defogger_disable Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:49 on 28/03/2014 (********)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=- FRST
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ********** (administrator) on PREDATOR on 28-03-2014 00:58:37
Running from C:\Users\**********\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
() C:\Program Files (x86)\LPT\srpts.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\LPT\srptm.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2560596042-4137677803-1756835688-1000\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-2560596042-4137677803-1756835688-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2560596042-4137677803-1756835688-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0D2557572E91CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ReemOOvEAdsTube - {E4D81115-FD03-574E-D51E-4706EE180F36} - C:\ProgramData\ReemOOvEAdsTube\StCs.x64.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ASProxy.dll [352168] (Astrill)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ASProxy.dll [352168] (Astrill)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ASProxy.dll [352168] (Astrill)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ASProxy.dll [352168] (Astrill)
Winsock: Catalog9 15 C:\Windows\SysWOW64\ASProxy.dll [352168] (Astrill)
Winsock: Catalog9-x64 01 C:\Windows\system32\ASProxy64.dll [468904] (Astrill)
Winsock: Catalog9-x64 02 C:\Windows\system32\ASProxy64.dll [468904] (Astrill)
Winsock: Catalog9-x64 03 C:\Windows\system32\ASProxy64.dll [468904] (Astrill)
Winsock: Catalog9-x64 04 C:\Windows\system32\ASProxy64.dll [468904] (Astrill)
Winsock: Catalog9-x64 15 C:\Windows\system32\ASProxy64.dll [468904] (Astrill)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{24AD4058-5435-490E-8A19-7B6CDF788189}: [NameServer]8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\qo5gln1i.default
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\qo5gln1i.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\qo5gln1i.default\Extensions\amazon-icon@giga.de [2014-03-28]
FF Extension: Popular Website Buddy - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\qo5gln1i.default\Extensions\jid1-l6V8exwLVv1lBw@jetpack [2014-03-27]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\qo5gln1i.default\Extensions\sparpilot@sparpilot.com [2014-03-28]
FF Extension: LinkiDoo - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\qo5gln1i.default\Extensions\{75edaf6c-4dcf-4f61-a079-f7488c24b3d9}.xpi [2014-03-26]
FF Extension: Adblock Plus - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\qo5gln1i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-26]
==================== Services (Whitelisted) =================
S3 ASOVPNHelper; C:\Program Files (x86)\Astrill\ASOvpnSvc.exe [434928 2012-05-25] (Astrill)
S3 ASProxy; C:\Program Files (x86)\Astrill\ASProxy.exe [1918888 2013-02-19] (Astrill)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-02-04] ()
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-07-04] (cFos Software GmbH)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32288 2014-02-09] ()
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-07] ()
==================== Drivers (Whitelisted) ====================
R3 asvpndrv; C:\Windows\System32\DRIVERS\asvpndrv.sys [31744 2012-02-29] (Astrill)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2010-05-25] (Devguru Co., Ltd)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [867824 2012-10-25] (Duplex Secure Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-28 00:58 - 2014-03-28 00:58 - 00012207 _____ () C:\Users\**********\Desktop\FRST.txt
2014-03-28 00:58 - 2014-03-28 00:58 - 00000000 ____D () C:\FRST
2014-03-28 00:49 - 2014-03-28 00:49 - 00000596 _____ () C:\Users\**********\Desktop\defogger_disable.log
2014-03-28 00:49 - 2014-03-28 00:49 - 00000020 _____ () C:\Users\**********\defogger_reenable
2014-03-28 00:48 - 2014-03-28 00:48 - 02157056 _____ (Farbar) C:\Users\**********\Desktop\FRST64.exe
2014-03-28 00:48 - 2014-03-28 00:48 - 00380416 _____ () C:\Users\**********\Desktop\Gmer-19357.exe
2014-03-28 00:47 - 2014-03-28 00:47 - 00050477 _____ () C:\Users\**********\Desktop\Defogger.exe
2014-03-28 00:22 - 2014-03-28 00:25 - 04918616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-28 00:21 - 2014-03-28 00:21 - 00005014 _____ () C:\Windows\PFRO.log
2014-03-28 00:13 - 2014-03-28 00:52 - 00000336 _____ () C:\Windows\setupact.log
2014-03-28 00:13 - 2014-03-28 00:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-28 00:11 - 2014-03-28 00:11 - 00000000 ____D () C:\Users\**********\AppData\Local\Tempccc444a4d49670cb05f3386d0c986880
2014-03-28 00:11 - 2014-03-28 00:11 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp73e5ec14e567a8817c7604af85241487
2014-03-28 00:10 - 2014-03-28 00:10 - 00000000 ____D () C:\Users\**********\AppData\Local\Tempc54c1f61f356ad2905a826a3efdb3359_
2014-03-28 00:10 - 2014-03-28 00:10 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp306340d9e24edd61c036ed6647592a9c_
2014-03-27 21:17 - 2014-03-27 21:17 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp1728f593f8d2847341145be860e2f174
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\ChromeExtensions
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\AppData\Local\Tempc54c1f61f356ad2905a826a3efdb3359
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp306340d9e24edd61c036ed6647592a9c
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp1aade29c970773c10219ab2f101ff1cb
2014-03-27 20:27 - 2014-03-27 20:27 - 00000000 ____D () C:\Users\**********\AppData\Roaming\flightgear.org
2014-03-27 20:18 - 2014-03-27 20:18 - 00000000 ____D () C:\ProgramData\ZalmanInstaller_5372
2014-03-27 19:49 - 2014-03-28 00:54 - 00000944 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-03-27 19:49 - 2014-03-27 19:49 - 00003940 _____ () C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
2014-03-27 19:49 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-03-27 19:45 - 2014-03-27 19:46 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-27 19:35 - 2014-03-27 21:32 - 00000000 ____D () C:\Program Files (x86)\LinkiDoo
2014-03-27 19:34 - 2014-03-27 19:51 - 00000000 ____D () C:\Users\**********\AppData\Roaming\qone8
2014-03-27 19:22 - 2014-03-27 19:22 - 00000000 ____D () C:\Users\**********\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2014-03-26 19:20 - 2014-03-26 19:21 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Screaming Bee
2014-03-26 19:20 - 2014-03-26 19:21 - 00000000 ____D () C:\ProgramData\Screaming Bee
2014-03-26 19:20 - 2014-03-26 19:20 - 00002082 _____ () C:\Users\Public\Desktop\MorphVOX Pro.lnk
2014-03-26 19:20 - 2014-03-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee
2014-03-26 19:18 - 2014-03-26 19:24 - 19866084 _____ () C:\Users\**********\Desktop\SCREAM.by.MORPHEUS.PO.PO.4.rar
2014-03-26 19:18 - 2014-03-26 19:19 - 05384056 _____ () C:\Users\**********\Desktop\MorphVOXPro4_Install-1.de.exe
2014-03-26 15:35 - 2014-03-26 15:36 - 00016965 _____ () C:\Users\**********\Desktop\OpenDocument Text (neu).odt
2014-03-21 21:05 - 2014-03-21 21:05 - 00002788 _____ () C:\Users\**********\Desktop\safersurf-for-free-setup.log
2014-03-21 21:05 - 2014-03-21 21:05 - 00000000 ____D () C:\ProgramData\Nutzwerk
2014-03-21 20:42 - 2014-03-27 22:36 - 00000000 __SHD () C:\Windows\SysWOW64\MPK
2014-03-21 20:42 - 2014-03-21 20:55 - 00000000 __SHD () C:\ProgramData\MPK
2014-03-20 15:13 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-20 15:13 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-19 16:55 - 2014-03-19 16:55 - 00000000 ____D () C:\Intel
2014-03-19 16:53 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-19 16:53 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-19 16:53 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-19 16:53 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-19 16:53 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-19 16:53 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-19 16:53 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-19 16:53 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-19 16:53 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-19 16:53 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-19 16:53 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-19 16:53 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-19 16:53 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-19 16:53 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-19 16:53 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-19 16:53 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-19 16:53 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-03-19 16:52 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-03-19 16:52 - 2012-08-23 15:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2014-03-19 16:52 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-03-19 16:52 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-03-19 16:52 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-03-19 16:52 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-03-19 16:52 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-03-19 16:50 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-19 16:50 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-16 18:11 - 2014-03-27 19:52 - 00000218 _____ () C:\Users\**********\Desktop\Neues Textdokument (5).txt
2014-03-12 02:50 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 02:50 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 02:50 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 02:50 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 02:50 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 02:50 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 02:50 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 02:50 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 02:50 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 02:50 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 02:50 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 02:50 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 02:50 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 02:50 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 02:50 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 02:50 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 02:50 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 02:50 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 02:50 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 02:50 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 02:50 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 02:50 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 02:50 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 02:50 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 02:50 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 02:50 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 02:50 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 02:50 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 02:50 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 02:50 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 02:50 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 02:50 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 02:50 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 02:50 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 02:50 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 02:50 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 02:50 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 02:50 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 02:50 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 02:50 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 02:50 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 02:50 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 02:50 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 02:50 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 02:50 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 02:50 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 02:50 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 02:50 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-07 23:12 - 2014-03-07 23:12 - 14469376 _____ () C:\Users\**********\Desktop\WhatsApp.apk
2014-03-07 15:44 - 2014-03-28 00:52 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job
2014-03-07 15:44 - 2014-03-07 15:44 - 00003226 _____ () C:\Windows\System32\Tasks\bench-Updater removing
2014-03-03 23:29 - 2014-03-03 23:29 - 00000000 ____D () C:\Program Files (x86)\CoupExiTeenSIona
2014-03-03 22:50 - 2014-03-28 00:25 - 00000000 ____D () C:\Users\**********\.VirtualBox
2014-03-03 22:50 - 2014-03-03 22:50 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-03-03 22:50 - 2013-04-12 11:41 - 00237840 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-03-03 22:49 - 2014-03-03 22:49 - 00000000 ____D () C:\Program Files\Oracle
2014-03-03 22:49 - 2013-04-12 11:40 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-03-03 22:48 - 2014-03-03 22:54 - 00000000 ____D () C:\Users\**********\AppData\Local\Genymobile
2014-03-03 22:47 - 2014-03-12 22:30 - 00001025 _____ () C:\Users\Public\Desktop\Genymotion.lnk
2014-03-03 22:47 - 2014-03-12 22:30 - 00001020 _____ () C:\Users\Public\Desktop\Genymotion Shell.lnk
2014-03-03 22:46 - 2014-03-03 22:46 - 00000000 ____D () C:\Program Files\Genymobile
2014-02-27 16:05 - 2014-02-27 16:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 16:05 - 2014-02-27 16:05 - 00000000 ____D () C:\Users\**********\AppData\Local\Skype
2014-02-27 15:33 - 2014-03-04 14:18 - 00000000 ____D () C:\ProgramData\CoupExiTeenSIona
==================== One Month Modified Files and Folders =======
2014-03-28 00:58 - 2014-03-28 00:58 - 00012207 _____ () C:\Users\**********\Desktop\FRST.txt
2014-03-28 00:58 - 2014-03-28 00:58 - 00000000 ____D () C:\FRST
2014-03-28 00:56 - 2013-08-30 20:07 - 01585779 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 00:54 - 2014-03-27 19:49 - 00000944 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-03-28 00:54 - 2013-01-01 17:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-28 00:52 - 2014-03-28 00:13 - 00000336 _____ () C:\Windows\setupact.log
2014-03-28 00:52 - 2014-03-07 15:44 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job
2014-03-28 00:51 - 2012-09-12 19:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-28 00:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-28 00:49 - 2014-03-28 00:49 - 00000596 _____ () C:\Users\**********\Desktop\defogger_disable.log
2014-03-28 00:49 - 2014-03-28 00:49 - 00000020 _____ () C:\Users\**********\defogger_reenable
2014-03-28 00:49 - 2012-09-12 22:08 - 00000000 ____D () C:\Users\**********
2014-03-28 00:48 - 2014-03-28 00:48 - 02157056 _____ (Farbar) C:\Users\**********\Desktop\FRST64.exe
2014-03-28 00:48 - 2014-03-28 00:48 - 00380416 _____ () C:\Users\**********\Desktop\Gmer-19357.exe
2014-03-28 00:47 - 2014-03-28 00:47 - 00050477 _____ () C:\Users\**********\Desktop\Defogger.exe
2014-03-28 00:47 - 2012-09-17 03:33 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-28 00:31 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-28 00:31 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-28 00:25 - 2014-03-28 00:22 - 04918616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-28 00:25 - 2014-03-03 22:50 - 00000000 ____D () C:\Users\**********\.VirtualBox
2014-03-28 00:21 - 2014-03-28 00:21 - 00005014 _____ () C:\Windows\PFRO.log
2014-03-28 00:17 - 2012-09-13 00:03 - 00000000 ____D () C:\Windows\pss
2014-03-28 00:17 - 2012-09-12 22:08 - 00000000 ___RD () C:\Users\**********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-28 00:13 - 2014-03-28 00:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-28 00:12 - 2012-09-12 22:20 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-28 00:12 - 2012-09-12 18:53 - 00000000 ____D () C:\Users\**********\AppData\Local\CrashDumps
2014-03-28 00:11 - 2014-03-28 00:11 - 00000000 ____D () C:\Users\**********\AppData\Local\Tempccc444a4d49670cb05f3386d0c986880
2014-03-28 00:11 - 2014-03-28 00:11 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp73e5ec14e567a8817c7604af85241487
2014-03-28 00:10 - 2014-03-28 00:10 - 00000000 ____D () C:\Users\**********\AppData\Local\Tempc54c1f61f356ad2905a826a3efdb3359_
2014-03-28 00:10 - 2014-03-28 00:10 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp306340d9e24edd61c036ed6647592a9c_
2014-03-28 00:10 - 2012-09-17 03:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 00:05 - 2012-09-12 22:17 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1C3B3B18-0062-4FF6-9196-209A3D88CF3E}
2014-03-27 23:52 - 2013-10-26 21:44 - 00002180 _____ () C:\Users\**********\Desktop\xClient_v1.0_Build_v3.7.zip
2014-03-27 23:51 - 2012-09-16 14:02 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Hiad
2014-03-27 23:50 - 2012-09-16 20:45 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Beaq
2014-03-27 22:36 - 2014-03-21 20:42 - 00000000 __SHD () C:\Windows\SysWOW64\MPK
2014-03-27 22:00 - 2014-02-10 20:48 - 00000000 ____D () C:\ProgramData\ReemOOvEAdsTube
2014-03-27 21:46 - 2012-09-20 16:47 - 00000000 ____D () C:\ProgramData\npsfmipherpgmut
2014-03-27 21:32 - 2014-03-27 19:35 - 00000000 ____D () C:\Program Files (x86)\LinkiDoo
2014-03-27 21:30 - 2012-12-02 17:09 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-27 21:23 - 2013-05-27 11:55 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-27 21:23 - 2013-01-04 21:27 - 00000000 ____D () C:\Users\**********\AppData\Local\Ubisoft Game Launcher
2014-03-27 21:17 - 2014-03-27 21:17 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp1728f593f8d2847341145be860e2f174
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\ChromeExtensions
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\AppData\Local\Tempc54c1f61f356ad2905a826a3efdb3359
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp306340d9e24edd61c036ed6647592a9c
2014-03-27 21:16 - 2014-03-27 21:16 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp1aade29c970773c10219ab2f101ff1cb
2014-03-27 20:38 - 2013-08-29 18:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-27 20:38 - 2012-09-18 21:27 - 00000000 ____D () C:\Users\**********\AppData\Roaming\TS3Client
2014-03-27 20:27 - 2014-03-27 20:27 - 00000000 ____D () C:\Users\**********\AppData\Roaming\flightgear.org
2014-03-27 20:18 - 2014-03-27 20:18 - 00000000 ____D () C:\ProgramData\ZalmanInstaller_5372
2014-03-27 19:52 - 2014-03-16 18:11 - 00000218 _____ () C:\Users\**********\Desktop\Neues Textdokument (5).txt
2014-03-27 19:51 - 2014-03-27 19:34 - 00000000 ____D () C:\Users\**********\AppData\Roaming\qone8
2014-03-27 19:51 - 2012-09-12 22:08 - 00001425 _____ () C:\Users\**********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-27 19:50 - 2013-03-08 21:22 - 00000000 ____D () C:\Users\**********\AppData\Local\cache
2014-03-27 19:49 - 2014-03-27 19:49 - 00003940 _____ () C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
2014-03-27 19:46 - 2014-03-27 19:45 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-27 19:22 - 2014-03-27 19:22 - 00000000 ____D () C:\Users\**********\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2014-03-27 06:13 - 2012-09-12 19:47 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Skype
2014-03-27 00:52 - 2012-10-03 20:12 - 00000000 ____D () C:\Users\**********\AppData\Roaming\ICQ
2014-03-26 19:24 - 2014-03-26 19:18 - 19866084 _____ () C:\Users\**********\Desktop\SCREAM.by.MORPHEUS.PO.PO.4.rar
2014-03-26 19:21 - 2014-03-26 19:20 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Screaming Bee
2014-03-26 19:21 - 2014-03-26 19:20 - 00000000 ____D () C:\ProgramData\Screaming Bee
2014-03-26 19:20 - 2014-03-26 19:20 - 00002082 _____ () C:\Users\Public\Desktop\MorphVOX Pro.lnk
2014-03-26 19:20 - 2014-03-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee
2014-03-26 19:20 - 2013-09-07 01:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-26 19:19 - 2014-03-26 19:18 - 05384056 _____ () C:\Users\**********\Desktop\MorphVOXPro4_Install-1.de.exe
2014-03-26 15:36 - 2014-03-26 15:35 - 00016965 _____ () C:\Users\**********\Desktop\OpenDocument Text (neu).odt
2014-03-26 07:20 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-26 07:20 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-26 07:20 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 20:06 - 2014-02-03 21:49 - 00000000 ____D () C:\ProgramData\SmartWeb
2014-03-22 04:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-21 21:05 - 2014-03-21 21:05 - 00002788 _____ () C:\Users\**********\Desktop\safersurf-for-free-setup.log
2014-03-21 21:05 - 2014-03-21 21:05 - 00000000 ____D () C:\ProgramData\Nutzwerk
2014-03-21 20:55 - 2014-03-21 20:42 - 00000000 __SHD () C:\ProgramData\MPK
2014-03-19 18:26 - 2014-02-10 20:48 - 00002494 __RSH () C:\ProgramData\ntuser.pol
2014-03-19 16:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-19 16:55 - 2014-03-19 16:55 - 00000000 ____D () C:\Intel
2014-03-19 16:52 - 2013-07-24 00:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 16:52 - 2012-10-01 00:41 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-19 16:51 - 2012-09-12 22:52 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-13 23:05 - 2012-10-23 22:11 - 00000000 ____D () C:\Users\**********\AppData\Roaming\vlc
2014-03-12 22:30 - 2014-03-03 22:47 - 00001025 _____ () C:\Users\Public\Desktop\Genymotion.lnk
2014-03-12 22:30 - 2014-03-03 22:47 - 00001020 _____ () C:\Users\Public\Desktop\Genymotion Shell.lnk
2014-03-12 20:10 - 2013-09-10 23:10 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-12 20:10 - 2012-09-17 03:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:10 - 2012-09-17 03:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 20:10 - 2012-09-17 03:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-07 23:12 - 2014-03-07 23:12 - 14469376 _____ () C:\Users\**********\Desktop\WhatsApp.apk
2014-03-07 15:44 - 2014-03-07 15:44 - 00003226 _____ () C:\Windows\System32\Tasks\bench-Updater removing
2014-03-05 00:49 - 2014-02-05 17:12 - 00000000 ____D () C:\Users\**********\Desktop\ein lauer sommerabend am see
2014-03-04 14:18 - 2014-02-27 15:33 - 00000000 ____D () C:\ProgramData\CoupExiTeenSIona
2014-03-03 23:29 - 2014-03-03 23:29 - 00000000 ____D () C:\Program Files (x86)\CoupExiTeenSIona
2014-03-03 23:29 - 2014-02-10 20:49 - 00000000 ____D () C:\ProgramData\a5dde32934df4f63
2014-03-03 22:54 - 2014-03-03 22:48 - 00000000 ____D () C:\Users\**********\AppData\Local\Genymobile
2014-03-03 22:50 - 2014-03-03 22:50 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-03-03 22:49 - 2014-03-03 22:49 - 00000000 ____D () C:\Program Files\Oracle
2014-03-03 22:46 - 2014-03-03 22:46 - 00000000 ____D () C:\Program Files\Genymobile
2014-03-02 18:39 - 2014-02-05 00:20 - 00000874 _____ () C:\Users\**********\Desktop\Neues Textdokument (2).txt
2014-03-01 07:05 - 2014-03-12 02:50 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 02:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 02:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 02:50 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 02:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 02:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 02:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 02:50 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 02:50 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 02:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 02:50 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 02:50 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 02:50 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 02:50 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 02:50 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 02:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 02:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 02:50 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 02:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 02:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 02:50 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 02:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 02:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 02:50 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 02:50 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 02:50 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 02:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 02:50 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 02:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 02:50 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 02:50 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 02:50 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 02:50 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 02:50 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 02:50 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 02:50 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 02:50 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 02:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 02:50 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 16:05 - 2014-02-27 16:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 16:05 - 2014-02-27 16:05 - 00000000 ____D () C:\Users\**********\AppData\Local\Skype
2014-02-27 16:05 - 2012-09-12 19:47 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-27 16:05 - 2012-09-12 19:46 - 00000000 ____D () C:\ProgramData\Skype
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2560596042-4137677803-1756835688-1000\$e7d4392b885fbe193a679e1b051a790d
Some content of TEMP:
====================
C:\Users\**********\AppData\Local\Temp\6_Offer_11.exe
C:\Users\**********\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\**********\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\**********\AppData\Local\Temp\BackupSetup.exe
C:\Users\**********\AppData\Local\Temp\BRSVC_673269_hlp.exe
C:\Users\**********\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\**********\AppData\Local\Temp\D1395946041.exe
C:\Users\**********\AppData\Local\Temp\GuardICQ.exe
C:\Users\**********\AppData\Local\Temp\nsgC7A0.exe
C:\Users\**********\AppData\Local\Temp\nsmCA7F.exe
C:\Users\**********\AppData\Local\Temp\nso649A.exe
C:\Users\**********\AppData\Local\Temp\nsr9FA3.exe
C:\Users\**********\AppData\Local\Temp\nsrA1C6.exe
C:\Users\**********\AppData\Local\Temp\nst3F8A.exe
C:\Users\**********\AppData\Local\Temp\nst68B0.exe
C:\Users\**********\AppData\Local\Temp\nsy3C00.exe
C:\Users\**********\AppData\Local\Temp\sdanircmdc.exe
C:\Users\**********\AppData\Local\Temp\sdapskill.exe
C:\Users\**********\AppData\Local\Temp\sdaspwn.exe
C:\Users\**********\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\**********\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-20 16:52
==================== End Of Log ============================ --- --- ---
--- --- ---
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ******* at 2014-03-28 00:59:04
Running from C:\Users\*******\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock eXtreme Tuner v0.1.98 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
Astrill (HKLM\...\{A77BCF74-A5A3-441B-9923-305EAD8B7976}_is1) (Version: - Astrill)
avast! Pro Antivirus (HKLM-x32\...\avast) (Version: 8.0.1497.0 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
BufferChm (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Demonbuddy (HKCU\...\{45bb2989-e144-465d-9823-220359687d0e}) (Version: 1.0.1445.316 - Bossland GmbH)
Demonbuddy (x32 Version: 1.0.1445.316 - Bossland GmbH) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
F4100_doccd (x32 Version: 90.0.200.000 - Hewlett-Packard) Hidden
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.1.1031 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Genymotion version 2.1.1 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.1.1 - Genymobile)
HP Managed Printing Admin (HKLM-x32\...\{7CA4F780-7AD0-417A-82A1-46EB825CFD53}) (Version: 2.5.9 - Hewlett-Packard)
HP Update (HKLM-x32\...\{8C6027FD-53DC-446D-BB75-CACD7028A134}) (Version: 4.000.006.002 - Hewlett-Packard)
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Ihr Firmenname)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
iTunes (HKLM\...\{37D0157F-45C6-4DB2-9AE5-489DD98CE169}) (Version: 11.1.2.31 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MorphVOX Pro (HKLM-x32\...\{ac11d2c6-dc41-405c-96ae-818d062a88ab}) (Version: 4.4.13.23750 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.13.23750 - Screaming Bee) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MP4 To MP3 Converter V3.0.5 (HKLM-x32\...\MP4 To MP3 Converter_is1) (Version: - hxxp://www.MP4ToMP3Converter.net)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden
Shopping Helper Smartbar Engine (HKCU\...\{d0f3a858-25bf-40b1-8446-1b8183a0243e}) (Version: 10.215.63.15249 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWeb (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{34677ac8}) (Version: - Surfnet) <==== ATTENTION
Speccy (HKLM\...\Speccy) (Version: 1.18 - Piriform)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.31 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Street Fighter X Tekken (x32 Version: 1.0.0001.130 - CAPCOM U.S.A., INC) Hidden
Street Fighter X Tekken (x32 Version: 1.0.0002.130 - CAPCOM U.S.A., INC) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
UnloadSupport (x32 Version: 9.0.0 - Hewlett-Packard) Hidden
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
==================== Restore Points =========================
20-03-2014 15:59:30 Geplanter Prüfpunkt
20-03-2014 23:58:48 Windows Update
21-03-2014 19:57:03 Windows Defender Checkpoint
21-03-2014 19:59:55 Removed Microsoft Silverlight
21-03-2014 20:55:35 Removed SaferSurf
25-03-2014 05:52:16 Windows Update
26-03-2014 18:19:29 MorphVOX Pro
27-03-2014 18:23:05 Uniblue SpeedUpMyPC installation
27-03-2014 18:35:44 Uniblue SpeedUpMyPC installation
27-03-2014 19:20:44 Uniblue SpeedUpMyPC installation
27-03-2014 20:22:18 Entfernt THX TruStudio
27-03-2014 23:27:46 Removed Apple Application Support
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03E3B24D-BEA9-4CD5-8774-302389AD6440} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {109B50D6-6F37-455D-B86C-196AB5675BF5} - System32\Tasks\{F7DFF4E3-6C86-4799-98B0-66026C848DDE} => C:\Program Files (x86)\Origin Games\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe [2013-01-31] (Crytek GmbH)
Task: {3AC169BD-22B2-4C4C-9467-65F5D27CB76D} - \RegClean Pro_UPDATES No Task File
Task: {4E582A10-9161-40C4-95BC-7C4F95A5CB10} - \EPUpdater No Task File
Task: {548D25BA-42E6-46E4-8A74-4C0298BEE0DA} - \RegClean Pro_DEFAULT No Task File
Task: {5B17A072-57FA-4E6E-AAC4-C30ADBD3C8DD} - \SaveSenseLiveUpdateTaskMachineCore No Task File
Task: {748CC972-F906-4E4F-B202-00713AD288F0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {806A843E-136B-44C4-AD0E-0C0D8666AC08} - \SpeedUpMyPC Maintenance No Task File
Task: {87542AFF-34DC-4258-8200-EB3C7CF62F37} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {8832BA48-BD2F-4BF9-80D9-C974A47AC5A8} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {A0AC8125-FDDD-4BB0-9B43-19311F2C48DB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A7C84CD8-DCE2-4A5A-9AF5-5904DD5D157F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {B25889E6-A4B2-43D7-AE1D-2FFB7A564DC1} - \SpeedUpMyPC Startup No Task File
Task: {C3256B8D-B586-400C-8524-68E58DA7EF2E} - \bench-sys No Task File
Task: {C3A7D65D-8A4B-4346-80B7-286A25CE0EC2} - System32\Tasks\bench-Updater removing
Task: {C5B5DC8F-5ECE-4504-A08C-557F3BE507C0} - \Advanced System Protector_startup No Task File
Task: {E654DBE0-864E-4B05-8762-6FF03ED95034} - \RegClean Pro No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-Updater removing.job => ?
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-09-12 19:28 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00032288 _____ () C:\Program Files (x86)\LPT\srpts.exe
2013-10-07 23:58 - 2013-10-07 23:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-09 12:41 - 2014-02-09 12:41 - 00013344 _____ () C:\Program Files (x86)\LPT\srptm.exe
2013-01-01 17:14 - 2012-06-29 13:10 - 00836608 _____ () C:\Program Files\AVAST Software\Avast\VERSION.dll
2014-03-28 00:00 - 2014-03-27 22:10 - 02283520 _____ () C:\Program Files\AVAST Software\Avast\defs\14032701\algo.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00070176 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00022048 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-02-15 02:56 - 2014-02-15 02:56 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00052256 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00054304 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00152608 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00017440 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00166432 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00037408 _____ () C:\Program Files (x86)\LPT\srbu.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014880 _____ () C:\Program Files (x86)\LPT\srpdm.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00033824 _____ () C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ASProxy => ""="service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^*******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopWeatherAlerts.lnk => C:\Windows\pss\DesktopWeatherAlerts.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lollipop.lnk => C:\Windows\pss\lollipop.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PricePeepUpdater.lnk => C:\Windows\pss\PricePeepUpdater.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk => C:\Windows\pss\Weather Alerts.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASRSetup.exe => C:\Users\*******\AppData\Roaming\49C79A.exe
MSCONFIG\startupreg: Astrill => "C:\Program Files (x86)\Astrill\astrill.exe" /autostart
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\*******\AppData\Local\Smartbar\Application\Smartbar.exe startup
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Guard.Mail.ru.gui => "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Iwdis => "C:\Users\*******\AppData\Roaming\Dehaak\itkyo.exe"
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Kuveemokyr => "C:\Users\*******\AppData\Roaming\Etfi\iksi.exe"
MSCONFIG\startupreg: Lycygoq => "C:\Users\*******\AppData\Roaming\Nale\afuqa.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NVIDIA Corporation => C:\Users\*******\AppData\Roaming\0ACE8B.exe
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Policies => C:\Users\*******\AppData\Roaming\0ACE8B.exe
MSCONFIG\startupreg: Realtek => C:\Users\*******\AppData\Roaming\49C79A.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartViewAgent => "C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe"
MSCONFIG\startupreg: SonyAgent => C:\Windows\Temp\temp03.exe
MSCONFIG\startupreg: STCAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: THX TruStudio NB Settings => "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: Update => C:\Users\*******\AppData\Roaming\system\winlogon.exe
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: wcmhufvvemuvbqq => C:\ProgramData\wcmhufvv.exe
MSCONFIG\startupreg: XFast LAN => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
MSCONFIG\startupreg: XFastUsb => C:\Program Files (x86)\XFastUsb\XFastUsb.exe
MSCONFIG\startupreg: Xiecut => "C:\Users\*******\AppData\Roaming\Kepyy\otsay.exe"
MSCONFIG\startupreg: ZyngaGamesAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/28/2014 00:53:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 00:52:11 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x58c
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (03/28/2014 00:25:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 00:23:10 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x6b8
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (03/28/2014 00:12:33 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1160
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (03/28/2014 00:09:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1298
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (03/27/2014 11:59:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000f269
ID des fehlerhaften Prozesses: 0x808
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (03/27/2014 11:58:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 11:57:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x59c
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (03/27/2014 09:21:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/28/2014 00:08:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2014 00:08:08 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/28/2014 00:08:05 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/28/2014 00:07:52 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/28/2014 00:07:46 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/28/2014 00:03:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (03/27/2014 09:20:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/27/2014 09:20:24 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.
Error: (03/27/2014 08:13:46 PM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/27/2014 08:03:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (03/28/2014 00:53:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 00:52:11 AM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de58c01cf4a1787ccb63bC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dllcfc4546b-b60a-11e3-89d4-bc5ff41b60e7
Error: (03/28/2014 00:25:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 00:23:10 AM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de6b801cf4a13797579c7C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dllc2562fe5-b606-11e3-b8a2-bc5ff41b60e7
Error: (03/28/2014 00:12:33 AM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de116001cf4a11ad558cebC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll46a80b91-b605-11e3-87b2-bc5ff41b60e7
Error: (03/28/2014 00:09:00 AM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de129801cf4a1189926956C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dllc75474e4-b604-11e3-87b2-bc5ff41b60e7
Error: (03/27/2014 11:59:03 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000000f26980801cf4a0fe1347f3cC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll63430a3b-b603-11e3-87b2-bc5ff41b60e7
Error: (03/27/2014 11:58:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 11:57:26 PM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de59c01cf4a0fe04ffb22C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll29c6d6de-b603-11e3-87b2-bc5ff41b60e7
Error: (03/27/2014 09:21:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 13%
Total physical RAM: 15274.58 MB
Available physical RAM: 13146.18 MB
Total Pagefile: 30547.34 MB
Available Pagefile: 28321.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:468.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F66B81DE)
Partition: GPT Partition Type.
==================== End Of Log ============================ |