| |
| |||||||
Log-Analyse und Auswertung: Win 7 (firefox ) : Avast blockt URL:Mal auf YoutubeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
26.03.2014, 13:46
| #1 |
 |  Win 7 (firefox ) : Avast blockt URL:Mal auf Youtube Hi, wie beschrieben ging heute zwei Mal avast! los, mit der Meldung ,dass es URL:Mal im Firefox blockiert hat. Dies passierte während ich auf youtube unterwegs war. Aufgeführte seite war : h***s://yt3.ggpht.com . Ich schätze das in meiner bescheidenen Erfahrung als False-Positiv ein, aber dennoch hier die logs, damit vlt wer einen Blick darauf werfen kann. Danke und Grüße FSRT: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by maxmuster (administrator) on PCMAX on 26-03-2014 13:21:27
Running from C:\Users\maxmuster\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\XInputWrapper\ScpServer\ScpService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Sytems Incorporated) C:\Program Files x86\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-17] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] - c:\Program Files x86\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\4b6a4e12-bc61-46be-b8b7-62a8ac6fe0bf.exe /check [181136 2014-03-26] (AVAST Software)
HKU\.DEFAULT\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-08-12] (Autodesk, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-24] (Microsoft Corporation)
HKU\S-1-5-21-3274857869-3326876280-1953430734-1000\...\Run: [ASRock A-Tuning] - [X]
HKU\S-1-5-21-3274857869-3326876280-1953430734-1000\...\Run: [ASRockHDMISwitch] - [X]
HKU\S-1-5-21-3274857869-3326876280-1953430734-1000\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2013-11-22] (FNet Co., Ltd.)
HKU\S-1-5-21-3274857869-3326876280-1953430734-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3274857869-3326876280-1953430734-1000\...\MountPoints2: {0551b247-53ab-11e3-9ab5-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-21-3274857869-3326876280-1953430734-1000\...\Winlogon: [Shell] expstart.exe [925184 2014-02-09] () <==== ATTENTION
Startup: C:\Users\maxmuster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0FFA35A88AE7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default
FF Homepage: www.netvibes.com
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*'))%20%7B%20return%20'PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "backup.ftp", "www-proxy.t-online.de"
FF NetworkProxy: "backup.ftp_port", 80
FF NetworkProxy: "backup.socks", "www-proxy.t-online.de"
FF NetworkProxy: "backup.socks_port", 80
FF NetworkProxy: "backup.ssl", "www-proxy.t-online.de"
FF NetworkProxy: "backup.ssl_port", 80
FF NetworkProxy: "ftp", "www-proxy.t-online.de"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "www-proxy.t-online.de"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "www-proxy.t-online.de"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyProxy Standard - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\foxyproxy@eric.h.jung [2014-02-05]
FF Extension: YouTube Unblocker - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\youtubeunblocker@unblocker.yt [2014-03-01]
FF Extension: mediaplayerconnectivity - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2013-11-22]
FF Extension: Telekom YouTube Turbo - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\info@maltegoetz.de.xpi [2013-11-22]
FF Extension: Media Hint - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\mediahint@jetpack.xpi [2013-11-22]
FF Extension: Speed Dial - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-11-22]
FF Extension: NoScript - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-22]
FF Extension: Modify Headers - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2013-11-22]
FF Extension: Adblock Plus - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-22]
FF Extension: DownThemAll! - C:\Users\maxmuster\AppData\Roaming\Mozilla\Firefox\Profiles\l7dv336j.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-22]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-19]
CHR Extension: (Google Drive) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-19]
CHR Extension: (YouTube) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-19]
CHR Extension: (Google-Suche) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-19]
CHR Extension: (AdBlock) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-19]
CHR Extension: (avast! Online Security) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-19]
CHR Extension: (Google Mail) - C:\Users\maxmuster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-22]
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-03-13] (Adobe Systems)
S3 Adobe Version Cue CS2; c:\Program Files x86\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-17] (AVAST Software)
R2 Ds3Service; C:\Program Files (x86)\XInputWrapper\ScpServer\ScpService.exe [381952 2013-12-18] (Scarlet.Crush Productions)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-02-16] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-10] ()
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
==================== Drivers (Whitelisted) ====================
R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2013-11-22] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-17] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-09] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-02-08] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-11-22] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-03-26] ()
S3 GPU-Z; \??\C:\Users\MAXMUS~1\AppData\Local\Temp\GPU-Z.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-26 13:21 - 2014-03-26 13:21 - 00021221 _____ () C:\Users\maxmuster\Desktop\FRST.txt
2014-03-26 13:21 - 2014-03-26 13:21 - 00000000 ____D () C:\FRST
2014-03-26 13:20 - 2014-03-26 13:20 - 02157056 _____ (Farbar) C:\Users\maxmuster\Desktop\FRST64.exe
2014-03-26 13:20 - 2014-03-26 13:20 - 00000480 _____ () C:\Users\maxmuster\Desktop\defogger_disable.log
2014-03-26 13:20 - 2014-03-26 13:20 - 00000000 _____ () C:\Users\maxmuster\defogger_reenable
2014-03-26 13:19 - 2014-03-26 13:19 - 00050477 _____ () C:\Users\maxmuster\Desktop\Defogger.exe
2014-03-18 14:56 - 2014-03-18 14:56 - 00000222 _____ () C:\Users\maxmuster\Desktop\Dishonored.url
2014-03-17 15:49 - 2014-03-17 15:49 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\NVIDIA Corporation
2014-03-17 15:47 - 2014-03-17 15:47 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\NVIDIA
2014-03-17 15:47 - 2014-02-05 10:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-17 15:47 - 2014-02-05 10:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-03-17 15:46 - 2014-03-17 15:49 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-17 15:46 - 2014-03-04 15:35 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-17 15:46 - 2014-03-04 15:35 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-17 15:46 - 2014-03-04 14:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-17 15:46 - 2014-03-04 14:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-17 15:46 - 2014-03-04 14:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-17 15:46 - 2014-03-04 14:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-17 15:46 - 2014-03-04 14:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-17 15:46 - 2014-03-04 14:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-17 15:46 - 2014-03-04 14:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-17 15:46 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-17 15:45 - 2014-03-17 15:45 - 00000000 ____D () C:\NVIDIA
2014-03-17 15:45 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-17 15:45 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-17 15:45 - 2014-03-04 15:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-17 15:45 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-03-17 15:45 - 2013-12-27 19:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-17 15:45 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-03-17 15:45 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-03-17 15:45 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-03-17 15:44 - 2014-03-26 12:07 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-03-17 15:23 - 2014-03-17 15:37 - 00000000 _____ () C:\Windows\SysWOW64\DllHost.exe.Z-missing.txt
2014-03-17 15:01 - 2014-03-17 15:01 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-17 13:59 - 2014-03-17 13:59 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\WindowsApplication1
2014-03-17 13:56 - 2014-03-17 13:56 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-17 13:56 - 2014-03-17 13:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-17 12:20 - 2014-03-17 12:20 - 00000221 _____ () C:\Users\maxmuster\Desktop\Metro Last Light.url
2014-03-16 18:31 - 2014-03-16 18:31 - 00001856 _____ () C:\Users\maxmuster\Desktop\Arma 3 nur JSRS2.0.lnk
2014-03-16 18:16 - 2014-03-16 18:16 - 00000000 ____D () C:\Users\maxmuster\Documents\4A Games
2014-03-16 18:07 - 2014-03-16 18:07 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\4A Games
2014-03-16 12:54 - 2014-03-16 12:54 - 00000219 _____ () C:\Users\maxmuster\Desktop\Counter-Strike Global Offensive.url
2014-03-15 01:47 - 2014-03-15 01:47 - 00000000 ____D () C:\ProgramData\Codemasters
2014-03-13 19:12 - 2014-03-13 19:12 - 00009293 _____ () C:\Windows\SysWOW64\rundll32.exe.Z-missing.txt
2014-03-13 19:09 - 2014-03-13 19:09 - 00003222 _____ () C:\Windows\System32\Tasks\{9A99EE07-5ACD-44D9-9094-6E98077DB30F}
2014-03-13 18:49 - 2014-03-13 18:49 - 00003222 _____ () C:\Windows\System32\Tasks\{5833A531-B03A-45A0-88F4-BBBA6D6815C9}
2014-03-13 18:35 - 2014-03-13 18:35 - 00000000 ____D () C:\Creative Suite CS2
2014-03-12 01:46 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 01:46 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 01:46 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 01:46 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 01:46 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 01:46 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 01:46 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 01:46 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 01:46 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 01:46 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 01:46 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 01:46 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 01:46 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 01:46 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 01:46 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 01:46 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 01:46 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 01:46 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 01:46 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 01:46 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 01:46 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 01:46 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 01:46 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 01:46 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 01:46 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 01:46 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 01:46 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 01:46 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 01:46 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 01:46 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 01:46 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 01:46 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 01:46 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 01:46 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 01:46 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 01:46 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 01:46 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 01:46 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 01:46 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 01:46 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 01:46 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 01:46 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 01:46 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 01:46 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 01:43 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 01:43 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 01:43 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 01:43 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 18:08 - 2014-03-11 13:50 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-10 18:06 - 2014-03-10 18:08 - 00000000 ____D () C:\Users\maxmuster\Documents\Battlefield 3
2014-03-10 14:19 - 2014-03-10 14:19 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVIcodec
2014-03-10 14:19 - 2014-03-10 14:19 - 00000000 ____D () C:\Program Files (x86)\AVIcodec
2014-03-09 20:26 - 2014-03-09 20:40 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Audacity
2014-03-09 20:26 - 2014-03-09 20:26 - 00001017 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-03-09 20:26 - 2014-03-09 20:26 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-03-09 14:13 - 2014-03-09 14:13 - 00000000 ____D () C:\Users\maxmuster\Documents\EA Games
2014-03-09 11:49 - 2014-03-09 11:49 - 00000663 _____ () C:\Users\maxmuster\Music.lnk
2014-03-08 23:09 - 2014-03-08 23:09 - 00000706 _____ () C:\Users\maxmuster\Desktop\Uplay.lnk
2014-03-07 18:34 - 2014-03-07 18:35 - 00002062 _____ () C:\Users\maxmuster\Desktop\Arma 3 Mods.lnk
2014-03-06 10:19 - 2014-03-06 10:19 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\OpenOffice
2014-03-06 10:16 - 2014-03-06 10:16 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-06 10:16 - 2014-03-06 10:16 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-04 19:37 - 2014-03-04 19:37 - 00001981 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-03-04 19:37 - 2014-03-04 19:37 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-03-04 19:37 - 2014-03-04 19:37 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-03-04 19:35 - 2014-03-07 10:38 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\Overwolf
2014-02-28 11:44 - 2014-02-28 11:44 - 00078997 _____ () C:\Users\maxmuster\Documents\EVEMon_Settings_4125.xml.bak
2014-02-28 11:44 - 2014-02-28 11:44 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
2014-02-26 15:08 - 2014-02-26 15:08 - 00000000 ____D () C:\Users\maxmuster\Documents\MercurySteam
==================== One Month Modified Files and Folders =======
2014-03-26 13:21 - 2014-03-26 13:21 - 00021221 _____ () C:\Users\maxmuster\Desktop\FRST.txt
2014-03-26 13:21 - 2014-03-26 13:21 - 00000000 ____D () C:\FRST
2014-03-26 13:20 - 2014-03-26 13:20 - 02157056 _____ (Farbar) C:\Users\maxmuster\Desktop\FRST64.exe
2014-03-26 13:20 - 2014-03-26 13:20 - 00000480 _____ () C:\Users\maxmuster\Desktop\defogger_disable.log
2014-03-26 13:20 - 2014-03-26 13:20 - 00000000 _____ () C:\Users\maxmuster\defogger_reenable
2014-03-26 13:20 - 2013-11-22 14:20 - 00000000 ____D () C:\Users\maxmuster
2014-03-26 13:19 - 2014-03-26 13:19 - 00050477 _____ () C:\Users\maxmuster\Desktop\Defogger.exe
2014-03-26 12:39 - 2014-02-19 13:34 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 12:23 - 2013-11-22 15:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 12:14 - 2009-07-14 05:45 - 00015264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 12:14 - 2009-07-14 05:45 - 00015264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 12:12 - 2009-07-14 18:58 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-03-26 12:12 - 2009-07-14 18:58 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-03-26 12:12 - 2009-07-14 06:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-26 12:10 - 2013-11-22 14:20 - 01084312 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 12:07 - 2014-03-17 15:44 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-03-26 12:07 - 2014-02-19 13:34 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 12:07 - 2013-11-22 14:50 - 00346210 _____ () C:\Windows\PFRO.log
2014-03-26 12:07 - 2013-11-22 14:50 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-03-26 12:07 - 2013-11-22 14:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-26 12:07 - 2013-11-22 14:42 - 00002982 _____ () C:\Windows\System32\Tasks\HDMISwitch
2014-03-26 12:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 12:07 - 2009-07-14 05:51 - 00074368 _____ () C:\Windows\setupact.log
2014-03-25 23:09 - 2014-02-07 01:54 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DE730A60-1903-4767-ADA3-ACDB8E425169}
2014-03-25 16:16 - 2013-11-22 14:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-25 01:20 - 2013-11-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-23 22:54 - 2013-12-18 19:31 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\DayZ
2014-03-23 02:17 - 2014-02-09 22:30 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\vlc
2014-03-19 16:58 - 2014-02-21 16:03 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\Arma 3
2014-03-19 01:17 - 2014-01-10 00:11 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 01:17 - 2014-01-10 00:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 14:56 - 2014-03-18 14:56 - 00000222 _____ () C:\Users\maxmuster\Desktop\Dishonored.url
2014-03-17 15:49 - 2014-03-17 15:49 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\NVIDIA Corporation
2014-03-17 15:49 - 2014-03-17 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-17 15:48 - 2013-11-22 16:06 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\NVIDIA
2014-03-17 15:47 - 2014-03-17 15:47 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\NVIDIA
2014-03-17 15:47 - 2013-11-22 14:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-17 15:47 - 2013-11-22 14:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-17 15:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-03-17 15:45 - 2014-03-17 15:45 - 00000000 ____D () C:\NVIDIA
2014-03-17 15:39 - 2013-11-22 16:05 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-03-17 15:39 - 2013-11-22 16:05 - 00003632 _____ () C:\Windows\LkmdfCoInst.log
2014-03-17 15:37 - 2014-03-17 15:23 - 00000000 _____ () C:\Windows\SysWOW64\DllHost.exe.Z-missing.txt
2014-03-17 15:01 - 2014-03-17 15:01 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-17 13:59 - 2014-03-17 13:59 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\WindowsApplication1
2014-03-17 13:56 - 2014-03-17 13:56 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-17 13:56 - 2014-03-17 13:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-17 12:20 - 2014-03-17 12:20 - 00000221 _____ () C:\Users\maxmuster\Desktop\Metro Last Light.url
2014-03-16 18:39 - 2013-11-22 15:59 - 00000000 ____D () C:\ProgramData\Origin
2014-03-16 18:39 - 2013-11-22 15:59 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-16 18:31 - 2014-03-16 18:31 - 00001856 _____ () C:\Users\maxmuster\Desktop\Arma 3 nur JSRS2.0.lnk
2014-03-16 18:30 - 2014-02-21 18:46 - 00000590 _____ () C:\Users\maxmuster\Desktop\hwmonitorw.ini
2014-03-16 18:16 - 2014-03-16 18:16 - 00000000 ____D () C:\Users\maxmuster\Documents\4A Games
2014-03-16 18:07 - 2014-03-16 18:07 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\4A Games
2014-03-16 18:05 - 2013-11-22 15:38 - 00778392 _____ () C:\Windows\DirectX.log
2014-03-16 12:54 - 2014-03-16 12:54 - 00000219 _____ () C:\Users\maxmuster\Desktop\Counter-Strike Global Offensive.url
2014-03-15 01:47 - 2014-03-15 01:47 - 00000000 ____D () C:\ProgramData\Codemasters
2014-03-15 01:46 - 2013-11-22 17:42 - 00000000 ____D () C:\Users\maxmuster\Documents\my games
2014-03-14 15:29 - 2013-11-23 21:18 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-03-14 15:29 - 2013-11-23 20:20 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-14 15:29 - 2013-11-23 20:20 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-03-14 13:32 - 2009-07-14 05:45 - 00378640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 22:00 - 2013-11-22 19:47 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-13 21:57 - 2013-11-22 14:29 - 00098840 _____ () C:\Users\maxmuster\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-13 19:13 - 2013-11-22 22:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-13 19:13 - 2013-11-22 15:18 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Adobe
2014-03-13 19:13 - 2013-11-22 15:15 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\Adobe
2014-03-13 19:12 - 2014-03-13 19:12 - 00009293 _____ () C:\Windows\SysWOW64\rundll32.exe.Z-missing.txt
2014-03-13 19:09 - 2014-03-13 19:09 - 00003222 _____ () C:\Windows\System32\Tasks\{9A99EE07-5ACD-44D9-9094-6E98077DB30F}
2014-03-13 18:49 - 2014-03-13 18:49 - 00003222 _____ () C:\Windows\System32\Tasks\{5833A531-B03A-45A0-88F4-BBBA6D6815C9}
2014-03-13 18:42 - 2013-11-22 22:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-13 18:35 - 2014-03-13 18:35 - 00000000 ____D () C:\Creative Suite CS2
2014-03-13 18:23 - 2013-11-22 14:56 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\CrashDumps
2014-03-13 01:14 - 2013-11-27 23:00 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\TS3Client
2014-03-13 00:46 - 2013-11-22 15:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 00:46 - 2013-11-22 15:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 00:46 - 2013-11-22 15:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 13:50 - 2014-03-10 18:08 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-10 22:46 - 2013-11-23 20:20 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-10 18:08 - 2014-03-10 18:06 - 00000000 ____D () C:\Users\maxmuster\Documents\Battlefield 3
2014-03-10 14:19 - 2014-03-10 14:19 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVIcodec
2014-03-10 14:19 - 2014-03-10 14:19 - 00000000 ____D () C:\Program Files (x86)\AVIcodec
2014-03-09 20:40 - 2014-03-09 20:26 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Audacity
2014-03-09 20:26 - 2014-03-09 20:26 - 00001017 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-03-09 20:26 - 2014-03-09 20:26 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-03-09 14:13 - 2014-03-09 14:13 - 00000000 ____D () C:\Users\maxmuster\Documents\EA Games
2014-03-09 11:49 - 2014-03-09 11:49 - 00000663 _____ () C:\Users\maxmuster\Music.lnk
2014-03-08 23:13 - 2014-01-10 10:55 - 00000000 ____D () C:\Users\maxmuster\Documents\Ubisoft
2014-03-08 23:13 - 2013-11-22 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-08 23:09 - 2014-03-08 23:09 - 00000706 _____ () C:\Users\maxmuster\Desktop\Uplay.lnk
2014-03-08 22:46 - 2013-11-23 21:13 - 00000000 ____D () C:\Users\maxmuster\Documents\BioWare
2014-03-08 16:08 - 2013-11-22 18:42 - 00000000 ____D () C:\Games
2014-03-07 18:35 - 2014-03-07 18:34 - 00002062 _____ () C:\Users\maxmuster\Desktop\Arma 3 Mods.lnk
2014-03-07 18:33 - 2014-02-21 11:02 - 00000222 _____ () C:\Users\maxmuster\Desktop\Arma 3.url
2014-03-07 10:38 - 2014-03-04 19:35 - 00000000 ____D () C:\Users\maxmuster\AppData\Local\Overwolf
2014-03-06 10:19 - 2014-03-06 10:19 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\OpenOffice
2014-03-06 10:16 - 2014-03-06 10:16 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-06 10:16 - 2014-03-06 10:16 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-04 19:37 - 2014-03-04 19:37 - 00001981 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-03-04 19:37 - 2014-03-04 19:37 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-03-04 19:37 - 2014-03-04 19:37 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-03-04 15:35 - 2014-03-17 15:46 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 15:35 - 2014-03-17 15:46 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-17 15:45 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2014-03-17 15:45 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2014-03-17 15:46 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2014-03-17 15:46 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2014-03-17 15:46 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 14:05 - 2014-03-17 15:46 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2014-03-17 15:46 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2014-03-17 15:46 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2014-03-17 15:46 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-17 15:46 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-01 07:05 - 2014-03-12 01:46 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 01:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 01:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 01:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 01:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 01:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 01:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 01:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 01:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 01:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 01:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 01:46 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 01:46 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 01:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 01:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 01:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 01:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 01:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 01:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 01:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 01:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 01:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 01:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 01:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 01:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 01:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 01:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 01:46 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 01:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 01:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 01:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 01:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 01:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 01:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 01:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 01:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 01:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 01:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 01:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 11:45 - 2014-01-11 21:35 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\EVEMon
2014-02-28 11:44 - 2014-02-28 11:44 - 00078997 _____ () C:\Users\maxmuster\Documents\EVEMon_Settings_4125.xml.bak
2014-02-28 11:44 - 2014-02-28 11:44 - 00000000 ____D () C:\Users\maxmuster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
2014-02-28 11:44 - 2014-01-11 20:33 - 00000000 ____D () C:\Program Files (x86)\EVEMon
2014-02-27 16:22 - 2013-11-22 14:37 - 01597378 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 15:08 - 2014-02-26 15:08 - 00000000 ____D () C:\Users\maxmuster\Documents\MercurySteam
Some content of TEMP:
====================
C:\Users\maxmuster\AppData\Local\Temp\AcDeltree.exe
C:\Users\maxmuster\AppData\Local\Temp\COMAP.EXE
C:\Users\maxmuster\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\maxmuster\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\maxmuster\AppData\Local\Temp\iv_uninstall.exe
C:\Users\maxmuster\AppData\Local\Temp\LMkRstPt.exe
C:\Users\maxmuster\AppData\Local\Temp\Nexus%20Mod%20Manager-0.46.0.exe
C:\Users\maxmuster\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\maxmuster\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\maxmuster\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\maxmuster\AppData\Local\Temp\nvStInst.exe
C:\Users\maxmuster\AppData\Local\Temp\sonarinst.exe
C:\Users\maxmuster\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\maxmuster\AppData\Local\Temp\ubiB383.tmp.exe
C:\Users\maxmuster\AppData\Local\Temp\Uninstaller-6660.exe
C:\Users\maxmuster\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\maxmuster\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-20 20:54
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by maxmuster at 2014-03-26 13:21:39
Running from C:\Users\maxmuster\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Adobe Version Cue CS2 (x32 Version: 2.0 - Adobe Systems, Inc.) Hidden
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASRock HDMI Switch v1.0.12 (HKLM-x32\...\ASRock HDMI Switch_is1) (Version: 1.0.12 - )
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.0 - ASUS)
A-Tuning v1.0.36 (HKLM-x32\...\A-Tuning_is1) (Version: 1.0.36 - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoCAD 2014 - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.7.0.802 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Deutsch (German) (HKLM\...\AutoCAD 2014 - Deutsch (German)) (Version: 19.1.18.0 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
AVIcodec (remove only) (HKLM-x32\...\AVIcodec) (Version: - )
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version: - CCP Games Ltd.)
EveHQ (HKLM-x32\...\EveHQ) (Version: - )
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.5.4162 - battleclinic.com)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FIFA 14 Demo (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}) (Version: 13.0.0.0 - mental ray)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.3 - MSI)
MSI Kombustor 2.5.5 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.47.2 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{FE8E927E-8099-4C6B-A337-1CAB00E213C7}) (Version: 0.50.310 - Overwolf)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skywind version 0.9.0.1 (PR) (HKLM-x32\...\{FC5DEED4-7616-415A-8C0E-C9E2EEA55769}_is1) (Version: 0.9.0.1 (PR) - Skywind Team)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - Yager)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)
==================== Restore Points =========================
15-03-2014 21:26:20 DirectX wurde installiert
16-03-2014 17:05:26 DirectX wurde installiert
17-03-2014 13:01:08 Windows-Sicherung
17-03-2014 14:01:23 NVIDIA PhysX wird entfernt
17-03-2014 14:01:37 NVIDIA PhysX wird installiert
17-03-2014 14:47:03 DirectX wurde installiert
18-03-2014 09:52:25 Windows Update
19-03-2014 00:16:53 Windows Update
25-03-2014 15:20:34 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00DC02F8-62D7-486E-AE3F-8E3F64A31A50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {105186BB-D57C-47D7-808C-448E9ECB44DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-19] (Google Inc.)
Task: {3217EBEE-C9D8-4C7E-9258-45264E502CBF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5E6C66BA-0120-497A-97FD-4EC9448479A5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-17] (AVAST Software)
Task: {60328899-3499-44ED-BCA9-A82668DB2557} - System32\Tasks\HDMISwitch => C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe [2013-05-06] ()
Task: {636F5C5B-403E-4712-A131-84BD3A305DE1} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {C128161A-2280-41FC-9366-FC4306F3F337} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {E27F2F43-8F19-4BE8-B292-45B61585EA19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-17 15:46 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-11-22 14:42 - 2013-05-06 21:49 - 01841416 _____ () C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-11-23 20:20 - 2014-03-10 22:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-26 00:17 - 2014-03-25 22:24 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032501\algo.dll
2014-03-26 12:07 - 2014-03-26 10:30 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032601\algo.dll
2013-11-22 14:36 - 2013-11-22 14:36 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-09 15:32 - 2013-11-28 12:14 - 00013824 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2014-01-09 15:32 - 2013-11-28 18:59 - 00098816 _____ () C:\Program Files (x86)\Samsung Magician\PAL.dll
2014-01-09 15:32 - 2013-11-28 18:59 - 00034304 _____ () C:\Program Files (x86)\Samsung Magician\SATA.dll
2014-01-09 15:32 - 2013-11-28 18:59 - 00032768 _____ () C:\Program Files (x86)\Samsung Magician\SAT.dll
2014-01-09 15:32 - 2013-11-28 19:00 - 00031232 _____ () C:\Program Files (x86)\Samsung Magician\SMINI.dll
2014-01-09 15:32 - 2013-11-28 18:59 - 00029696 _____ () C:\Program Files (x86)\Samsung Magician\SAS.dll
2013-11-22 14:27 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-02-14 19:19 - 2014-02-14 19:19 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: Adobe Version Cue CS2 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/26/2014 09:57:02 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/25/2014 01:19:49 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/24/2014 00:25:39 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/24/2014 09:54:46 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/24/2014 00:16:07 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/23/2014 01:23:27 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/23/2014 10:28:55 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/22/2014 01:20:01 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/22/2014 00:55:47 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/21/2014 08:56:54 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
System errors:
=============
Error: (03/17/2014 03:43:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/17/2014 03:43:09 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (03/17/2014 03:43:09 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (03/17/2014 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/17/2014 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/17/2014 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/17/2014 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/17/2014 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/17/2014 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/17/2014 03:39:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (03/26/2014 09:57:02 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite2014\python\lib\distutils\command\wininst-8_d.exe
Error: (03/25/2014 01:19:49 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/24/2014 00:25:39 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/24/2014 09:54:46 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite2014\python\lib\distutils\command\wininst-8_d.exe
Error: (03/24/2014 00:16:07 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/23/2014 01:23:27 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/23/2014 10:28:55 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite2014\python\lib\distutils\command\wininst-8_d.exe
Error: (03/22/2014 01:20:01 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite2014\python\lib\distutils\command\wininst-8_d.exe
Error: (03/22/2014 00:55:47 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/21/2014 08:56:54 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 8122.51 MB
Available physical RAM: 5969.25 MB
Total Pagefile: 16243.2 MB
Available Pagefile: 13891.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:232.79 GB) (Free:88.7 GB) NTFS
Drive d: (Datengrab) (Fixed) (Total:1863.01 GB) (Free:1400.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 357B684A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 86A416E9)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-26 13:34:57
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000006b Samsung_ rev.EXT0 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\MAXMUS~1\AppData\Local\Temp\ugddapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[688] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\services.exe[748] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\winlogon.exe[776] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[904] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[988] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[1012] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Windows\System32\svchost.exe[680] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[288] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1048] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1084] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1344] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1448] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[1456] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\explorer.exe[1808] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1912] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\taskhost.exe[1920] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1996] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1676] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files (x86)\XInputWrapper\ScpServer\ScpService.exe[1716] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2072] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[2644] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2696] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[2748] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 00000000747f1a22 2 bytes [7F, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 00000000747f1ad0 2 bytes [7F, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 00000000747f1b08 2 bytes [7F, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 00000000747f1bba 2 bytes [7F, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 00000000747f1bda 2 bytes [7F, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077011465 2 bytes [01, 77]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770114bb 2 bytes [01, 77]
.text ... * 2
.text C:\Windows\system32\svchost.exe[2884] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2940] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\wbem\wmiprvse.exe[1296] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3280] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Windows\system32\conhost.exe[3308] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3404] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3520] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077011465 2 bytes [01, 77]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770114bb 2 bytes [01, 77]
.text ... * 2
.text C:\Program Files\Logitech Gaming Software\LCore.exe[3728] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[3736] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files (x86)\XFastUSB\XFastUsb.exe[3772] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[3808] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3856] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files x86\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe[3892] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4748] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe[2552] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe[2552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077011465 2 bytes [01, 77]
.text C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe[2552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770114bb 2 bytes [01, 77]
.text ... * 2
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[5916] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5816] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077011465 2 bytes [01, 77]
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770114bb 2 bytes [01, 77]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[3928] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[848] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077011465 2 bytes [01, 77]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770114bb 2 bytes [01, 77]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[1664] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
.text C:\Windows\system32\AUDIODG.EXE[3992] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189 0000000076d9eecd 1 byte [62]
.text C:\Users\maxmuster\Desktop\Gmer-19357.exe[3708] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000075e2a2ba 1 byte [62]
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001a7dda7109
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001a7dda7109@64a769a2281a 0x5E 0xDE 0xD0 0x03 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001a7dda7109 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001a7dda7109@64a769a2281a 0x5E 0xDE 0xD0 0x03 ...
---- EOF - GMER 2.1 ----
|
|
26.03.2014, 13:57
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win 7 (firefox ) : Avast blockt URL:Mal auf Youtube Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
26.03.2014, 14:11
| #3 |
| | Win 7 (firefox ) : Avast blockt URL:Mal auf Youtube hi, nein. Mit Funden eigentlich nichts.
__________________Das ist die nshield.log aus dem avast/log Ordner. Da sind noch 10 andere Logs, wo ich aber nichts rauslesen kann, hatte aber auch noch bei keinem Scan einen Anschlag. Code:
ATTFilter 22.03.2014 11:27:10 Network Shield: blocked access to malicious site hxxp://184.82.95.170/People/Paramore/hayley_williams_paramore_3150x4724_wallpaper_6871 ([184.82.95.170]:80) [ C:\Program Files (x86)\Mozilla Firefox\firefox.exe ( 5016 ) ]
26.03.2014 12:58:03 Network Shield: blocked access to malicious site https://yt3.ggpht.com ([173.194.32.236]:443) [ C:\Program Files (x86)\Mozilla Firefox\firefox.exe ( 4836 ) ]
26.03.2014 13:06:01 Network Shield: blocked access to malicious site https://yt3.ggpht.com ([173.194.32.236]:443) [ C:\Program Files (x86)\Mozilla Firefox\firefox.exe ( 4836 ) ]
26.03.2014 13:07:18 Network Shield: blocked access to malicious site https://yt3.ggpht.com ([173.194.69.132]:443) [ C:\Program Files (x86)\Mozilla Firefox\firefox.exe ( 5780 ) ]
|
|
26.03.2014, 14:42
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 (firefox ) : Avast blockt URL:Mal auf Youtube Lt. whois Suche gehört die Domain zu MarkMonitor => ggPht.com WHOIS, DNS, & Domain Info - DomainTools
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.03.2014, 16:45
| #5 |
| | Win 7 (firefox ) : Avast blockt URL:Mal auf Youtube das heißt: alles ok ? |
|
| Themen zu Win 7 (firefox ) : Avast blockt URL:Mal auf Youtube |
| .com, antivirus, blockiert, browser, cpu-z, entfernen, failed, fehler, firefox, firefox blockiert, flash player, helper, homepage, installation, launch, mozilla, port, programm, realtek, registry, rundll, s3.amazonaws.com, scan, security, services.exe, software, svchost.exe, system, url:mal, usb, wrapper |
Linear-Darstellung
