FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by engin (administrator) on ERGÜN on 24-03-2014 14:36:40
Running from C:\Users\engin\Desktop
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Speedbit Ltd.) C:\Program Files (x86)\DAP\DAP.exe
(W. Rolke) C:\Program Files\WR-Tools\GpuTemp\GpuTmp64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-03-29] (IDT, Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-01] (AVAST Software)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2358368056-3233348350-3724359345-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2358368056-3233348350-3724359345-1001\...\Run: [DownloadAccelerator] - C:\Program Files (x86)\DAP\DAP.EXE [4139664 2014-01-09] (Speedbit Ltd.)
Startup: C:\Users\engin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GpuTemp.lnk
ShortcutTarget: GpuTemp.lnk -> C:\Users\engin\AppData\Roaming\Microsoft\Installer\{0FFA85AB-D704-48A6-A009-25A0559152C3}\_1168EA9E829EB9D5F56A58.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.gametop.com/?utm_source=PoliceSupercarsRacing&utm_medium=start
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {8218E8BC-E228-4079-8CE7-6EA6CCCEA191} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: SpeedBit Link Verification Helper - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_client_4.5.13.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{87D4CFE8-D2D2-4ADF-86B4-1B860BF003F6}: [NameServer]62.109.121.1 62.109.121.2
FireFox:
========
FF ProfilePath: C:\Users\engin\AppData\Roaming\Mozilla\Firefox\Profiles\67mcx6lq.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1202122.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\windows\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\engin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\engin\AppData\Roaming\Mozilla\Firefox\Profiles\67mcx6lq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Adblock Plus - C:\Users\engin\AppData\Roaming\Mozilla\Firefox\Profiles\67mcx6lq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-13]
FF HKLM-x32\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files (x86)\DAP\daplinkchecker
FF Extension: DAP Link Checker - C:\Program Files (x86)\DAP\daplinkchecker [2014-01-09]
FF HKLM-x32\...\Firefox\Extensions: [searchpredict@speedbit.com] - C:\Program Files (x86)\SearchPredict\PRFireFox
FF HKLM-x32\...\Firefox\Extensions: [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] - C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files (x86)\DAP\DAPFireFox [2014-01-09]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-01] (AVAST Software)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-06-16] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe [68760 2008-12-27] (SiSoftware)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-01] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-10-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-18] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-01] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-01] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-01] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PDNMp50; C:\windows\SysWOW64\drivers\PDNMp50.sys [28224 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PDNSp50; C:\windows\SysWOW64\drivers\PDNSp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-07] (Duplex Secure Ltd.)
S3 CtClsFlt; \SystemRoot\system32\DRIVERS\CtClsFlt.sys [X]
S3 X6va012; \??\C:\windows\SysWOW64\Drivers\X6va012 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-24 14:36 - 2014-03-24 14:36 - 02157056 _____ (Farbar) C:\Users\engin\Desktop\FRST64.exe
2014-03-24 14:36 - 2014-03-24 14:36 - 00017732 _____ () C:\Users\engin\Desktop\FRST.txt
2014-03-23 12:59 - 2014-03-23 13:00 - 00000000 ____D () C:\Program Files (x86)\Alice
2014-03-23 12:59 - 2014-03-23 12:59 - 00000000 ____D () C:\Users\engin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alice
2014-03-23 12:51 - 2014-03-23 12:51 - 481899821 _____ () C:\windows\MEMORY.DMP
2014-03-23 12:51 - 2014-03-23 12:51 - 00636368 _____ () C:\windows\Minidump\032314-19437-01.dmp
2014-03-23 12:51 - 2014-03-23 12:51 - 00000000 ____D () C:\windows\Minidump
2014-03-18 19:41 - 2014-03-18 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-16 20:45 - 2014-03-16 20:46 - 00000103 _____ () C:\windows\setupact.log
2014-03-16 20:45 - 2014-03-16 20:45 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-03-16 20:45 - 2014-03-16 20:45 - 00000000 _____ () C:\windows\setuperr.log
2014-03-16 20:45 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-03-16 20:45 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-03-16 15:51 - 2014-03-20 22:50 - 00000000 ____D () C:\Users\Public\Documents\GTA San Andreas User Files
2014-03-16 15:46 - 2014-03-16 15:46 - 00003332 _____ () C:\windows\System32\Tasks\{C9168C70-2023-412F-A2AB-91F6BFFC33F6}
2014-03-16 15:44 - 2014-03-16 15:44 - 00000000 ____D () C:\Programme
2014-03-16 15:40 - 2014-03-16 15:40 - 00003240 _____ () C:\windows\System32\Tasks\{749A6B0F-6A94-4BFD-ABE7-5ECB8DB4BC55}
2014-03-16 15:30 - 2014-03-19 23:11 - 00000000 ____D () C:\Users\engin\Documents\GTA San Andreas User Files
2014-03-16 15:16 - 2014-03-16 15:24 - 00000000 ____D () C:\Users\engin\Documents\Bully Scholarship Edition
2014-03-16 00:29 - 2014-03-16 00:29 - 00000000 ____D () C:\Users\engin\Documents\Rockstar Games
2014-03-16 00:01 - 2014-03-16 00:01 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-03-15 23:45 - 2014-03-16 00:01 - 00000000 ____D () C:\Users\engin\AppData\Local\Rockstar Games
2014-03-15 23:45 - 2014-03-15 23:45 - 00178800 _____ (Sony DADC Austria AG.) C:\windows\SysWOW64\CmdLineExt_x64.dll
2014-03-15 23:45 - 2014-03-15 23:45 - 00000000 __RHD () C:\Users\engin\AppData\Roaming\SecuROM
2014-03-15 23:44 - 2014-03-16 15:16 - 00035066 _____ () C:\windows\DirectX.log
2014-03-15 21:03 - 2014-03-23 22:47 - 00889300 _____ () C:\windows\WindowsUpdate.log
2014-03-15 21:03 - 2014-03-15 21:03 - 00297352 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-13 11:54 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-03-13 11:54 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-03-13 11:53 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-13 11:53 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-13 11:53 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-03-13 11:53 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-03-13 11:53 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-13 11:53 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-13 11:53 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-13 11:53 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-13 11:53 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-13 11:53 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-13 11:53 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-13 11:53 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-13 11:53 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-13 11:53 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-13 11:53 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-13 11:53 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-03-13 11:53 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 11:53 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 11:53 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 11:53 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-13 11:53 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 11:53 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-03-13 11:53 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-03-04 21:24 - 2014-03-24 12:15 - 00003158 _____ () C:\windows\System32\Tasks\HPCeeScheduleForengin
2014-03-04 21:24 - 2014-03-24 12:15 - 00000344 _____ () C:\windows\Tasks\HPCeeScheduleForengin.job
2014-03-02 13:34 - 2014-03-02 13:34 - 00000000 ____D () C:\Users\engin\AppData\Local\HP Quick Start
2014-03-02 13:30 - 2014-03-02 13:30 - 00772680 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-03-02 13:30 - 2014-03-02 13:30 - 00078920 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-03-02 13:30 - 2014-03-02 13:30 - 00001101 _____ () C:\Users\Public\Desktop\HP Quick Start.lnk
2014-03-02 13:29 - 2014-03-02 13:29 - 00000000 ____D () C:\Users\engin\AppData\Roaming\WinBatch
==================== One Month Modified Files and Folders =======
2014-03-24 14:36 - 2014-03-24 14:36 - 02157056 _____ (Farbar) C:\Users\engin\Desktop\FRST64.exe
2014-03-24 14:36 - 2014-03-24 14:36 - 00017732 _____ () C:\Users\engin\Desktop\FRST.txt
2014-03-24 14:36 - 2013-11-15 19:21 - 00000000 ____D () C:\FRST
2014-03-24 14:35 - 2013-06-10 12:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-24 14:01 - 2013-01-12 16:58 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 14:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-24 13:33 - 2013-10-07 21:00 - 00000000 ____D () C:\Users\engin\Desktop\itunes ordner
2014-03-24 12:16 - 2012-12-15 12:37 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2358368056-3233348350-3724359345-1001
2014-03-24 12:15 - 2014-03-04 21:24 - 00003158 _____ () C:\windows\System32\Tasks\HPCeeScheduleForengin
2014-03-24 12:15 - 2014-03-04 21:24 - 00000344 _____ () C:\windows\Tasks\HPCeeScheduleForengin.job
2014-03-24 12:15 - 2012-12-15 12:29 - 00000000 ____D () C:\Users\engin
2014-03-24 00:07 - 2013-10-19 12:44 - 00000000 ____D () C:\Users\engin\AppData\Roaming\DarknessII
2014-03-23 22:47 - 2014-03-15 21:03 - 00889300 _____ () C:\windows\WindowsUpdate.log
2014-03-23 22:36 - 2013-07-09 21:46 - 00000000 ____D () C:\windows\system32\MRT
2014-03-23 22:36 - 2012-12-15 18:00 - 90015360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-23 22:36 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-03-23 13:05 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-03-23 13:00 - 2014-03-23 12:59 - 00000000 ____D () C:\Program Files (x86)\Alice
2014-03-23 12:59 - 2014-03-23 12:59 - 00000000 ____D () C:\Users\engin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alice
2014-03-23 12:59 - 2012-11-27 02:54 - 00745562 _____ () C:\windows\system32\perfh007.dat
2014-03-23 12:59 - 2012-11-27 02:54 - 00169488 _____ () C:\windows\system32\perfc007.dat
2014-03-23 12:59 - 2012-07-26 08:28 - 01752656 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-23 12:56 - 2012-12-23 13:03 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-23 12:56 - 2012-12-17 17:34 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-03-23 12:55 - 2012-12-20 10:46 - 00003918 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{80642D7E-65FC-4001-BC8A-3370BC88E6DF}
2014-03-23 12:52 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-23 12:51 - 2014-03-23 12:51 - 481899821 _____ () C:\windows\MEMORY.DMP
2014-03-23 12:51 - 2014-03-23 12:51 - 00636368 _____ () C:\windows\Minidump\032314-19437-01.dmp
2014-03-23 12:51 - 2014-03-23 12:51 - 00000000 ____D () C:\windows\Minidump
2014-03-23 12:51 - 2012-12-15 13:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-23 12:51 - 2012-11-26 18:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-22 14:01 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-20 22:50 - 2014-03-16 15:51 - 00000000 ____D () C:\Users\Public\Documents\GTA San Andreas User Files
2014-03-19 23:11 - 2014-03-16 15:30 - 00000000 ____D () C:\Users\engin\Documents\GTA San Andreas User Files
2014-03-18 19:41 - 2014-03-18 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-16 20:46 - 2014-03-16 20:45 - 00000103 _____ () C:\windows\setupact.log
2014-03-16 20:46 - 2012-11-26 17:59 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-16 20:45 - 2014-03-16 20:45 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-03-16 20:45 - 2014-03-16 20:45 - 00000000 _____ () C:\windows\setuperr.log
2014-03-16 19:44 - 2013-01-07 18:54 - 00000000 ____D () C:\Users\engin\Documents\GTA Vice City User Files
2014-03-16 15:46 - 2014-03-16 15:46 - 00003332 _____ () C:\windows\System32\Tasks\{C9168C70-2023-412F-A2AB-91F6BFFC33F6}
2014-03-16 15:44 - 2014-03-16 15:44 - 00000000 ____D () C:\Programme
2014-03-16 15:40 - 2014-03-16 15:40 - 00003240 _____ () C:\windows\System32\Tasks\{749A6B0F-6A94-4BFD-ABE7-5ECB8DB4BC55}
2014-03-16 15:24 - 2014-03-16 15:16 - 00000000 ____D () C:\Users\engin\Documents\Bully Scholarship Edition
2014-03-16 15:16 - 2014-03-15 23:44 - 00035066 _____ () C:\windows\DirectX.log
2014-03-16 00:42 - 2012-11-26 18:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-16 00:29 - 2014-03-16 00:29 - 00000000 ____D () C:\Users\engin\Documents\Rockstar Games
2014-03-16 00:01 - 2014-03-16 00:01 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-03-16 00:01 - 2014-03-15 23:45 - 00000000 ____D () C:\Users\engin\AppData\Local\Rockstar Games
2014-03-15 23:59 - 2013-09-13 21:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-15 23:45 - 2014-03-15 23:45 - 00178800 _____ (Sony DADC Austria AG.) C:\windows\SysWOW64\CmdLineExt_x64.dll
2014-03-15 23:45 - 2014-03-15 23:45 - 00000000 __RHD () C:\Users\engin\AppData\Roaming\SecuROM
2014-03-15 21:03 - 2014-03-15 21:03 - 00297352 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-13 19:05 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-03-13 18:40 - 2012-12-15 12:31 - 00000000 ___RD () C:\Users\engin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-13 18:40 - 2012-12-15 12:31 - 00000000 ___RD () C:\Users\engin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-13 18:38 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-03-13 18:37 - 2012-07-26 09:12 - 00000000 ___RD () C:\windows\ToastData
2014-03-13 18:37 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 18:37 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 18:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 18:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-11 23:01 - 2013-01-12 16:58 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-09 19:15 - 2013-02-13 19:49 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-03-08 22:10 - 2014-02-05 13:26 - 00000000 ____D () C:\Users\engin\AppData\Roaming\vlc
2014-03-06 22:32 - 2013-07-05 19:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 22:32 - 2013-07-05 19:51 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 23:52 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:52 - 2012-07-26 09:14 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 13:34 - 2014-03-02 13:34 - 00000000 ____D () C:\Users\engin\AppData\Local\HP Quick Start
2014-03-02 13:30 - 2014-03-02 13:30 - 00772680 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-03-02 13:30 - 2014-03-02 13:30 - 00078920 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-03-02 13:30 - 2014-03-02 13:30 - 00001101 _____ () C:\Users\Public\Desktop\HP Quick Start.lnk
2014-03-02 13:30 - 2012-08-02 04:15 - 00000000 ____D () C:\SWSETUP
2014-03-02 13:29 - 2014-03-02 13:29 - 00000000 ____D () C:\Users\engin\AppData\Roaming\WinBatch
2014-02-23 09:13 - 2014-03-13 11:53 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-23 09:13 - 2014-03-13 11:53 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-23 09:13 - 2014-03-13 11:53 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-23 09:13 - 2014-03-13 11:53 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-23 09:13 - 2014-03-13 11:53 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-23 09:12 - 2014-03-13 11:53 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-23 09:12 - 2014-03-13 11:53 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-23 09:12 - 2014-03-13 11:53 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-23 09:11 - 2014-03-13 11:53 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-23 07:54 - 2014-03-13 11:53 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-23 07:54 - 2014-03-13 11:53 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-23 07:54 - 2014-03-13 11:53 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 14358016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-23 07:53 - 2014-03-13 11:53 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-23 07:35 - 2014-03-13 11:53 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-23 07:31 - 2014-03-13 11:53 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-23 05:06 - 2014-03-13 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
Some content of TEMP:
====================
C:\Users\engin\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\engin\AppData\Local\Temp\drm_dyndata_7380014.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-18 12:43
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by engin at 2014-03-24 14:44:51
Running from C:\Users\engin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adrenaline Action Benchmark Tool 1.0 (Build 1.0.2.1) (HKLM-x32\...\Adrenaline Action Benchmark Tool_is1) (Version: - )
Alice-Installationsdateien entfernen (HKLM-x32\...\Alice) (Version: - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version: - Rockstar New England)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 10057 (Build 2593) - Speedbit Ltd.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.50.5145 - Gretech Corporation)
GpuTemp (HKLM\...\{0FFA85AB-D704-48A6-A009-25A0559152C3}) (Version: 2.1 - WR-Tools)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
K-Lite Codec Pack 10.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
SiSoftware Sandra Lite 2013.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.23.2013.1 - SiSoftware)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version: - Digital Extremes)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
28-02-2014 20:08:50 Geplanter Prüfpunkt
02-03-2014 12:28:46 HPSF Applying updates
06-03-2014 21:30:55 Windows Update
13-03-2014 13:43:36 Windows Modules Installer
15-03-2014 22:43:40 DirectX wurde installiert
23-03-2014 21:36:01 Windows Update
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0F5EFBA4-AD0F-4BB9-82D5-06C51C5B4ADB} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2382EE8E-C146-4F60-A348-F4D00982A255} - System32\Tasks\{D5C7FFF6-53E6-46E9-9355-42876BEDC863} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.6.0.106&LastError=2
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2977D678-F1C0-4925-9E5E-EA7CC19915A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {2FA62CF0-01E3-4F2A-87BE-36E115EB09C1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe
Task: {43A5B8D6-AC9E-498D-8202-DBE1FFD70160} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5475519D-DDDE-400F-92ED-B6F9E4E6F202} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\WSCStub.exe
Task: {6F2D0F41-E77F-41BA-A70B-97C84C83D42C} - System32\Tasks\HPCeeScheduleForengin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {7CCE91DF-4E32-4695-9DCB-1DEC9B9CE1C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8DD0457F-F020-4842-9E8E-205573FE18D0} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe
Task: {98A2E25E-BE20-4634-992D-FD00A474B313} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {A386581F-DF40-4493-8982-456A3901A18D} - System32\Tasks\{1E8B4184-850A-4D05-9A1F-A9AD93AFBE27} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.6.0.106&LastError=2
Task: {A6D77E39-AEA6-471F-AB1F-C7A9C6F2A07B} - System32\Tasks\{644FD59D-57FC-4EC8-B72A-D8895A100DFD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.6.0.106&LastError=2
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB4E8A8A-825E-4D6E-B691-AC3DEB1A280E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {B962EC77-74E2-4E0F-B1EC-9C39B347A221} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CCCBF45A-DE68-49CD-933B-696D47C8C37E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {E035B920-41C1-44AF-8EF0-D86BF8422290} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F25ADEA6-DF3E-48CA-A826-BA9EA4B5D8B7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {F8DA9C7D-B8A0-43DF-BCC2-8C31CD749DCE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {FEA7CB51-20FB-4296-BAA0-5A1CC5084A14} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-01] (AVAST Software)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForengin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2013-06-16 16:37 - 2013-06-16 16:40 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2012-11-26 17:59 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-15 12:31 - 2012-12-15 12:31 - 00120224 _____ () C:\Users\engin\AppData\Local\assembly\dl3\3443HKZP.VRV\9KXET9KP.AY0\3e16f603\0017145d_cd85cd01\HPItunesModule.DLL
2014-03-22 22:17 - 2014-03-22 18:35 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032201\algo.dll
2014-03-23 23:55 - 2014-03-23 18:50 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032301\algo.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-21 21:51 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-10-21 21:51 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-21 21:51 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-10-21 21:51 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-10-21 21:51 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-11-26 18:05 - 2012-07-18 09:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-01-09 12:11 - 2014-01-09 12:11 - 00011776 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
2014-01-09 12:11 - 2014-01-09 12:11 - 00010240 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
2014-01-09 12:11 - 2014-01-09 12:11 - 00012800 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
2014-01-09 12:11 - 2014-01-09 12:11 - 00012800 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
2014-01-09 12:11 - 2014-01-09 12:11 - 00010752 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
2014-01-09 12:11 - 2014-01-09 12:11 - 00009216 _____ () C:\ProgramData\Speedbit\DAP\Plugins\AddonsCondition.dll
2012-11-26 18:10 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-18 12:33 - 2013-10-18 12:33 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-18 19:41 - 2014-03-18 19:41 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/24/2014 02:35:10 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/24/2014 02:01:31 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/24/2014 01:48:51 PM) (Source: RasClient) (User: )
Description: CoID={E7B1D82F-3C7F-4A18-8C7B-DE6B22A8DA8A}: Der Benutzer "ergün\engin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (03/24/2014 01:48:24 PM) (Source: RasClient) (User: )
Description: CoID={6337ED89-E489-46D6-89F0-CF841D0A66F9}: Der Benutzer "ergün\engin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (03/24/2014 01:47:34 PM) (Source: RasClient) (User: )
Description: CoID={E620C718-7853-43DC-ACB3-37719D4BC520}: Der Benutzer "ergün\engin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (03/24/2014 01:46:06 PM) (Source: RasClient) (User: )
Description: CoID={A85485F5-67E0-427A-9BB7-C2ADB6F8D1D6}: Der Benutzer "ergün\engin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (03/24/2014 01:45:10 PM) (Source: RasClient) (User: )
Description: CoID={43967B88-7879-4D1C-83DD-B63245220A65}: Der Benutzer "ergün\engin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (03/24/2014 00:11:36 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/24/2014 00:07:09 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/23/2014 11:32:13 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
System errors:
=============
Error: (03/24/2014 00:13:02 PM) (Source: DCOM) (User: ergün)
Description: {DC0C2640-1415-4644-875C-6F4D769839BA}
Error: (03/24/2014 00:11:17 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (03/23/2014 09:50:46 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (03/23/2014 07:55:39 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (03/23/2014 00:54:26 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (03/23/2014 00:54:23 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (03/23/2014 00:51:33 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (03/23/2014 00:51:29 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT-AUTORITÄT)
Description: 32212254731067264
Error: (03/23/2014 00:51:54 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8006742830, 0xfffff88002c297f0, 0xfffffa8007923010)C:\windows\MEMORY.DMP032314-19437-01
Error: (03/23/2014 00:51:54 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 22.03.2014 um 22:48:57 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (03/24/2014 02:35:10 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/24/2014 02:01:31 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/24/2014 01:48:51 PM) (Source: RasClient)(User: )
Description: {E7B1D82F-3C7F-4A18-8C7B-DE6B22A8DA8A}ergün\enginBreitbandverbindung651
Error: (03/24/2014 01:48:24 PM) (Source: RasClient)(User: )
Description: {6337ED89-E489-46D6-89F0-CF841D0A66F9}ergün\enginBreitbandverbindung651
Error: (03/24/2014 01:47:34 PM) (Source: RasClient)(User: )
Description: {E620C718-7853-43DC-ACB3-37719D4BC520}ergün\enginBreitbandverbindung651
Error: (03/24/2014 01:46:06 PM) (Source: RasClient)(User: )
Description: {A85485F5-67E0-427A-9BB7-C2ADB6F8D1D6}ergün\enginBreitbandverbindung651
Error: (03/24/2014 01:45:10 PM) (Source: RasClient)(User: )
Description: {43967B88-7879-4D1C-83DD-B63245220A65}ergün\enginBreitbandverbindung651
Error: (03/24/2014 00:11:36 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/24/2014 00:07:09 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/23/2014 11:32:13 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
CodeIntegrity Errors:
===================================
Date: 2013-09-09 18:12:26.959
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-09 18:06:56.360
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-09 18:02:32.732
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-09 17:56:18.106
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-12-20 11:02:33.021
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\engin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-12-20 11:02:32.829
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-12-18 18:07:44.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\engin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-12-18 18:07:44.083
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 8147.35 MB
Available physical RAM: 6314.93 MB
Total Pagefile: 16339.35 MB
Available Pagefile: 14257.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1850.33 GB) (Free:1751.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 59A27AD7)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ich melde mich später, ich mach jetzt den PC aus. |
FRST 32-Bit | FRST 64-Bit
So funktioniert es: