Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
OpenCandy lässt Grüssen

OpenCandy lässt Grüssen


Plagegeister aller Art und deren Bekämpfung: OpenCandy lässt Grüssen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.03.2014, 00:41   #1
TheNoobly
 
OpenCandy lässt Grüssen - Böse

OpenCandy lässt Grüssen


Hallo Zusammen

Leider hab ich mir schon wieder den Virus OpenCandy Eingefangen
Windows Defender (win8) hat ihn danach ''Gelöscht''.
Doch Malwarebytes zeigt an das mein rechner noch Infiziert ist obwol ich in gestern (41 PUP viren entfernt mit adwcleaner) schon scannen gelassen habe.
Jetzt zeigt er mir 8 Weiter infizierte objekte an.

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.12.07

Windows 8 x86 NTFS
Internet Explorer 11.0.9600.16521
User1 :: 7800_PUB [Administrator]

13.03.2014 22:43:35
MBAM-log-2014-03-14 (00-39-50).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 434012
Laufzeit: 1 Stunde(n), 35 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 8
C:\AdwCleaner\Quarantine\C\Users\User1\AppData\Local\DownloadGuide\IminentSetup.exe.vir (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Users\User1\AppData\Local\DownloadGuide\plus-hd-3-8.exe.vir (PUP.Optional.CrossRider) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Users\User1\AppData\Local\DownloadGuide\wajam_download.exe.vir (PUP.Optional.Wajam) -> Keine Aktion durchgeführt.
C:\Qoobox\Quarantine\C\Program Files\PricePeep\uninstall.exe.vir (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
C:\Qoobox\Quarantine\C\Windows\System32\roboot.exe.vir (PUP.Optional.PCPerformer.A) -> Keine Aktion durchgeführt.
C:\Users\User1\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.Smart) -> Keine Aktion durchgeführt.
C:\Users\User1\AppData\Local\Temp\DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\User1\AppData\Roaming\PowerISO\Upgrade\PowerISO5.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

(Ende)

Alt 14.03.2014, 07:32   #2
schrauber
/// the machine
/// TB-Ausbilder
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 14.03.2014, 07:57   #3
TheNoobly
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Hallo schrauber Danke das Du dir Zeit nimmst

FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-03-2014
Ran by User1 (administrator) on 7800_PUB on 14-03-2014 07:51:20
Running from C:\Users\User1\Downloads
Microsoft Windows 8.1 Pro (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvwmi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\ASGT.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvwmi.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x86__8wekyb3d8bbwe\LiveComm.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\ASUS\GPU Tweak\Monitor.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Electronic Arts) C:\Program Files\Origin\Origin.exe
(Overwolf LTD) C:\Program Files\Overwolf\Overwolf.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\User1\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Overwolf LTD) C:\Program Files\Common Files\Overwolf\OverwolfHelper.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [atchk] - C:\Program Files\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Nvtmru] - "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2013-07-22] (Power Software Ltd)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap.dll [1048152 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [150208 2014-01-18] (IvoSoft)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [EADM] - C:\Program Files\Origin\Origin.exe [3588952 2014-03-07] (Electronic Arts)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Overwolf] - C:\Program Files\Overwolf\Overwolf.exe [37632 2014-02-16] (Overwolf LTD)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Akamai NetSession Interface] - "C:\Users\User1\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [BitTorrent] - C:\Users\User1\AppData\Roaming\BitTorrent\BitTorrent.exe [900696 2014-03-09] (BitTorrent Inc.)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll => C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x495F255E91F8CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\tohs7z19.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\tohs7z19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-29]

Chrome: 
=======
CHR HomePage: hxxp://www.google.ch/
CHR DefaultSearchKeyword: youtube.de
CHR DefaultSearchProvider: YouTube-Videosuche
CHR DefaultSearchURL: hxxp://www.youtube.com/results?search_query={searchTerms}&page={startPage?}&utm_source=opensearch
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-26]
CHR Extension: (Google Drive) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-26]
CHR Extension: (YouTube) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-26]
CHR Extension: (Google-Suche) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-26]
CHR Extension: (Google Wallet) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-26]

========================== Services (Whitelisted) =================

R2 ASGT; C:\Windows\System32\ASGT.exe [55296 2012-01-17] ()
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-12] (Hi-Rez Studios)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-26] (LogMeIn, Inc.)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15901984 2014-01-21] (NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi.exe [998688 2013-08-09] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [98560 2014-02-16] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2014-03-10] ()
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-31] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-31] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2013-12-10] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2014-03-12] (Disc Soft Ltd)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [38920 2014-02-26] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
R1 MpKslbb1db4e6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{193F93CA-56D7-4BC3-ABAF-35F8CDD35C6A}\MpKslbb1db4e6.sys [39464 2014-03-13] (Microsoft Corporation)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [12864 2012-03-10] ()
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [113336 2013-07-22] (Power Software Ltd)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [93016 2013-10-31] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
R4 IOMap; \??\C:\WINDOWS\system32\drivers\IOMap.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-14 07:51 - 2014-03-14 07:51 - 00015964 _____ () C:\Users\User1\Downloads\FRST.txt
2014-03-13 18:15 - 2014-03-13 18:15 - 00002095 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-03-13 18:15 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2014-03-13 18:06 - 2014-03-04 15:29 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 17559384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 10523480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-13 18:06 - 2014-03-04 15:29 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 02956632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233523.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00894296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233523.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00865224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00847136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00409544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00334792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim32.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinit.dll
2014-03-12 21:38 - 2013-10-31 00:38 - 00202584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 21:38 - 2013-10-31 00:38 - 00093016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 21:38 - 2013-10-31 00:36 - 00030224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 21:37 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 21:37 - 2014-02-11 04:32 - 03486208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 21:37 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 21:37 - 2014-01-31 15:04 - 00265560 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 21:37 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 21:37 - 2014-01-31 10:02 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 21:37 - 2014-01-29 08:58 - 01033368 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 21:37 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 21:37 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 21:37 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 21:37 - 2014-01-29 08:43 - 01883480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 21:37 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 21:37 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 21:37 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 21:37 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 21:37 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 21:37 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 21:37 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 21:37 - 2014-01-27 12:52 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 21:37 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 21:37 - 2014-01-08 01:55 - 00261464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-12 21:37 - 2014-01-08 01:35 - 01307992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-12 21:37 - 2014-01-08 01:35 - 00320856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-12 21:37 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-12 21:37 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-12 21:37 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-12 21:37 - 2014-01-01 01:56 - 01445720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-12 21:37 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-12 21:37 - 2014-01-01 01:00 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-12 21:37 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-12 21:37 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-12 21:37 - 2013-12-31 00:33 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-12 21:37 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-12 21:37 - 2013-12-27 13:05 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2014-03-12 21:37 - 2013-12-27 13:05 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-12 21:37 - 2013-12-27 09:21 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2014-03-12 21:37 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-12 21:37 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-12 21:37 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-12 21:37 - 2013-12-21 13:06 - 05251224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 21:37 - 2013-12-21 09:08 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-12 21:37 - 2013-12-21 08:04 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-12 21:37 - 2013-12-20 09:26 - 01382208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 21:37 - 2013-12-20 09:26 - 01271664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 21:37 - 2013-12-17 07:13 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-12 21:37 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-12 21:37 - 2013-12-13 10:14 - 00077992 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-12 21:37 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-12 21:37 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-12 21:36 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 21:36 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 21:36 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 21:36 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 21:36 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 21:36 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 21:36 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 21:36 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-12 21:34 - 2014-03-12 21:34 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-03-12 21:34 - 2014-03-12 21:34 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-12 21:34 - 2014-03-12 21:34 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-03-12 21:17 - 2014-03-13 21:36 - 00000000 ____D () C:\AdwCleaner
2014-03-12 21:15 - 2014-03-12 21:16 - 01037734 _____ (Thisisu) C:\Users\User1\Downloads\JRT.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01949184 _____ () C:\Users\User1\Downloads\adwcleaner.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01145856 _____ (Farbar) C:\Users\User1\Downloads\FRST.exe
2014-03-12 14:52 - 2014-03-12 14:52 - 00001079 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-12 14:52 - 2014-03-12 14:52 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-12 14:52 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-12 14:51 - 2014-03-12 14:52 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User1\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-11 00:15 - 2014-03-11 00:15 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-03-10 08:51 - 2014-03-10 21:17 - 00682280 _____ () C:\WINDOWS\system32\pbsvc.exe
2014-03-09 01:40 - 2014-03-09 01:40 - 00000917 _____ () C:\Users\User1\Desktop\BitTorrent.lnk
2014-03-09 01:40 - 2014-03-09 01:40 - 00000897 _____ () C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-03-06 18:47 - 2014-03-06 18:47 - 00000000 ____D () C:\Users\User1\AppData\Local\Skype
2014-03-06 18:46 - 2014-03-06 18:46 - 00002703 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-06 18:46 - 2014-03-06 18:46 - 00000000 ___RD () C:\Program Files\Skype
2014-03-05 21:11 - 2014-03-05 21:11 - 00000000 ____D () C:\Users\User1\AppData\Local\YoYo_Games_Ltd
2014-03-05 21:06 - 2014-03-05 21:25 - 00000000 ____D () C:\Users\User1\AppData\Local\GameMaker-Studio
2014-03-05 00:42 - 2014-03-05 00:42 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-26 19:57 - 2014-02-26 19:57 - 00038920 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-02-25 20:39 - 2014-02-25 20:46 - 00000000 ____D () C:\Program Files\Winamp
2014-02-25 20:39 - 2014-02-25 20:46 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2014-02-22 19:43 - 2014-02-22 19:43 - 00000216 _____ () C:\Users\User1\Desktop\ORION Dino Horde.url
2014-02-21 23:05 - 2014-02-21 23:05 - 00000213 _____ () C:\Users\User1\Desktop\Counter-Strike Global Offensive.url
2014-02-21 21:08 - 2014-02-21 21:08 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-02-21 20:59 - 2014-03-04 15:29 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshim.dll
2014-02-21 20:59 - 2014-02-08 19:27 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233489.dll
2014-02-21 20:59 - 2014-02-08 19:27 - 00895264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233489.dll
2014-02-19 12:32 - 2014-02-19 12:33 - 00000000 ____D () C:\Program Files\Common Files\Overwolf
2014-02-17 20:19 - 2014-03-14 07:50 - 00000000 ____D () C:\Users\User1\AppData\Local\Overwolf
2014-02-17 20:06 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-17 20:06 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-17 20:06 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-17 20:06 - 2013-11-27 12:03 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-17 20:06 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-17 20:06 - 2013-11-27 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-17 20:06 - 2013-11-27 10:01 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-17 20:06 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-17 20:06 - 2013-11-27 09:47 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-17 20:06 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-17 20:06 - 2013-11-26 12:44 - 01155384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-17 20:06 - 2013-11-25 01:47 - 00116568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-17 20:06 - 2013-11-25 01:32 - 00871256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-17 20:06 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-17 20:06 - 2013-11-23 09:28 - 00030552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-17 20:06 - 2013-11-23 07:14 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-17 20:06 - 2013-11-23 07:14 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-17 20:06 - 2013-11-23 07:09 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-17 20:06 - 2013-11-23 05:23 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-17 20:06 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-17 20:06 - 2013-11-21 07:10 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-17 20:06 - 2013-11-21 06:44 - 01088512 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-17 20:06 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-17 20:06 - 2013-11-15 14:46 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-17 20:06 - 2013-11-15 14:20 - 00622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-17 20:06 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 21:58 - 2014-02-16 21:58 - 00882048 _____ () C:\WINDOWS\Minidump\021614-39453-01.dmp
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-16 17:02 - 2014-02-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 17:02 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-16 17:02 - 2014-02-16 17:02 - 00000000 ____D () C:\Users\User1\AppData\Local\Microsoft Help
2014-02-16 17:01 - 2014-02-16 17:01 - 00000000 __RHD () C:\MSOCache
2014-02-16 16:54 - 2014-02-16 16:54 - 00000000 ____D () C:\Users\User1\Downloads\WORD
2014-02-15 00:39 - 2014-02-15 00:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 22:30 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 22:30 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 22:30 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 22:30 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 22:30 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 22:30 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 22:30 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 22:30 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 22:30 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 22:30 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 22:30 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 22:30 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 22:30 - 2014-01-09 08:42 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 22:30 - 2014-01-09 08:30 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 22:30 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 22:30 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 22:30 - 2014-01-09 08:18 - 03482112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 22:30 - 2014-01-09 07:58 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 22:30 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 22:30 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 22:30 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 22:30 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 22:30 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 22:30 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 22:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 22:30 - 2013-12-20 09:28 - 00861976 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 22:30 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 22:30 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 22:30 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 22:29 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

==================== One Month Modified Files and Folders =======

2014-03-14 07:52 - 2013-10-25 21:24 - 00000000 ____D () C:\ProgramData\Origin
2014-03-14 07:52 - 2013-09-07 20:28 - 00000000 ____D () C:\Users\User1\AppData\Roaming\Skype
2014-03-14 07:52 - 2013-04-26 19:30 - 00001110 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 07:51 - 2014-03-14 07:51 - 00015964 _____ () C:\Users\User1\Downloads\FRST.txt
2014-03-14 07:51 - 2013-08-12 18:39 - 00000000 ____D () C:\FRST
2014-03-14 07:50 - 2014-02-17 20:19 - 00000000 ____D () C:\Users\User1\AppData\Local\Overwolf
2014-03-14 07:50 - 2013-12-11 23:40 - 00000000 __RDO () C:\Users\User1\SkyDrive
2014-03-14 07:50 - 2013-10-25 21:24 - 00000000 ____D () C:\Program Files\Origin
2014-03-14 07:50 - 2013-05-07 19:53 - 00000000 ____D () C:\Users\User1\AppData\Roaming\BitTorrent
2014-03-14 07:50 - 2013-04-26 23:44 - 00000000 ____D () C:\Program Files\Steam
2014-03-14 07:49 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-14 00:43 - 2013-10-25 21:05 - 00000000 ____D () C:\Users\User1\AppData\Roaming\ClassicShell
2014-03-14 00:27 - 2013-04-26 19:30 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-13 23:59 - 2013-04-29 16:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-13 22:01 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-13 22:00 - 2013-04-26 21:30 - 00000000 ____D () C:\Users\User1\AppData\Local\LogMeIn Hamachi
2014-03-13 22:00 - 2013-04-26 20:05 - 00002141 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 21:52 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-13 21:38 - 2013-12-10 01:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-13 21:38 - 2013-08-22 08:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-13 21:37 - 2013-08-22 07:13 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-13 21:36 - 2014-03-12 21:17 - 00000000 ____D () C:\AdwCleaner
2014-03-13 21:33 - 2013-04-26 23:44 - 00000948 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-13 19:57 - 2013-12-10 01:02 - 01859770 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-13 18:53 - 2013-04-26 20:38 - 00000000 ____D () C:\Users\User1\AppData\Roaming\TS3Client
2014-03-13 18:53 - 2013-04-26 20:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-13 18:15 - 2014-03-13 18:15 - 00002095 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-03-13 18:15 - 2013-12-10 01:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-13 18:14 - 2013-08-22 08:23 - 00306650 _____ () C:\WINDOWS\setupact.log
2014-03-13 17:52 - 2013-09-30 05:08 - 01851114 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-13 17:47 - 2013-09-29 19:54 - 00009230 _____ () C:\WINDOWS\PFRO.log
2014-03-13 17:47 - 2013-08-22 08:22 - 00404672 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 01:06 - 2014-02-09 01:51 - 00000000 ____D () C:\Users\User1\AppData\Local\Activision
2014-03-13 01:06 - 2013-04-26 21:05 - 00000000 ____D () C:\Program Files\Activision
2014-03-12 21:34 - 2014-03-12 21:34 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-03-12 21:34 - 2014-03-12 21:34 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-12 21:34 - 2014-03-12 21:34 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-03-12 21:16 - 2014-03-12 21:15 - 01037734 _____ (Thisisu) C:\Users\User1\Downloads\JRT.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01949184 _____ () C:\Users\User1\Downloads\adwcleaner.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01145856 _____ (Farbar) C:\Users\User1\Downloads\FRST.exe
2014-03-12 16:57 - 2013-08-22 07:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-12 16:43 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-12 14:52 - 2014-03-12 14:52 - 00001079 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-12 14:52 - 2014-03-12 14:52 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-12 14:52 - 2014-03-12 14:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User1\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 14:42 - 2013-12-22 19:14 - 00096768 ___SH () C:\Users\User1\Desktop\Thumbs.db
2014-03-12 14:19 - 2013-05-18 22:25 - 00000000 ____D () C:\Users\User1\Documents\My Games
2014-03-11 00:18 - 2013-04-26 21:15 - 00138464 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys
2014-03-11 00:18 - 2013-04-26 21:15 - 00111928 _____ () C:\WINDOWS\system32\PnkBstrB.exe
2014-03-11 00:16 - 2014-01-08 18:53 - 00000908 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-03-11 00:15 - 2014-03-11 00:15 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-03-11 00:01 - 2013-04-26 21:14 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-10 21:17 - 2014-03-10 08:51 - 00682280 _____ () C:\WINDOWS\system32\pbsvc.exe
2014-03-10 21:17 - 2013-04-26 21:15 - 00066872 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-03-10 21:17 - 2013-04-26 21:15 - 00022328 _____ () C:\Users\User1\AppData\Roaming\PnkBstrK.sys
2014-03-10 18:58 - 2013-04-26 21:15 - 00111928 _____ () C:\WINDOWS\system32\PnkBstrB.ex0
2014-03-09 23:52 - 2013-12-10 01:10 - 00000000 ____D () C:\Users\User1
2014-03-09 23:37 - 2013-04-26 21:16 - 00000000 ____D () C:\Users\User1\AppData\Local\PunkBuster
2014-03-09 01:40 - 2014-03-09 01:40 - 00000917 _____ () C:\Users\User1\Desktop\BitTorrent.lnk
2014-03-09 01:40 - 2014-03-09 01:40 - 00000897 _____ () C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-03-06 18:47 - 2014-03-06 18:47 - 00000000 ____D () C:\Users\User1\AppData\Local\Skype
2014-03-06 18:46 - 2014-03-06 18:46 - 00002703 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-06 18:46 - 2014-03-06 18:46 - 00000000 ___RD () C:\Program Files\Skype
2014-03-06 18:46 - 2013-09-07 20:28 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 21:25 - 2014-03-05 21:06 - 00000000 ____D () C:\Users\User1\AppData\Local\GameMaker-Studio
2014-03-05 21:12 - 2013-09-01 11:58 - 00000000 ____D () C:\Users\User1\AppData\Local\Paint.NET
2014-03-05 21:11 - 2014-03-05 21:11 - 00000000 ____D () C:\Users\User1\AppData\Local\YoYo_Games_Ltd
2014-03-05 20:04 - 2013-01-22 11:51 - 00000000 ____D () C:\Users\User1\AppData\Local\VirtualStore
2014-03-05 00:45 - 2013-01-23 11:07 - 00000000 ____D () C:\Program Files\LibreOffice 3.6
2014-03-05 00:44 - 2013-09-30 04:50 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-03-05 00:42 - 2014-03-05 00:42 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-03-05 00:41 - 2013-08-29 15:47 - 00000000 ____D () C:\Games
2014-03-05 00:31 - 2013-06-11 17:52 - 00000000 ___RD () C:\Users\User1\Desktop\Musik
2014-03-04 23:53 - 2013-08-22 09:18 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 09:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-04 15:29 - 2014-03-13 18:06 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 17559384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 10523480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-04 15:29 - 2014-03-13 18:06 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 02956632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233523.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00894296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233523.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00865224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00847136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00409544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00334792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim32.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinit.dll
2014-03-04 15:29 - 2014-02-21 20:59 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshim.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 15783992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2um.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 14709720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 02715264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 00019204 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-03-04 15:29 - 2013-01-22 11:56 - 00053024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 04348704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 03044696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 02556360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 00663896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-03-04 13:34 - 2013-12-10 01:02 - 00375128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 00062752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-13 18:15 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2014-03-04 06:35 - 2013-12-10 01:02 - 03649185 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-03-01 05:30 - 2014-03-12 21:37 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 04:47 - 2014-03-12 21:36 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 04:25 - 2014-03-12 21:36 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:14 - 2014-03-12 21:36 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-12 21:36 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 03:57 - 2014-03-12 21:36 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-12 21:36 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 03:27 - 2014-03-12 21:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-12 21:36 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-27 18:33 - 2013-04-26 23:44 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-02-26 19:57 - 2014-02-26 19:57 - 00038920 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-02-25 20:46 - 2014-02-25 20:39 - 00000000 ____D () C:\Program Files\Winamp
2014-02-25 20:46 - 2014-02-25 20:39 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2014-02-25 20:33 - 2013-05-18 21:42 - 00000000 ____D () C:\Users\User1\Desktop\Spiele
2014-02-23 15:11 - 2014-01-09 15:55 - 00000000 ____D () C:\Users\User1\AppData\Roaming\.minecraft
2014-02-22 19:43 - 2014-02-22 19:43 - 00000216 _____ () C:\Users\User1\Desktop\ORION Dino Horde.url
2014-02-21 23:05 - 2014-02-21 23:05 - 00000213 _____ () C:\Users\User1\Desktop\Counter-Strike Global Offensive.url
2014-02-21 23:03 - 2014-01-04 12:21 - 00000000 ____D () C:\Program Files\Project64 2.1
2014-02-21 21:08 - 2014-02-21 21:08 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-02-19 12:33 - 2014-02-19 12:32 - 00000000 ____D () C:\Program Files\Common Files\Overwolf
2014-02-19 12:33 - 2014-01-15 19:39 - 00000000 ____D () C:\Program Files\Overwolf
2014-02-16 21:58 - 2014-02-16 21:58 - 00882048 _____ () C:\WINDOWS\Minidump\021614-39453-01.dmp
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-16 21:58 - 2013-05-10 00:31 - 211921237 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-16 17:04 - 2014-02-16 17:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-16 17:03 - 2014-02-16 17:02 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-16 17:03 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-02-16 17:03 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-16 17:02 - 2014-02-16 17:02 - 00000000 ____D () C:\Users\User1\AppData\Local\Microsoft Help
2014-02-16 17:01 - 2014-02-16 17:01 - 00000000 __RHD () C:\MSOCache
2014-02-16 16:54 - 2014-02-16 16:54 - 00000000 ____D () C:\Users\User1\Downloads\WORD
2014-02-16 14:41 - 2013-04-29 16:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-15 02:31 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-15 02:31 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-15 02:31 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-15 00:40 - 2014-02-15 00:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 22:34 - 2013-08-15 18:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-13 22:32 - 2013-01-22 15:13 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\User1\AppData\Local\Temp\DownloadManager.exe
C:\Users\User1\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\User1\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\User1\AppData\Local\Temp\NGMDll.dll
C:\Users\User1\AppData\Local\Temp\NGMResource.dll
C:\Users\User1\AppData\Local\Temp\NGMSetup.exe
C:\Users\User1\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\User1\AppData\Local\Temp\nvStInst.exe
C:\Users\User1\AppData\Local\Temp\ose00000.exe
C:\Users\User1\AppData\Local\Temp\Quarantine.exe
C:\Users\User1\AppData\Local\Temp\sdanircmdc.exe
C:\Users\User1\AppData\Local\Temp\sdapskill.exe
C:\Users\User1\AppData\Local\Temp\sdaspwn.exe
C:\Users\User1\AppData\Local\Temp\unicows.dll
C:\Users\User1\AppData\Local\Temp\uttA77.tmp.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\wininit.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2014-03-12 21:37] - [2014-01-31 15:04] - 0265560 ___AC (Microsoft Corporation) CA3C52D981550DEA46576F9FFBA22C58



LastRegBack: 2014-03-13 21:50

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
Leider war keine Addition.txt dabei

Könntest du mir auch sagen was genau ich mir eingefangen habe?

Danke
__________________
Alt 15.03.2014, 11:29   #4
schrauber
/// the machine
/// TB-Ausbilder
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Die FUnde sin in QUarantäne oder in den Temps.


Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Bitte FRST öffnen, Haken setzen bei Additional und scanne, poste bitte beide Logfiles.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.03.2014, 01:58   #5
TheNoobly
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-03-2014
Ran by User1 (administrator) on 7800_PUB on 16-03-2014 01:49:57
Running from C:\Users\User1\Downloads
Microsoft Windows 8.1 Pro (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvwmi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\ASGT.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvwmi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [atchk] - C:\Program Files\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Nvtmru] - "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2013-07-22] (Power Software Ltd)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap.dll [1048152 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [150208 2014-01-18] (IvoSoft)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [EADM] - C:\Program Files\Origin\Origin.exe [3588952 2014-03-07] (Electronic Arts)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Overwolf] - C:\Program Files\Overwolf\Overwolf.exe [37632 2014-02-16] (Overwolf LTD)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Akamai NetSession Interface] - "C:\Users\User1\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [BitTorrent] - C:\Users\User1\AppData\Roaming\BitTorrent\BitTorrent.exe [900696 2014-03-09] (BitTorrent Inc.)
HKU\S-1-5-21-615026843-2492897298-2662649293-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll => C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x495F255E91F8CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\tohs7z19.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\tohs7z19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-29]

Chrome: 
=======
CHR HomePage: hxxp://www.google.ch/
CHR DefaultSearchKeyword: youtube.de
CHR DefaultSearchProvider: YouTube-Videosuche
CHR DefaultSearchURL: hxxp://www.youtube.com/results?search_query={searchTerms}&page={startPage?}&utm_source=opensearch
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-26]
CHR Extension: (Google Drive) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-26]
CHR Extension: (YouTube) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-26]
CHR Extension: (Google-Suche) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-26]
CHR Extension: (Google Wallet) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-26]

========================== Services (Whitelisted) =================

R2 ASGT; C:\Windows\System32\ASGT.exe [55296 2012-01-17] ()
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-12] (Hi-Rez Studios)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-26] (LogMeIn, Inc.)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15901984 2014-01-21] (NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi.exe [998688 2013-08-09] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [98560 2014-02-16] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2014-03-10] ()
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-31] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-31] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2013-12-10] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2014-03-12] (Disc Soft Ltd)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [38920 2014-02-26] (LogMeIn Inc.)
S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [12864 2012-03-10] ()
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [113336 2013-07-22] (Power Software Ltd)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [93016 2013-10-31] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
R4 IOMap; \??\C:\WINDOWS\system32\drivers\IOMap.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-14 07:51 - 2014-03-16 01:50 - 00013810 _____ () C:\Users\User1\Downloads\FRST.txt
2014-03-13 18:15 - 2014-03-13 18:15 - 00002095 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-03-13 18:15 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2014-03-13 18:06 - 2014-03-04 15:29 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 17559384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 10523480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-13 18:06 - 2014-03-04 15:29 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 02956632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233523.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00894296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233523.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00865224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00847136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00409544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00334792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim32.dll
2014-03-13 18:06 - 2014-03-04 15:29 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinit.dll
2014-03-12 21:38 - 2013-10-31 00:38 - 00202584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 21:38 - 2013-10-31 00:38 - 00093016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 21:38 - 2013-10-31 00:36 - 00030224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 21:37 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 21:37 - 2014-02-11 04:32 - 03486208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 21:37 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 21:37 - 2014-01-31 15:04 - 00265560 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 21:37 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 21:37 - 2014-01-31 10:02 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 21:37 - 2014-01-29 08:58 - 01033368 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 21:37 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 21:37 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 21:37 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 21:37 - 2014-01-29 08:43 - 01883480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 21:37 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 21:37 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 21:37 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 21:37 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 21:37 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 21:37 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 21:37 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 21:37 - 2014-01-27 12:52 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 21:37 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 21:37 - 2014-01-08 01:55 - 00261464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-12 21:37 - 2014-01-08 01:35 - 01307992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-12 21:37 - 2014-01-08 01:35 - 00320856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-12 21:37 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-12 21:37 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-12 21:37 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-12 21:37 - 2014-01-01 01:56 - 01445720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-12 21:37 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-12 21:37 - 2014-01-01 01:00 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-12 21:37 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-12 21:37 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-12 21:37 - 2013-12-31 00:33 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-12 21:37 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-12 21:37 - 2013-12-27 13:05 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2014-03-12 21:37 - 2013-12-27 13:05 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-12 21:37 - 2013-12-27 09:21 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2014-03-12 21:37 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-12 21:37 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-12 21:37 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-12 21:37 - 2013-12-21 13:06 - 05251224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 21:37 - 2013-12-21 09:08 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-12 21:37 - 2013-12-21 08:04 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-12 21:37 - 2013-12-20 09:26 - 01382208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 21:37 - 2013-12-20 09:26 - 01271664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 21:37 - 2013-12-17 07:13 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-12 21:37 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-12 21:37 - 2013-12-13 10:14 - 00077992 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-12 21:37 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-12 21:37 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-12 21:36 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 21:36 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 21:36 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 21:36 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 21:36 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 21:36 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 21:36 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 21:36 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-12 21:34 - 2014-03-12 21:34 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-03-12 21:34 - 2014-03-12 21:34 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-12 21:34 - 2014-03-12 21:34 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-03-12 21:17 - 2014-03-13 21:36 - 00000000 ____D () C:\AdwCleaner
2014-03-12 21:15 - 2014-03-12 21:16 - 01037734 _____ (Thisisu) C:\Users\User1\Downloads\JRT.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01949184 _____ () C:\Users\User1\Downloads\adwcleaner.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01145856 _____ (Farbar) C:\Users\User1\Downloads\FRST.exe
2014-03-12 14:52 - 2014-03-12 14:52 - 00001079 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-12 14:52 - 2014-03-12 14:52 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-12 14:52 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-12 14:51 - 2014-03-12 14:52 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User1\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-11 00:15 - 2014-03-11 00:15 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-03-10 08:51 - 2014-03-10 21:17 - 00682280 _____ () C:\WINDOWS\system32\pbsvc.exe
2014-03-09 01:40 - 2014-03-09 01:40 - 00000917 _____ () C:\Users\User1\Desktop\BitTorrent.lnk
2014-03-09 01:40 - 2014-03-09 01:40 - 00000897 _____ () C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-03-06 18:47 - 2014-03-06 18:47 - 00000000 ____D () C:\Users\User1\AppData\Local\Skype
2014-03-06 18:46 - 2014-03-06 18:46 - 00002703 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-06 18:46 - 2014-03-06 18:46 - 00000000 ___RD () C:\Program Files\Skype
2014-03-05 21:11 - 2014-03-05 21:11 - 00000000 ____D () C:\Users\User1\AppData\Local\YoYo_Games_Ltd
2014-03-05 21:06 - 2014-03-05 21:25 - 00000000 ____D () C:\Users\User1\AppData\Local\GameMaker-Studio
2014-03-05 00:42 - 2014-03-05 00:42 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-26 19:57 - 2014-02-26 19:57 - 00038920 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-02-25 20:39 - 2014-02-25 20:46 - 00000000 ____D () C:\Program Files\Winamp
2014-02-25 20:39 - 2014-02-25 20:46 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2014-02-22 19:43 - 2014-02-22 19:43 - 00000216 _____ () C:\Users\User1\Desktop\ORION Dino Horde.url
2014-02-21 23:05 - 2014-02-21 23:05 - 00000213 _____ () C:\Users\User1\Desktop\Counter-Strike Global Offensive.url
2014-02-21 21:08 - 2014-02-21 21:08 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-02-21 20:59 - 2014-03-04 15:29 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshim.dll
2014-02-21 20:59 - 2014-02-08 19:27 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233489.dll
2014-02-21 20:59 - 2014-02-08 19:27 - 00895264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233489.dll
2014-02-19 12:32 - 2014-02-19 12:33 - 00000000 ____D () C:\Program Files\Common Files\Overwolf
2014-02-17 20:19 - 2014-03-15 13:14 - 00000000 ____D () C:\Users\User1\AppData\Local\Overwolf
2014-02-17 20:06 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-17 20:06 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-17 20:06 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-17 20:06 - 2013-11-27 12:03 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-17 20:06 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-17 20:06 - 2013-11-27 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-17 20:06 - 2013-11-27 10:01 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-17 20:06 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-17 20:06 - 2013-11-27 09:47 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-17 20:06 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-17 20:06 - 2013-11-26 12:44 - 01155384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-17 20:06 - 2013-11-25 01:47 - 00116568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-17 20:06 - 2013-11-25 01:32 - 00871256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-17 20:06 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-17 20:06 - 2013-11-23 09:28 - 00030552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-17 20:06 - 2013-11-23 07:14 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-17 20:06 - 2013-11-23 07:14 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-17 20:06 - 2013-11-23 07:09 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-17 20:06 - 2013-11-23 05:23 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-17 20:06 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-17 20:06 - 2013-11-21 07:10 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-17 20:06 - 2013-11-21 06:44 - 01088512 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-17 20:06 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-17 20:06 - 2013-11-15 14:46 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-17 20:06 - 2013-11-15 14:20 - 00622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-17 20:06 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 21:58 - 2014-02-16 21:58 - 00882048 _____ () C:\WINDOWS\Minidump\021614-39453-01.dmp
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-16 17:02 - 2014-02-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 17:02 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-16 17:02 - 2014-02-16 17:02 - 00000000 ____D () C:\Users\User1\AppData\Local\Microsoft Help
2014-02-16 17:01 - 2014-02-16 17:01 - 00000000 __RHD () C:\MSOCache
2014-02-16 16:54 - 2014-02-16 16:54 - 00000000 ____D () C:\Users\User1\Downloads\WORD
2014-02-15 00:39 - 2014-02-15 00:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-16 01:50 - 2014-03-14 07:51 - 00013810 _____ () C:\Users\User1\Downloads\FRST.txt
2014-03-16 01:49 - 2013-08-12 18:39 - 00000000 ____D () C:\FRST
2014-03-16 01:48 - 2013-12-10 01:02 - 01209715 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-16 01:47 - 2013-12-11 23:40 - 00000000 __RDO () C:\Users\User1\SkyDrive
2014-03-16 01:43 - 2013-09-07 20:28 - 00000000 ____D () C:\Users\User1\AppData\Roaming\Skype
2014-03-16 01:43 - 2013-05-07 19:53 - 00000000 ____D () C:\Users\User1\AppData\Roaming\BitTorrent
2014-03-16 01:41 - 2013-04-26 20:38 - 00000000 ____D () C:\Users\User1\AppData\Roaming\TS3Client
2014-03-16 01:27 - 2013-04-26 19:30 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 01:00 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-16 00:59 - 2013-04-29 16:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-15 22:51 - 2013-04-26 23:44 - 00000000 ____D () C:\Program Files\Steam
2014-03-15 16:22 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-15 13:32 - 2013-04-26 20:05 - 00002141 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 13:16 - 2013-04-26 21:30 - 00000000 ____D () C:\Users\User1\AppData\Local\LogMeIn Hamachi
2014-03-15 13:15 - 2013-10-25 21:24 - 00000000 ____D () C:\ProgramData\Origin
2014-03-15 13:15 - 2013-04-26 19:30 - 00001110 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-15 13:14 - 2014-02-17 20:19 - 00000000 ____D () C:\Users\User1\AppData\Local\Overwolf
2014-03-15 13:13 - 2013-10-25 21:24 - 00000000 ____D () C:\Program Files\Origin
2014-03-14 23:30 - 2013-10-25 21:05 - 00000000 ____D () C:\Users\User1\AppData\Roaming\ClassicShell
2014-03-14 20:28 - 2014-01-09 15:55 - 00000000 ____D () C:\Users\User1\AppData\Roaming\.minecraft
2014-03-14 09:06 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-13 22:01 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-13 21:38 - 2013-12-10 01:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-13 21:38 - 2013-08-22 08:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-13 21:37 - 2013-08-22 07:13 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-13 21:36 - 2014-03-12 21:17 - 00000000 ____D () C:\AdwCleaner
2014-03-13 21:33 - 2013-04-26 23:44 - 00000948 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-13 18:53 - 2013-04-26 20:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-13 18:15 - 2014-03-13 18:15 - 00002095 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-03-13 18:15 - 2013-12-10 01:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-13 18:14 - 2013-08-22 08:23 - 00306650 _____ () C:\WINDOWS\setupact.log
2014-03-13 17:52 - 2013-09-30 05:08 - 01851114 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-13 17:47 - 2013-09-29 19:54 - 00009230 _____ () C:\WINDOWS\PFRO.log
2014-03-13 17:47 - 2013-08-22 08:22 - 00404672 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-03-13 01:14 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 01:06 - 2014-02-09 01:51 - 00000000 ____D () C:\Users\User1\AppData\Local\Activision
2014-03-13 01:06 - 2013-04-26 21:05 - 00000000 ____D () C:\Program Files\Activision
2014-03-12 21:34 - 2014-03-12 21:34 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-03-12 21:34 - 2014-03-12 21:34 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-12 21:34 - 2014-03-12 21:34 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-03-12 21:16 - 2014-03-12 21:15 - 01037734 _____ (Thisisu) C:\Users\User1\Downloads\JRT.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01949184 _____ () C:\Users\User1\Downloads\adwcleaner.exe
2014-03-12 21:15 - 2014-03-12 21:15 - 01145856 _____ (Farbar) C:\Users\User1\Downloads\FRST.exe
2014-03-12 16:57 - 2013-08-22 07:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-12 14:52 - 2014-03-12 14:52 - 00001079 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-12 14:52 - 2014-03-12 14:52 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-12 14:52 - 2014-03-12 14:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User1\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 14:42 - 2013-12-22 19:14 - 00096768 ___SH () C:\Users\User1\Desktop\Thumbs.db
2014-03-12 14:19 - 2013-05-18 22:25 - 00000000 ____D () C:\Users\User1\Documents\My Games
2014-03-11 00:18 - 2013-04-26 21:15 - 00138464 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys
2014-03-11 00:18 - 2013-04-26 21:15 - 00111928 _____ () C:\WINDOWS\system32\PnkBstrB.exe
2014-03-11 00:16 - 2014-01-08 18:53 - 00000908 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-03-11 00:15 - 2014-03-11 00:15 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-03-11 00:01 - 2013-04-26 21:14 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-10 21:17 - 2014-03-10 08:51 - 00682280 _____ () C:\WINDOWS\system32\pbsvc.exe
2014-03-10 21:17 - 2013-04-26 21:15 - 00066872 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-03-10 21:17 - 2013-04-26 21:15 - 00022328 _____ () C:\Users\User1\AppData\Roaming\PnkBstrK.sys
2014-03-10 18:58 - 2013-04-26 21:15 - 00111928 _____ () C:\WINDOWS\system32\PnkBstrB.ex0
2014-03-09 23:52 - 2013-12-10 01:10 - 00000000 ____D () C:\Users\User1
2014-03-09 23:37 - 2013-04-26 21:16 - 00000000 ____D () C:\Users\User1\AppData\Local\PunkBuster
2014-03-09 01:40 - 2014-03-09 01:40 - 00000917 _____ () C:\Users\User1\Desktop\BitTorrent.lnk
2014-03-09 01:40 - 2014-03-09 01:40 - 00000897 _____ () C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-03-06 18:47 - 2014-03-06 18:47 - 00000000 ____D () C:\Users\User1\AppData\Local\Skype
2014-03-06 18:46 - 2014-03-06 18:46 - 00002703 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-06 18:46 - 2014-03-06 18:46 - 00000000 ___RD () C:\Program Files\Skype
2014-03-06 18:46 - 2013-09-07 20:28 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 21:25 - 2014-03-05 21:06 - 00000000 ____D () C:\Users\User1\AppData\Local\GameMaker-Studio
2014-03-05 21:12 - 2013-09-01 11:58 - 00000000 ____D () C:\Users\User1\AppData\Local\Paint.NET
2014-03-05 21:11 - 2014-03-05 21:11 - 00000000 ____D () C:\Users\User1\AppData\Local\YoYo_Games_Ltd
2014-03-05 20:04 - 2013-01-22 11:51 - 00000000 ____D () C:\Users\User1\AppData\Local\VirtualStore
2014-03-05 00:45 - 2013-01-23 11:07 - 00000000 ____D () C:\Program Files\LibreOffice 3.6
2014-03-05 00:44 - 2013-09-30 04:50 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-03-05 00:42 - 2014-03-05 00:42 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-03-05 00:41 - 2013-08-29 15:47 - 00000000 ____D () C:\Games
2014-03-05 00:31 - 2013-06-11 17:52 - 00000000 ___RD () C:\Users\User1\Desktop\Musik
2014-03-04 23:53 - 2013-08-22 09:18 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 09:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-04 15:29 - 2014-03-13 18:06 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 17559384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 10523480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-04 15:29 - 2014-03-13 18:06 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 02956632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233523.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00894296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233523.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00865224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00847136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00409544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00334792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim32.dll
2014-03-04 15:29 - 2014-03-13 18:06 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinit.dll
2014-03-04 15:29 - 2014-02-21 20:59 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshim.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 15783992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2um.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 14709720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 02715264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2014-03-04 15:29 - 2013-11-23 21:54 - 00019204 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-03-04 15:29 - 2013-01-22 11:56 - 00053024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 04348704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 03044696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 02556360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 00663896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-03-04 13:34 - 2013-12-10 01:02 - 00375128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-03-04 13:34 - 2013-12-10 01:02 - 00062752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-13 18:15 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2014-03-04 06:35 - 2013-12-10 01:02 - 03649185 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-03-01 05:30 - 2014-03-12 21:37 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 04:47 - 2014-03-12 21:36 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 04:25 - 2014-03-12 21:36 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:14 - 2014-03-12 21:36 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-12 21:36 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 03:57 - 2014-03-12 21:36 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-12 21:36 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 03:27 - 2014-03-12 21:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-12 21:36 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-27 18:33 - 2013-04-26 23:44 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-02-26 19:57 - 2014-02-26 19:57 - 00038920 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-02-25 20:46 - 2014-02-25 20:39 - 00000000 ____D () C:\Program Files\Winamp
2014-02-25 20:46 - 2014-02-25 20:39 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2014-02-25 20:33 - 2013-05-18 21:42 - 00000000 ____D () C:\Users\User1\Desktop\Spiele
2014-02-22 19:43 - 2014-02-22 19:43 - 00000216 _____ () C:\Users\User1\Desktop\ORION Dino Horde.url
2014-02-21 23:05 - 2014-02-21 23:05 - 00000213 _____ () C:\Users\User1\Desktop\Counter-Strike Global Offensive.url
2014-02-21 23:03 - 2014-01-04 12:21 - 00000000 ____D () C:\Program Files\Project64 2.1
2014-02-21 21:08 - 2014-02-21 21:08 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-02-19 12:33 - 2014-02-19 12:32 - 00000000 ____D () C:\Program Files\Common Files\Overwolf
2014-02-19 12:33 - 2014-01-15 19:39 - 00000000 ____D () C:\Program Files\Overwolf
2014-02-16 21:58 - 2014-02-16 21:58 - 00882048 _____ () C:\WINDOWS\Minidump\021614-39453-01.dmp
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-16 21:58 - 2013-05-10 00:31 - 211921237 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-16 17:04 - 2014-02-16 17:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-02-16 17:03 - 2014-02-16 17:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-16 17:03 - 2014-02-16 17:02 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-16 17:03 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-02-16 17:03 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-16 17:02 - 2014-02-16 17:02 - 00000000 ____D () C:\Users\User1\AppData\Local\Microsoft Help
2014-02-16 17:01 - 2014-02-16 17:01 - 00000000 __RHD () C:\MSOCache
2014-02-16 16:54 - 2014-02-16 16:54 - 00000000 ____D () C:\Users\User1\Downloads\WORD
2014-02-16 14:41 - 2013-04-29 16:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-15 02:31 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-15 02:31 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-15 02:31 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-15 00:40 - 2014-02-15 00:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\wininit.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2014-03-12 21:37] - [2014-01-31 15:04] - 0265560 ___AC (Microsoft Corporation) CA3C52D981550DEA46576F9FFBA22C58



LastRegBack: 2014-03-13 21:50

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-03-2014
Ran by User1 at 2014-03-16 01:50:43
Running from C:\Users\User1\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS GPU Tweak (HKLM\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) - World at War(TM) 1.1 Patch (Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - )
Classic Shell (HKLM\...\{13793E6A-6DBC-4112-81B7-7554DFC5D959}) (Version: 4.0.4 - IvoSoft)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Garry)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Softpaq SP46134  (HKLM\...\SP46134) (Version:  - )
HP Softpaq SP46137  (HKLM\...\SP46137) (Version:  - )
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medal of Honor™ Warfighter (HKLM\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (HKLM\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Need For Speed™ World (HKLM\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
NVIDIA WMI 2.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.12.0 - NVIDIA Corporation)
Origin (HKLM\...\Origin) (Version: 9.0.13.2135 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM\...\Steam App 104900) (Version:  - Spiral Game Studios)
Overwolf (HKLM\...\{FE8E927E-8099-4C6B-A337-1CAB00E213C7}) (Version: 0.50.310 - Overwolf)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PowerISO (HKLM\...\PowerISO) (Version: 5.7 - Power Software Ltd)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
VIS (HKLM\...\VIS) (Version:  - ) <==== ATTENTION
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Worms World Party (HKLM\...\{9A200E68-D5F4-4E70-910F-2871753A0E2B}) (Version:  - )

==================== Restore Points  =========================

09-03-2014 15:39:26 DirectX wurde installiert
10-03-2014 17:37:37 Installed Call of Duty(R) - World at War(TM) 1.1 Patch
12-03-2014 12:57:51 Installed Call of Duty(R) - World at War(TM)

==================== Hosts content: ==========================

2012-07-26 05:17 - 2013-08-14 16:06 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {109F57F3-435D-4B4E-8127-797786642C6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-26] (Google Inc.)
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {A9574899-70DD-4AC1-A048-0432038A01D6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-13] (Microsoft Corporation)
Task: {ADAB5A5C-B7EF-42E8-87D4-B52FBCE0FEA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {BF234B23-A0C9-49C3-B15E-39EFA51E8DD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-26] (Google Inc.)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {F67016A4-F544-4524-9D75-9CAE3E768CA2} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\System32\ASGT.exe
2013-04-26 21:15 - 2014-03-10 21:17 - 00066872 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2013-12-10 01:02 - 2014-03-04 13:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-01-22 11:56 - 2013-08-09 23:13 - 00455968 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2014-02-15 00:39 - 2014-02-15 00:39 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\User1\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2014 10:51:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x52f977fe
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x531c2427
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002150e
ID des fehlerhaften Prozesses: 0x27dc
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
Vollständiger Name des fehlerhaften Pakets: csgo.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: csgo.exe5

Error: (03/15/2014 04:42:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x52f977fe
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x531c2427
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002150e
ID des fehlerhaften Prozesses: 0xe0c
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
Vollständiger Name des fehlerhaften Pakets: csgo.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: csgo.exe5

Error: (03/15/2014 02:48:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x52f977fe
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x531c2427
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002150e
ID des fehlerhaften Prozesses: 0xc10
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
Vollständiger Name des fehlerhaften Pakets: csgo.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: csgo.exe5

Error: (03/15/2014 01:14:07 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/14/2014 11:31:43 PM) (Source: LogMeIn Guardian) (User: NT-AUTORITÄT)
Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: '1cc25d7d7e7a81b6200bf34f925a1d14'.

Error: (03/14/2014 09:18:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x52f977fe
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x531c2427
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002150e
ID des fehlerhaften Prozesses: 0x15f8
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
Vollständiger Name des fehlerhaften Pakets: csgo.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: csgo.exe5

Error: (03/14/2014 06:32:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x52f977fe
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x531c2427
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002150e
ID des fehlerhaften Prozesses: 0x27a0
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
Vollständiger Name des fehlerhaften Pakets: csgo.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: csgo.exe5

Error: (03/14/2014 09:08:12 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MRT.exe, Version: 5.9.9902.0, Zeitstempel: 0x52f1a7d9
Name des fehlerhaften Moduls: mpgear.dll, Version: 1.1.1224.0, Zeitstempel: 0x528c12f6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001b48a
ID des fehlerhaften Prozesses: 0x2500
Startzeit der fehlerhaften Anwendung: 0xMRT.exe0
Pfad der fehlerhaften Anwendung: MRT.exe1
Pfad des fehlerhaften Moduls: MRT.exe2
Berichtskennung: MRT.exe3
Vollständiger Name des fehlerhaften Pakets: MRT.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MRT.exe5

Error: (03/14/2014 07:50:53 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/14/2014 00:43:24 AM) (Source: LogMeIn Guardian) (User: NT-AUTORITÄT)
Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: '1526c8768a587b6241a033f8035314b3'.


System errors:
=============
Error: (03/16/2014 01:51:02 AM) (Source: DCOM) (User: 7800_PUB)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/16/2014 01:50:32 AM) (Source: DCOM) (User: 7800_PUB)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/16/2014 01:50:02 AM) (Source: DCOM) (User: 7800_PUB)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/16/2014 01:46:06 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/15/2014 01:15:27 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/14/2014 11:31:43 PM) (Source: Service Control Manager) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (03/14/2014 00:49:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/14/2014 00:43:24 AM) (Source: Service Control Manager) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2014 01:45:05 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/11/2014 06:15:46 AM) (Source: Service Control Manager) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 3567.3 MB
Available physical RAM: 2540.36 MB
Total Pagefile: 7151.3 MB
Available Pagefile: 5894.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:91.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 665E6B6C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Hab das etwas bei der Addition.txt was gesehen wegen Hamachi unerwartet beendet. Normaler weise starte Hamachi automatisch beim start des Desktops doch manchmal steht ''Verbindung zum Tunneling Engine konnt nicht hergestellt werden''.


Alt 16.03.2014, 17:57   #6
schrauber
/// the machine
/// TB-Ausbilder
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Die Error Meldungen aus dem Event Viewer kann man getrost ignorieren, da steht jeder Furz drin.

Hast Du aktuell PRobleme mit dem System?
__________________
--> OpenCandy lässt Grüssen

Alt 17.03.2014, 12:37   #7
TheNoobly
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Wie meinst du mit Probleme?

Das einzige dass mir gerade einfällt ist dass seit dem ich diesen Virus habe FireFox oft gefriert.^^

weiss aber nicht obs jetzt mit dem zusammen hängt.
Ist mein Desktop jetzt sauber?
Alt 18.03.2014, 10:41   #8
schrauber
/// the machine
/// TB-Ausbilder
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Logs sind sauber. Ich würd aber mal mit dem Bittorrent Käse aufhören
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.03.2014, 16:47   #9
TheNoobly
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Zitat:
Zitat von schrauber Beitrag anzeigen
Logs sind sauber. Ich würd aber mal mit dem Bittorrent Käse aufhören


An was kann denn das liegen dass der Desktop lange braucht um die Dateien zu laden ich hab in erst vor kurzem Defragmentiert?

Alt 19.03.2014, 13:11   #10
schrauber
/// the machine
/// TB-Ausbilder
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Autostart vollgemüllt, Antivirenprogramm testweise mal deinstallieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.03.2014, 23:33   #11
TheNoobly
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Dies ist das Bild.

Windows Defender hat mir NIE etwas von denen angezeigt

Sind diese Dateien noch auf meinem PC troz der reinigung die ich vorher mit dir gemacht habe?

Gruss Osman

Alt 27.03.2014, 23:34   #12
TheNoobly
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Einfach unbennant
Angehängte Grafiken
Dateityp: jpg Unbenannt.jpg (109,9 KB, 165x aufgerufen)

Alt 28.03.2014, 13:58   #13
schrauber
/// the machine
/// TB-Ausbilder
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Nein, das sind Tempfiles, lass TFC laufen dann passt das
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.03.2014, 20:45   #14
TheNoobly
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Zitat:
Zitat von schrauber Beitrag anzeigen
Nein, das sind Tempfiles, lass TFC laufen dann passt das
Danke Habs gemacht

Alt 29.03.2014, 10:07   #15
schrauber
/// the machine
/// TB-Ausbilder
 
OpenCandy lässt Grüssen - Standard

OpenCandy lässt Grüssen


Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu OpenCandy lässt Grüssen
administrator, anti-malware, appdata, dateien, files, hallo zusammen, malwarebytes, poweriso, pup.optional.crossrider, pup.optional.iminent.a, pup.optional.opencandy, pup.optional.pcperformer.a, pup.optional.pricepeep.a, pup.optional.smart, pup.optional.wajam, roaming, speicher, version


« Falscher Alarm? Xhamst...JS:Includer-BAO [Trj] {gzip} | websearch.exitingsearch trojaner »


Ähnliche Themen: OpenCandy lässt Grüssen


  1. PUA.OpenCandy.Gen & KipodToolsCby - Wie bereinigen?
    Plagegeister aller Art und deren Bekämpfung - 16.11.2015 (11)
  2. Falscher Alarm von AVG? OpenCandy 139
    Plagegeister aller Art und deren Bekämpfung - 03.01.2015 (3)
  3. OpenCandy blocken?
    Diskussionsforum - 26.12.2014 (9)
  4. pup.optional.opencandy
    Plagegeister aller Art und deren Bekämpfung - 15.10.2014 (11)
  5. Windows7: PUPOptional.OpenCandy in C:\Users\*****\AppData\Roaming\OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 07.02.2014 (7)
  6. Pup.Optional.OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 26.12.2013 (9)
  7. Pup.Optional.OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 04.11.2013 (3)
  8. OpenCandy entfernen
    Anleitungen, FAQs & Links - 03.11.2013 (2)
  9. ADWARE/OpenCandy.0.4
    Log-Analyse und Auswertung - 29.10.2013 (19)
  10. PUP.Optional.OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 24.10.2013 (32)
  11. PUP.Optional.OpenCandy gefunden und nun?
    Log-Analyse und Auswertung - 16.10.2013 (11)
  12. PUP.Optional.OpenCandy
    Log-Analyse und Auswertung - 08.10.2013 (17)
  13. Windows 7: PUP.Optional.OpenCandy
    Log-Analyse und Auswertung - 19.09.2013 (29)
  14. PUP.Optional.OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (20)
  15. PUP.Optional.OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (11)
  16. Optimize Pro / OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 16.08.2013 (12)
  17. Adware/win32/opencandy
    Log-Analyse und Auswertung - 07.01.2013 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema OpenCandy lässt Grüssen - Hallo Zusammen Leider hab ich mir schon wieder den Virus OpenCandy Eingefangen Windows Defender (win8) hat ihn danach ''Gelöscht''. Doch Malwarebytes zeigt an das mein rechner noch Infiziert ist obwol - OpenCandy lässt Grüssen...
Archiv
Du betrachtest: OpenCandy lässt Grüssen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129