C636EC3D356D58A21EE12EBCC229DFA826 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="H:\Users\Jenny\AppData\Local\Temp\scoped_dir_5532_11336\Chrome.crx"
sh=7FEC8DFDCFE5CD733C78ED6B0C3646716F7DB5E4 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.NDB trojan" ac=I fn="I:\Formatierung Jenny\C\Users\Jenny\AppData\Local\Temp\jar_cache1095851469152576333.tmp"
sh=8A4DC5DC5983B9CEDEB6694B96165D1AABFED073 ft=1 fh=e1192ff437c2e42a vn="multiple threats" ac=I fn="I:\Formatierung Jenny\C\Users\Jenny\AppData\Local\Temp\Yontoo-C2.exe"
FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014
Ran by Christian (administrator) on CHRISTIAN-PC on 05-02-2014 12:02:09
Running from C:\Users\Christian\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Valve Corporation) F:\Programme\Steam\Steam.exe
(Electronic Arts) F:\Programme\Origin\Origin.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\spotify.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVM Berlin) C:\Users\Christian\AppData\Local\Apps\2.0\EYACQ913.WOT\14H727DA.263\frit..tion_8488884cfbcefd60_0002.0003_f308b4c1084cd0fd\fritzbox-usb-fernanschluss.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() F:\Programme\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() F:\Programme\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.199\deploy\LoLLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Razer StarcraftII Driver] - C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] - F:\Programme\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\Run: [AVMUSBFernanschluss] - C:\Users\Christian\AppData\Local\Apps\2.0\EYACQ913.WOT\14H727DA.263\frit..tion_8488884cfbcefd60_0002.0003_f308b4c1084cd0fd\AVMAutoStart.exe [139264 2012-12-14] (AVM Berlin)
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\Run: [Spotify Web Helper] - C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\Run: [Steam] - F:\Programme\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\Run: [EADM] - F:\Programme\Origin\Origin.exe [3598680 2014-01-29] (Electronic Arts)
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\Run: [Spotify] - C:\Users\Christian\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\MountPoints2: {0bd0ec77-a713-11e1-9f15-c86000002ab6} - E:\SETUP.EXE
HKU\S-1-5-21-2076572117-3557445522-913412389-1000\...\MountPoints2: {42ae44d0-6876-11e1-ac1c-c86000002ab6} - E:\autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5C8B50A2ED26CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {99BC27D2-F902-47AF-9DD0-0318A8C47761} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: EuxstraSavaings - {58C53017-23B7-9274-45C0-A870D54B3741} - C:\ProgramData\EuxstraSavaings\H0.x64.dll No File
BHO: No Name - {C385781F-DDBA-B39A-7583-F796D0C830D5} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\CHRIST~1\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "type", 0
FF Keyword.URL: hxxp://www.google.de/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\gli1kiq1.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-02-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-02-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-02-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-22]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2013-08-24]
CHR Extension: (FVD Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-03-08]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-07-20] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; F:\Programme\Microsoft Office\Office14\GROOVE.EXE [30798512 2013-03-09] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-11-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-11-22] ()

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-13] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-13] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-13] ()
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-03-09] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-14] (AVM Berlin)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-26] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ALSysIO; \??\C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz135; \??\C:\Users\CHRIST~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 PROCEXP151; \??\C:\Windows\system32\Drivers\PROCEXP151.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-04 23:50 - 2014-02-05 12:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2014-02-01 02:38 - 2014-02-01 02:38 - 00762757 _____ C:\Users\Christian\Desktop\German.zip
2014-02-01 02:33 - 2014-02-01 02:41 - 00000000 ____D C:\Users\Christian\Documents\RCT3
2014-02-01 02:33 - 2014-02-01 02:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Atari
2014-02-01 01:13 - 2014-02-01 01:13 - 02347384 _____ (ESET) C:\Users\Christian\Desktop\esetsmartinstaller_enu (1).exe
2014-01-31 18:54 - 2014-01-31 19:01 - 98190760 _____ C:\Users\Christian\Desktop\video-onecomvideo1f8dfa0d07b79a3727b23176cd62aa6bhtmlfidBoots.flv
2014-01-31 18:53 - 2014-01-31 18:59 - 86621446 _____ C:\Users\Christian\Desktop\Booloo present - category - Trampling Video - girl in boots trampling boyfriend.flv
2014-01-31 18:52 - 2014-01-31 19:03 - 248797565 _____ C:\Users\Christian\Desktop\video-onecomvideo79c300494ead63a5aa7e0eb4cef6ac6chtmlfidBoots.flv
2014-01-31 18:32 - 2014-01-31 18:34 - 26038538 _____ C:\Users\Christian\Desktop\Video One present - category - Dominatrix Video - chastity teased by mistress boot (1).flv
2014-01-29 22:39 - 2014-01-29 22:39 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-29 22:38 - 2014-01-29 22:38 - 02347384 _____ (ESET) C:\Users\Christian\Desktop\esetsmartinstaller_enu.exe
2014-01-28 19:56 - 2014-02-01 01:10 - 00000000 ____D C:\Users\Christian\Desktop\FRST-OlderVersion
2014-01-28 19:55 - 2014-01-28 19:55 - 00000629 _____ C:\Users\Christian\Desktop\JRT.txt
2014-01-28 18:04 - 2014-01-28 18:04 - 01037068 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-01-28 18:03 - 2014-01-28 18:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (2).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 01166132 _____ C:\Users\Christian\Desktop\adwcleaner (1).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 18:03 - 2014-01-28 18:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 18:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-27 08:43 - 2014-02-05 12:02 - 00023424 _____ C:\Users\Christian\Desktop\FRST.txt
2014-01-26 22:16 - 2014-01-27 08:42 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-26 22:14 - 2014-01-26 22:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (2).exe
2014-01-26 21:24 - 2014-01-26 21:24 - 00000000 ____D C:\Users\Christian\AppData\Local\Anvisoft
2014-01-26 21:18 - 2014-01-27 08:43 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-26 21:10 - 2014-02-05 12:02 - 00000000 ____D C:\FRST
2014-01-26 21:09 - 2014-02-01 01:10 - 02080256 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2014-01-26 21:07 - 2014-01-26 21:07 - 01236282 _____ C:\Users\Christian\Desktop\AdwCleaner.exe
2014-01-26 21:02 - 2014-01-26 21:02 - 00000000 ____D C:\Windows\ERUNT
2014-01-25 14:24 - 2014-01-25 15:17 - 3192264704 _____ C:\Users\Christian\Desktop\X15-65741.iso
2014-01-24 18:55 - 2014-01-24 18:57 - 64010585 _____ C:\Users\Christian\Desktop\8820851129keyNjXXTioG3gQend1390600424dataWfUH165250BAreftag541216213210112891822557419mp4.mp4
2014-01-24 18:52 - 2014-01-24 18:52 - 02379143 _____ C:\Users\Christian\Desktop\AzHotPorncom - Beautiful Hip and Leg of Tall Asian Woman - XVIDEOSCOM.flv
2014-01-24 18:32 - 2014-01-24 18:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (1).exe
2014-01-19 22:19 - 2014-01-19 22:19 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-19 22:17 - 2014-01-19 22:18 - 37739976 _____ (Google Inc.) C:\Users\Christian\Desktop\ChromeStandalone32Setup.exe
2014-01-17 19:38 - 2014-02-05 12:00 - 00003528 _____ C:\Windows\setupact.log
2014-01-17 19:38 - 2014-02-01 12:22 - 00002268 _____ C:\Windows\PFRO.log
2014-01-17 19:38 - 2014-01-17 19:38 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:28 - 2014-01-17 19:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-16 18:33 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 18:33 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 18:33 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 18:33 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 18:34 - 2014-01-14 18:42 - 82572688 _____ C:\Users\Christian\Desktop\malesubmission - Domme Boots Trample slaves cock Two - EroProfile.mp4
2014-01-12 21:02 - 2014-01-17 19:29 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-12 21:00 - 2014-01-12 21:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (1).exe
2014-01-10 11:00 - 2014-01-10 11:00 - 00000000 ____D C:\Users\Christian\AppData\Roaming\LavasoftStatistics
2014-01-10 09:13 - 2014-01-10 09:13 - 00002305 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-01-10 09:12 - 2014-01-10 09:12 - 00000085 _____ C:\Windows\wininit.ini
2014-01-10 09:11 - 2014-01-10 09:11 - 01725064 _____ C:\Users\Christian\Desktop\Adaware_Installer_11.1.exe
2014-01-10 09:11 - 2014-01-10 09:11 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-10 09:06 - 2014-01-11 21:26 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-10 09:06 - 2014-01-10 09:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-10 09:06 - 2014-01-10 09:06 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-10 09:02 - 2014-01-10 09:04 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Christian\Desktop\spybot-2.2.25.exe
2014-01-08 15:19 - 2014-01-08 15:19 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-08 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-08 15:15 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00451872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstusb.sys
2014-01-08 15:15 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-08 15:15 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-08 15:15 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-08 15:15 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-08 15:15 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-08 15:15 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-08 15:15 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 14:45 - 2014-01-08 14:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-08 14:01 - 2014-01-08 14:06 - 262041840 _____ (NVIDIA Corporation) C:\Users\Christian\Desktop\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-01-08 12:16 - 2014-01-08 12:16 - 00000000 _____ C:\autoexec.bat
2014-01-08 12:15 - 2014-01-08 14:45 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-08 12:15 - 2014-01-08 12:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-08 12:12 - 2014-01-08 12:12 - 00003182 _____ C:\Windows\System32\Tasks\{7C0A1FE8-960B-4093-AA26-ADFD9DC8072B}
2014-01-07 17:44 - 2014-01-07 17:45 - 35143116 _____ C:\Users\Christian\Desktop\Japanese girls in white boots torture cock - xHamstercom.flv
2014-01-07 17:35 - 2014-01-07 17:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer.exe
2014-01-07 12:50 - 2014-01-07 12:50 - 00052572 _____ C:\Windows\Cmicnfgp.ini.cfl
2014-01-07 12:50 - 2014-01-07 12:50 - 00000985 _____ C:\Windows\Cmicnfgp.ini.imi
2014-01-07 12:50 - 2014-01-07 12:50 - 00000924 _____ C:\Windows\system\Cmicnfgp.ini
2014-01-07 12:50 - 2014-01-07 12:50 - 00000142 _____ C:\Windows\system\Dlap.pfx
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ASUS
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files\ASUS Xonar Essence STX Audio
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-07 12:50 - 2013-03-28 11:23 - 00004986 ____N C:\Windows\Cmicnfgp.ini.cfg
2014-01-07 12:50 - 2013-03-21 10:11 - 00827904 ____N C:\Windows\system32\Cmeauoxy.exe
2014-01-07 12:50 - 2012-11-20 11:24 - 12935168 ____N (C-Media Corporation) C:\Windows\SysWOW64\CmiCnfgp.dll
2014-01-07 12:50 - 2012-09-28 15:45 - 00465408 ____N (C-Media Electronics Inc.) C:\Windows\system32\cmasiopx.dll
2014-01-07 12:50 - 2012-09-28 15:45 - 00303104 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\cmasiop.dll
2014-01-07 12:50 - 2012-06-06 09:56 - 00143360 ____N C:\Windows\SysWOW64\VmixP8.dll
2014-01-07 12:50 - 2012-06-04 14:15 - 04533760 ____N C:\Windows\system32\CmiCnfgp.cpl
2014-01-07 12:50 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv2.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv642.dll
2014-01-07 12:50 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv64.dll
2014-01-07 12:50 - 2010-09-28 17:35 - 00000491 ____N C:\Windows\cmudaxp.ini
2014-01-07 12:50 - 2010-06-25 12:25 - 00000061 ____N C:\Windows\system32\cmasiopx.ini
2014-01-07 12:50 - 2010-06-25 12:25 - 00000057 ____N C:\Windows\SysWOW64\cmasiop.ini
2014-01-07 12:50 - 2009-08-19 16:00 - 00359424 ____N C:\Windows\system32\CmiInstallResAll64.dll
2014-01-07 12:50 - 2008-07-11 15:04 - 00200704 ____N C:\Windows\SysWOW64\HsMgr.exe
2014-01-07 12:50 - 2008-07-11 15:03 - 00282112 ____N C:\Windows\system\HsMgr64.exe
2014-01-07 12:50 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\SysWOW64\Cm_Oal.dll
2014-01-07 12:50 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\system32\Cm_Oal.dll
2014-01-07 12:50 - 2007-11-05 01:30 - 01144983 ____N C:\Windows\KB936225x64.msu
2014-01-07 12:50 - 2006-10-06 05:45 - 00524768 _____ (Microsoft Corporation) C:\Windows\difxapi.dll
2014-01-07 12:50 - 2006-09-13 10:21 - 00200704 ____N (C-Media) C:\Windows\SysWOW64\Cmpaoxy.dll
2014-01-07 12:49 - 2013-06-07 15:50 - 00000000 ____D C:\Users\Christian\Desktop\STX-1.06(W7-QR)
2014-01-07 12:49 - 2013-04-11 19:21 - 02734080 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudaxp.sys
2014-01-07 12:49 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\SysWOW64\CmiFltr.dll
2014-01-07 12:49 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\system\CmiFltr.dll
2014-01-07 12:49 - 2013-04-11 19:21 - 00032768 _____ (C-Media Electronics Inc.) C:\Windows\system32\cmudaxp.dll
2014-01-07 12:40 - 2014-01-07 12:41 - 11797337 _____ C:\Users\Christian\Desktop\PCI_STX_7_0_8_1821_Win7.rar
2014-01-07 12:39 - 2014-01-28 19:02 - 00000000 ____D C:\AdwCleaner

==================== One Month Modified Files and Folders =======

2014-02-05 12:02 - 2014-01-27 08:43 - 00023424 _____ C:\Users\Christian\Desktop\FRST.txt
2014-02-05 12:02 - 2014-01-26 21:10 - 00000000 ____D C:\FRST
2014-02-05 12:01 - 2012-07-10 19:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 12:01 - 2012-07-10 19:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 12:01 - 2012-04-12 17:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 12:01 - 2012-01-31 23:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 12:00 - 2014-02-04 23:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 12:00 - 2014-01-17 19:38 - 00003528 _____ C:\Windows\setupact.log
2014-02-05 12:00 - 2013-01-30 23:11 - 00000000 ____D C:\ProgramData\NVIDIA
2014-02-05 12:00 - 2013-01-12 23:23 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-05 12:00 - 2012-08-28 10:35 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Spotify
2014-02-05 12:00 - 2012-08-26 14:14 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-05 12:00 - 2012-04-26 18:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-05 12:00 - 2012-01-31 23:22 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2014-02-05 12:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-02-04 23:53 - 2012-01-31 22:30 - 01867138 _____ C:\Windows\WindowsUpdate.log
2014-02-04 23:00 - 2013-01-12 23:23 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 21:47 - 2012-02-18 16:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2014-02-04 21:20 - 2013-03-20 22:27 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2014-02-04 20:19 - 2009-07-14 05:45 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 20:19 - 2009-07-14 05:45 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 20:18 - 2009-07-14 18:58 - 00712396 _____ C:\Windows\system32\perfh007.dat
2014-02-04 20:18 - 2009-07-14 18:58 - 00155486 _____ C:\Windows\system32\perfc007.dat
2014-02-04 20:18 - 2009-07-14 06:13 - 01651686 _____ C:\Windows\system32\PerfStringBackup.INI
2014-02-01 12:22 - 2014-01-17 19:38 - 00002268 _____ C:\Windows\PFRO.log
2014-02-01 02:41 - 2014-02-01 02:33 - 00000000 ____D C:\Users\Christian\Documents\RCT3
2014-02-01 02:38 - 2014-02-01 02:38 - 00762757 _____ C:\Users\Christian\Desktop\German.zip
2014-02-01 02:33 - 2014-02-01 02:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Atari
2014-02-01 01:13 - 2014-02-01 01:13 - 02347384 _____ (ESET) C:\Users\Christian\Desktop\esetsmartinstaller_enu (1).exe
2014-02-01 01:10 - 2014-01-28 19:56 - 00000000 ____D C:\Users\Christian\Desktop\FRST-OlderVersion
2014-02-01 01:10 - 2014-01-26 21:09 - 02080256 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2014-01-31 19:03 - 2014-01-31 18:52 - 248797565 _____ C:\Users\Christian\Desktop\video-onecomvideo79c300494ead63a5aa7e0eb4cef6ac6chtmlfidBoots.flv
2014-01-31 19:01 - 2014-01-31 18:54 - 98190760 _____ C:\Users\Christian\Desktop\video-onecomvideo1f8dfa0d07b79a3727b23176cd62aa6bhtmlfidBoots.flv
2014-01-31 18:59 - 2014-01-31 18:53 - 86621446 _____ C:\Users\Christian\Desktop\Booloo present - category - Trampling Video - girl in boots trampling boyfriend.flv
2014-01-31 18:34 - 2014-01-31 18:32 - 26038538 _____ C:\Users\Christian\Desktop\Video One present - category - Dominatrix Video - chastity teased by mistress boot (1).flv
2014-01-29 22:39 - 2014-01-29 22:39 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-29 22:38 - 2014-01-29 22:38 - 02347384 _____ (ESET) C:\Users\Christian\Desktop\esetsmartinstaller_enu.exe
2014-01-29 13:49 - 2012-03-07 19:48 - 00000000 ____D C:\Users\Christian\AppData\Roaming\DAEMON Tools Lite
2014-01-29 12:57 - 2012-01-31 23:09 - 00000000 ____D C:\ProgramData\Origin
2014-01-28 19:55 - 2014-01-28 19:55 - 00000629 _____ C:\Users\Christian\Desktop\JRT.txt
2014-01-28 19:02 - 2014-01-07 12:39 - 00000000 ____D C:\AdwCleaner
2014-01-28 19:01 - 2012-01-31 23:29 - 00000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2014-01-28 18:04 - 2014-01-28 18:04 - 01037068 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-01-28 18:03 - 2014-01-28 18:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (2).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 01166132 _____ C:\Users\Christian\Desktop\adwcleaner (1).exe
2014-01-28 18:03 - 2014-01-28 18:03 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 18:03 - 2014-01-28 18:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-27 10:54 - 2012-01-31 22:58 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Winamp
2014-01-27 08:43 - 2014-01-26 21:18 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-27 08:42 - 2014-01-26 22:16 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-26 22:14 - 2014-01-26 22:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (2).exe
2014-01-26 21:24 - 2014-01-26 21:24 - 00000000 ____D C:\Users\Christian\AppData\Local\Anvisoft
2014-01-26 21:07 - 2014-01-26 21:07 - 01236282 _____ C:\Users\Christian\Desktop\AdwCleaner.exe
2014-01-26 21:02 - 2014-01-26 21:02 - 00000000 ____D C:\Windows\ERUNT
2014-01-25 15:17 - 2014-01-25 14:24 - 3192264704 _____ C:\Users\Christian\Desktop\X15-65741.iso
2014-01-24 18:57 - 2014-01-24 18:55 - 64010585 _____ C:\Users\Christian\Desktop\8820851129keyNjXXTioG3gQend1390600424dataWfUH165250BAreftag541216213210112891822557419mp4.mp4
2014-01-24 18:52 - 2014-01-24 18:52 - 02379143 _____ C:\Users\Christian\Desktop\AzHotPorncom - Beautiful Hip and Leg of Tall Asian Woman - XVIDEOSCOM.flv
2014-01-24 18:33 - 2014-01-24 18:32 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300 (1).exe
2014-01-20 22:21 - 2012-08-28 10:35 - 00000000 ____D C:\Users\Christian\AppData\Local\Spotify
2014-01-20 22:21 - 2012-03-22 20:10 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2014-01-19 22:19 - 2014-01-19 22:19 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-19 22:19 - 2012-03-22 20:10 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-19 22:18 - 2014-01-19 22:17 - 37739976 _____ (Google Inc.) C:\Users\Christian\Desktop\ChromeStandalone32Setup.exe
2014-01-17 20:19 - 2012-02-01 18:19 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-17 20:04 - 2012-02-01 18:19 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-17 19:38 - 2014-01-17 19:38 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:38 - 2012-12-02 19:11 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-17 19:37 - 2012-01-31 22:30 - 00000000 ____D C:\Users\Christian
2014-01-17 19:32 - 2013-08-15 13:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\uTorrent
2014-01-17 19:32 - 2012-02-05 19:32 - 00000000 ____D C:\Windows\Minidump
2014-01-17 19:32 - 2012-02-01 05:23 - 00000000 ____D C:\Windows\Panther
2014-01-17 19:32 - 2012-01-31 22:55 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2014-01-17 19:29 - 2014-01-12 21:02 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-17 19:29 - 2013-12-06 03:03 - 00000000 ____D C:\Users\Christian\AppData\Local\Unity
2014-01-17 19:29 - 2012-04-10 20:06 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-17 19:28 - 2014-01-17 19:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-17 19:28 - 2013-01-30 23:03 - 00000000 ____D C:\Program Files\CCleaner
2014-01-17 17:27 - 2009-07-14 05:45 - 00353072 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 00:18 - 2013-08-14 20:41 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 00:17 - 2012-01-31 23:27 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 00:14 - 2013-10-15 22:09 - 00000000 ____D C:\Users\Christian\AppData\Local\Battle.net
2014-01-14 18:42 - 2014-01-14 18:34 - 82572688 _____ C:\Users\Christian\Desktop\malesubmission - Domme Boots Trample slaves cock Two - EroProfile.mp4
2014-01-12 21:00 - 2014-01-12 21:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer (1).exe
2014-01-11 21:26 - 2014-01-10 09:06 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-10 18:43 - 2014-01-01 23:46 - 00000000 ____D C:\ProgramData\EuxstraSavaings
2014-01-10 11:00 - 2014-01-10 11:00 - 00000000 ____D C:\Users\Christian\AppData\Roaming\LavasoftStatistics
2014-01-10 09:13 - 2014-01-10 09:13 - 00002305 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-01-10 09:12 - 2014-01-10 09:12 - 00000085 _____ C:\Windows\wininit.ini
2014-01-10 09:12 - 2014-01-10 09:06 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-10 09:11 - 2014-01-10 09:11 - 01725064 _____ C:\Users\Christian\Desktop\Adaware_Installer_11.1.exe
2014-01-10 09:11 - 2014-01-10 09:11 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-10 09:06 - 2014-01-10 09:06 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-10 09:04 - 2014-01-10 09:02 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Christian\Desktop\spybot-2.2.25.exe
2014-01-08 15:19 - 2014-01-08 15:19 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-08 15:19 - 2013-12-31 00:56 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA Corporation
2014-01-08 15:19 - 2013-10-23 16:21 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA
2014-01-08 15:19 - 2013-02-06 20:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-08 15:17 - 2012-01-31 22:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-08 15:17 - 2012-01-31 22:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 14:46 - 2014-01-08 14:45 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Christian\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-08 14:45 - 2014-01-08 12:15 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-08 14:06 - 2014-01-08 14:01 - 262041840 _____ (NVIDIA Corporation) C:\Users\Christian\Desktop\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-01-08 12:16 - 2014-01-08 12:16 - 00000000 _____ C:\autoexec.bat
2014-01-08 12:15 - 2014-01-08 12:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-08 12:12 - 2014-01-08 12:12 - 00003182 _____ C:\Windows\System32\Tasks\{7C0A1FE8-960B-4093-AA26-ADFD9DC8072B}
2014-01-07 17:45 - 2014-01-07 17:44 - 35143116 _____ C:\Users\Christian\Desktop\Japanese girls in white boots torture cock - xHamstercom.flv
2014-01-07 17:35 - 2014-01-07 17:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Desktop\SpyHunter-Installer.exe
2014-01-07 13:46 - 2013-01-16 19:58 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-07 12:50 - 2014-01-07 12:50 - 00052572 _____ C:\Windows\Cmicnfgp.ini.cfl
2014-01-07 12:50 - 2014-01-07 12:50 - 00000985 _____ C:\Windows\Cmicnfgp.ini.imi
2014-01-07 12:50 - 2014-01-07 12:50 - 00000924 _____ C:\Windows\system\Cmicnfgp.ini
2014-01-07 12:50 - 2014-01-07 12:50 - 00000142 _____ C:\Windows\system\Dlap.pfx
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ASUS
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files\ASUS Xonar Essence STX Audio
2014-01-07 12:50 - 2014-01-07 12:50 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-07 12:50 - 2012-04-30 20:49 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00111616 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-01-07 12:50 - 2012-04-30 20:49 - 00102400 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-01-07 12:50 - 2012-01-31 23:06 - 00091496 _____ C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-07 12:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2014-01-07 12:44 - 2013-02-27 15:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-07 12:41 - 2014-01-07 12:40 - 11797337 _____ C:\Users\Christian\Desktop\PCI_STX_7_0_8_1821_Win7.rar
2014-01-07 11:42 - 2013-11-03 20:04 - 00000000 ____D C:\Windows\AutoKMS

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\SHSetup.exe
C:\Users\Jenny\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 18:30

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Alt 06.02.2014, 09:34   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Problem mit dem Safesaver - Standard

Problem mit dem Safesaver



Fun und Spiele auf F und G löschen.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
H:\Program Files\LyricStar
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
--> Problem mit dem Safesaver

Alt 18.02.2014, 10:50   #7
Naitsirch
 
Problem mit dem Safesaver - Standard

Problem mit dem Safesaver



Hallo schrauber,

leider hat auch das nichts genützt... Ich habe bereits nach verdächtigen Registry-Einträgen gesucht usw... Leider ohne Erfolg. Wenn ich das Addon aus Chrome lösche, welches sich "NewSiaVer 1.1" nennt, wird es nach einem Chrome-Neustart direkt wieder mitgestartet, egal was ich unternehme.

Beim Internet-Explorer habe ich das Problem nicht.

Gibt es weitere Ansätze? Sonst muss ich wohl einfach den Rechner neu aufsetzen...

Danke schonmal
Christian

Alt 19.02.2014, 10:39   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Problem mit dem Safesaver - Standard

Problem mit dem Safesaver



Zitat:
Wenn ich das Addon aus Chrome lösche, welches sich "NewSiaVer 1.1" nennt, wird es nach einem Chrome-Neustart direkt wieder mitgestartet, egal was ich unternehme.
Verbindest Du Chrome mit einem Google Konto?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Problem mit dem Safesaver
adblock, antivirus, explorer, java/exploit.agent.ndb, java/exploit.cve-2012-0507.b, js/adware.yontoo.a, js/adware.yontoo.b, league of legends, mozilla, newtab, programme, security, services.exe, spotify web helper, spyhunter, spyhunter entfernen, svchost.exe, win32/adware.addlyrics.f, win32/adware.addlyrics.i, win32/adware.addlyrics.z, win32/adware.kazaa.a, win32/adware.yontoo.a, win32/adware.yontoo.b, win32/adware.yontoo.f, win32/packed.vmprotect.aaa, win32/packed.vmprotect.aad, win32/packed.vmprotect.aah, winlogon.exe



Ähnliche Themen: Problem mit dem Safesaver


  1. Windows 8: Problem beim Starten von C:\ Problem Files (x86)\HomeTab\TBUpdater.dll
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (9)
  2. McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da
    Log-Analyse und Auswertung - 09.02.2014 (5)
  3. Safesaver und Chrome
    Plagegeister aller Art und deren Bekämpfung - 27.01.2014 (5)
  4. Safesaver wie entferne ichs?
    Log-Analyse und Auswertung - 23.01.2014 (1)
  5. Habe mir den "safesaver"-Mist eingefangen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2014 (7)
  6. Auch hier: SafeSaver lässt sich nicht entfernen!
    Log-Analyse und Auswertung - 07.01.2014 (4)
  7. SafeSaver lässt sich nicht entfernen
    Log-Analyse und Auswertung - 05.01.2014 (12)
  8. Infektion mit SafeSaver
    Log-Analyse und Auswertung - 04.01.2014 (7)
  9. SafeSaver lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (3)
  10. "Ads not by this site" und "safesaver"
    Plagegeister aller Art und deren Bekämpfung - 29.06.2013 (10)
  11. Internet läuft langsam .. DNS Problem ? Manchmal friert alles ein Neustart behebt Problem
    Log-Analyse und Auswertung - 25.04.2012 (1)
  12. gleiches Problem wie http://www.trojaner-board.de/99057-das-system-hat-ein-problem-mit-einem-oder-me
    Plagegeister aller Art und deren Bekämpfung - 26.05.2011 (1)
  13. Problem mit explorer.exe verbunden mit Active Desktop-Problem
    Alles rund um Windows - 05.01.2011 (5)
  14. Firefox problem, Anti-banner problem, Flashplayer problem, Viren problem?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (11)
  15. Problem mit Webseite und cikutalist-wo das Problem posten?
    Mülltonne - 30.09.2010 (2)
  16. problem mit der maus, wohl internes problem
    Alles rund um Windows - 24.02.2008 (5)
  17. Problem mit Startseite - genau das gleiche Problem wie Staux!!!
    Plagegeister aller Art und deren Bekämpfung - 05.01.2005 (30)

Zum Thema Problem mit dem Safesaver - Hallo zusammen, habe einige Probleme mit Chrome. Es ist der SafeSaver-Virus und ein Addon das "NewSiaVer 1.1" heisst. Habe mal FRST drüberlaufen lassen und bitte Euch, da mal einen Blick - Problem mit dem Safesaver...
Archiv
Du betrachtest: Problem mit dem Safesaver auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.