Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internetseiten stürzen ab und Pw wurde benutzt (https://www.trojaner-board.de/144869-internetseiten-stuerzen-ab-pw-wurde-benutzt.html)

Smexer 19.11.2013 21:08
Internetseiten stürzen ab und Pw wurde benutzt
 
Hallo,

seit ein paar tagen läuft mein maxton internet browser insatbil. ich surfe im internet und manchmal wenn ich einen link anklicke, stürzt der link immer ab und sämtliche anderen offenen seiten laden immer wieder neu, das passiert solange bis ich den neu geöffneten link wieder schließe.

Bei manchen Youtube Videos zb. stürzen alle offenen seiten ab und alles wird unendlich oft immer wieder neugeladen.

----
Ein anderes Problem ist, das sich gestern jemand auf einem meiner Spiele Kontos eingeloggt hat und mein spiel inventar leer geräumt hat. er hatte qausi meine email adresse und das pw irgendwo her bekommen. den das ist dafür notwendig.
----

Was denkt ihr was das für probleme das sind und ob da ein zusammenhang besteht.

Bitte helft mir.

Mfg

Smexer

cosinus 20.11.2013 01:11
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Smexer 20.11.2013 03:56
Ich benutze Malwarebytes Anti-Malware. In den Logdateien ist nichts drin, dafür aber unter Quarantäne 256 Einträge, aus den letzten Tagen, die sich nicht kopieren lassen.

Ausserdem benutze ich als Antivirus Programm avast! , damit habe ich in den letzten Tagen 9 Viren gelöscht und 1 in den Virus Container verschoben. Die gelöschten weiß ich nicht wie ich die einsehen kann und der im Container heißt VBS: FlufferMIner-D [Trj] .



FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Steven (administrator) on STEVEN-PC on 20-11-2013 03:46:54
Running from I:\Users\Steven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) D:\Antivirus\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) D:\Razzer Game Booster\Razer Game Booster\RzKLService.exe
(TuneUp Software) D:\Tune Up\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) D:\Tune Up\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) D:\Antivirus\AvastUI.exe
(Valve Corporation) H:\Steam\Steam.exe
(Razer Inc.) D:\Razzer Game Booster\Razer Game Booster\main.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MountPoints2: {2b1cbb59-b664-11e2-898d-806e6f6e6963} - E:\Installer.exe
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AvastUI.exe] - D:\Antivirus\AvastUI.exe [3568312 2013-11-12] (AVAST Software)
AppInit_DLLs:  [ ] ()
IMEO\hpwucli.exe: [Debugger] "D:\Tune Up\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2678D22EB5ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/0022/
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=1a96c2ec-3a69-a7f6-fe8d-57a876dd2f7b&searchtype=ds&q={searchTerms}&installDate=23/10/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=1a96c2ec-3a69-a7f6-fe8d-57a876dd2f7b&searchtype=ds&q={searchTerms}&installDate=23/10/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=1a96c2ec-3a69-a7f6-fe8d-57a876dd2f7b&searchtype=ds&q={searchTerms}&installDate=23/10/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=1a96c2ec-3a69-a7f6-fe8d-57a876dd2f7b&searchtype=ds&q={searchTerms}&installDate=23/10/2013
BHO: a2zLyrics-16 - {11111111-1111-1111-1111-110411411168} -  No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\HP Photosmart B010\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\HP Photosmart B010\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

==================== Services (Whitelisted) =================

R2 avast! Antivirus; D:\Antivirus\AvastSvc.exe [50344 2013-11-12] (AVAST Software)
R3 hpqcxs08; D:\HP Photosmart B010\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; D:\HP Photosmart B010\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-18] ()
R2 RzKLService; D:\Razzer Game Booster\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
R2 TuneUp.UtilitiesSvc; D:\Tune Up\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2013-05-06] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-12] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-12] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 TuneUpUtilitiesDrv; D:\Tune Up\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK provider)
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-20 03:46 - 2013-11-20 03:47 - 00007415 _____ I:\Users\Steven\Desktop\FRST.txt
2013-11-20 03:46 - 2013-11-20 03:46 - 01957964 _____ (Farbar) I:\Users\Steven\Desktop\FRST64.exe
2013-11-20 03:46 - 2013-11-20 03:46 - 00000000 ____D C:\FRST
2013-11-19 01:46 - 2013-11-19 01:46 - 00002968 _____ C:\Windows\System32\Tasks\{16483288-D1FE-4BCA-A23D-C0DDBFDA0855}
2013-11-19 01:03 - 2013-11-19 01:03 - 00000000 ____D I:\Users\Steven\Downloads\Gameforge Live
2013-11-16 11:02 - 2013-11-16 11:02 - 00000000 ____D I:\Users\Steven\AppData\Local\Arktos Entertainment
2013-11-12 17:53 - 2013-11-12 17:53 - 00000000 ____D I:\Users\Steven\Documents\Razer
2013-11-12 17:51 - 2013-11-12 17:51 - 00000897 _____ I:\Users\Public\Desktop\Razer Game Booster.lnk
2013-11-12 17:51 - 2013-11-12 17:51 - 00000000 ____D I:\Users\Steven\AppData\Local\Razer
2013-11-12 17:40 - 2013-11-12 17:41 - 39721880 _____ (Razer Inc.                                                  ) I:\Users\Steven\Downloads\RazerGameBoosterSetup_4.0.68.0.exe
2013-11-12 13:10 - 2013-11-12 13:10 - 00000000 ____D I:\Users\Steven\AppData\Roaming\AVAST Software
2013-11-12 13:09 - 2013-11-17 13:15 - 00004132 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-12 13:09 - 2013-11-12 13:11 - 00000000 ____D I:\Users\Steven\AppData\Local\Google
2013-11-12 13:09 - 2013-11-12 13:09 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-12 13:08 - 2013-11-12 13:08 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-12 13:08 - 2013-11-12 13:08 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-12 13:08 - 2013-11-12 13:08 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-12 13:04 - 2013-11-12 13:05 - 00003510 _____ C:\shared.log
2013-11-12 13:02 - 2013-11-12 13:03 - 87529432 _____ (AVAST Software) I:\Users\Steven\Downloads\avast_free_antivirus_setup2008.exe
2013-11-11 13:17 - 2013-11-11 13:17 - 00001176 _____ I:\Users\Public\Desktop\GeForce Experience.lnk
2013-11-11 13:16 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-11 13:16 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-11 13:13 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-11-11 13:13 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-11-11 13:13 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-11-11 13:13 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-11-11 13:09 - 2013-11-11 13:12 - 255060336 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.65-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-11-11 12:56 - 2013-11-11 12:56 - 00064408 _____ I:\Users\Steven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-11 12:17 - 2013-11-13 12:55 - 00176438 _____ C:\Windows\PFRO.log
2013-11-11 12:17 - 2013-11-11 12:17 - 00294888 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-10 02:46 - 2013-11-19 18:26 - 00003557 _____ C:\Windows\setupact.log
2013-11-10 02:46 - 2013-11-10 02:46 - 00000000 _____ C:\Windows\setuperr.log
2013-10-30 17:25 - 2013-10-30 17:37 - 452840010 _____ I:\Users\Steven\Downloads\wcxVIOLETTE01(1).mp4
2013-10-30 09:00 - 2013-10-30 09:16 - 544962067 _____ I:\Users\Steven\Downloads\wcxVIOLETTE02.mp4
2013-10-23 20:56 - 2013-11-12 16:00 - 00007652 _____ I:\Users\Steven\AppData\Local\Resmon.ResmonCfg
2013-10-23 15:36 - 2011-03-21 20:22 - 00452200 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-10-23 15:36 - 2011-03-21 20:22 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2013-10-23 15:33 - 2010-01-14 19:27 - 00048416 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2013-10-23 15:33 - 2010-01-14 19:27 - 00032544 _____ (Realtek                                            ) C:\Windows\system32\Drivers\RtNdPt60.sys
2013-10-23 15:33 - 2010-01-14 19:27 - 00029472 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\RtVlan60.sys
2013-10-23 15:24 - 2013-10-23 15:24 - 00001097 _____ I:\Users\Public\Desktop\HD VDeck.lnk
2013-10-23 15:24 - 2010-10-02 02:41 - 01349232 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2013-10-23 15:24 - 2010-10-02 02:41 - 00991856 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00549488 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00248944 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00202864 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00091760 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00085616 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2013-10-23 15:24 - 2007-12-04 10:28 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2013-10-23 15:24 - 2007-12-04 10:28 - 00082432 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2013-10-23 15:19 - 2013-10-23 15:19 - 00000000 ____D I:\Users\Steven\Downloads\23894-AMD_VGA_V871000_XPVISTAWIN7
2013-10-23 15:13 - 2013-10-23 15:13 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-23 15:13 - 2013-10-23 15:13 - 00000000 ____D I:\Users\Steven\AppData\Local\WebPlayer
2013-10-23 15:12 - 2013-10-24 17:18 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-10-23 15:11 - 2013-10-23 16:00 - 00003256 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-23 14:33 - 2013-11-13 18:23 - 00000761 _____ I:\Users\Public\Desktop\Speccy.lnk
2013-10-23 14:32 - 2013-10-23 14:33 - 00000000 ____D C:\Program Files\Speccy
2013-10-23 14:21 - 2013-10-23 14:21 - 05552488 _____ (Piriform Ltd) I:\Users\Steven\Downloads\spsetup123.exe
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\UpdatusUser.Steven-PC\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\Steven\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:31 - 2013-10-23 13:31 - 04179293 _____ (Lavalys, Inc.                                              ) I:\Users\Steven\Downloads\everesthome220.exe
2013-10-23 13:24 - 2013-10-23 13:24 - 00000000 ____D I:\Users\Steven\AppData\Local\NVIDIA
2013-10-23 13:00 - 2013-10-23 13:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-23 12:58 - 2013-11-03 02:37 - 00000000 ____D I:\Users\UpdatusUser.Steven-PC
2013-10-23 12:58 - 2013-10-23 12:58 - 00000020 ___SH I:\Users\UpdatusUser.Steven-PC\ntuser.ini
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Vorlagen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Startmenü
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Netzwerkumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Lokale Einstellungen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Eigene Dateien
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Druckumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Musik
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Bilder
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Verlauf
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Anwendungsdaten
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Anwendungsdaten
2013-10-23 12:58 - 2013-05-06 19:27 - 00000000 ___RD I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-23 12:58 - 2013-05-06 19:27 - 00000000 ___RD I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-23 12:54 - 2013-11-12 17:49 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-23 12:51 - 2013-10-23 11:30 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 12:51 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-23 12:51 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-23 12:51 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-23 12:51 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-23 12:51 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-23 12:49 - 2013-10-23 12:49 - 00000733 _____ I:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-23 12:49 - 2013-10-23 12:49 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Malwarebytes
2013-10-23 12:49 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-23 12:45 - 2013-10-23 12:48 - 253931296 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.58-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-22 23:13 - 2013-11-13 12:55 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-10-22 23:13 - 2013-10-22 23:13 - 00000000 ____D I:\Users\Steven\AppData\Roaming\SUPERAntiSpyware.com

==================== One Month Modified Files and Folders =======

2013-11-20 03:47 - 2013-11-20 03:46 - 00007415 _____ I:\Users\Steven\Desktop\FRST.txt
2013-11-20 03:46 - 2013-11-20 03:46 - 01957964 _____ (Farbar) I:\Users\Steven\Desktop\FRST64.exe
2013-11-20 03:46 - 2013-11-20 03:46 - 00000000 ____D C:\FRST
2013-11-20 03:42 - 2009-07-14 05:45 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-20 03:42 - 2009-07-14 05:45 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-20 01:29 - 2013-05-06 16:54 - 01501179 _____ C:\Windows\WindowsUpdate.log
2013-11-19 18:32 - 2009-07-14 18:58 - 00698124 _____ C:\Windows\system32\perfh007.dat
2013-11-19 18:32 - 2009-07-14 18:58 - 00148820 _____ C:\Windows\system32\perfc007.dat
2013-11-19 18:32 - 2009-07-14 06:13 - 01616954 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-19 18:26 - 2013-11-10 02:46 - 00003557 _____ C:\Windows\setupact.log
2013-11-19 18:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 13:21 - 2013-05-10 16:24 - 00013754 _____ I:\Users\Steven\Desktop\Vorlage Anschreiben.odt
2013-11-19 11:56 - 2013-10-18 06:31 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-19 11:56 - 2013-10-18 06:29 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-19 01:50 - 2013-09-09 12:34 - 00000855 _____ I:\Users\Public\Desktop\AION Free-to-Play.lnk
2013-11-19 01:46 - 2013-11-19 01:46 - 00002968 _____ C:\Windows\System32\Tasks\{16483288-D1FE-4BCA-A23D-C0DDBFDA0855}
2013-11-19 01:03 - 2013-11-19 01:03 - 00000000 ____D I:\Users\Steven\Downloads\Gameforge Live
2013-11-19 01:03 - 2013-09-09 12:25 - 00000733 _____ I:\Users\Public\Desktop\Gameforge Live.lnk
2013-11-18 19:32 - 2013-10-18 06:29 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-17 13:15 - 2013-11-12 13:09 - 00004132 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-16 11:02 - 2013-11-16 11:02 - 00000000 ____D I:\Users\Steven\AppData\Local\Arktos Entertainment
2013-11-13 18:23 - 2013-10-23 14:33 - 00000761 _____ I:\Users\Public\Desktop\Speccy.lnk
2013-11-13 12:55 - 2013-11-11 12:17 - 00176438 _____ C:\Windows\PFRO.log
2013-11-13 12:55 - 2013-10-22 23:13 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-11-12 17:53 - 2013-11-12 17:53 - 00000000 ____D I:\Users\Steven\Documents\Razer
2013-11-12 17:51 - 2013-11-12 17:51 - 00000897 _____ I:\Users\Public\Desktop\Razer Game Booster.lnk
2013-11-12 17:51 - 2013-11-12 17:51 - 00000000 ____D I:\Users\Steven\AppData\Local\Razer
2013-11-12 17:49 - 2013-10-23 12:54 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-12 17:41 - 2013-11-12 17:40 - 39721880 _____ (Razer Inc.                                                  ) I:\Users\Steven\Downloads\RazerGameBoosterSetup_4.0.68.0.exe
2013-11-12 16:00 - 2013-10-23 20:56 - 00007652 _____ I:\Users\Steven\AppData\Local\Resmon.ResmonCfg
2013-11-12 13:11 - 2013-11-12 13:09 - 00000000 ____D I:\Users\Steven\AppData\Local\Google
2013-11-12 13:10 - 2013-11-12 13:10 - 00000000 ____D I:\Users\Steven\AppData\Roaming\AVAST Software
2013-11-12 13:09 - 2013-11-12 13:09 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-12 13:08 - 2013-11-12 13:08 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-12 13:08 - 2013-11-12 13:08 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-12 13:08 - 2013-11-12 13:08 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-12 13:05 - 2013-11-12 13:04 - 00003510 _____ C:\shared.log
2013-11-12 13:03 - 2013-11-12 13:02 - 87529432 _____ (AVAST Software) I:\Users\Steven\Downloads\avast_free_antivirus_setup2008.exe
2013-11-11 13:17 - 2013-11-11 13:17 - 00001176 _____ I:\Users\Public\Desktop\GeForce Experience.lnk
2013-11-11 13:16 - 2013-05-06 18:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-11 13:16 - 2013-05-06 18:29 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-11 13:12 - 2013-11-11 13:09 - 255060336 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.65-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-11-11 12:56 - 2013-11-11 12:56 - 00064408 _____ I:\Users\Steven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-11 12:17 - 2013-11-11 12:17 - 00294888 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-10 02:46 - 2013-11-10 02:46 - 00000000 _____ C:\Windows\setuperr.log
2013-11-08 22:42 - 2013-05-06 22:23 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Maxthon3
2013-11-03 02:37 - 2013-10-23 12:58 - 00000000 ____D I:\Users\UpdatusUser.Steven-PC
2013-11-01 20:14 - 2013-05-06 22:23 - 00003544 _____ C:\Windows\System32\Tasks\Maxthon Update
2013-10-31 17:03 - 2013-05-09 14:24 - 00000000 ____D I:\Users\Steven\AppData\Roaming\vlc
2013-10-30 17:37 - 2013-10-30 17:25 - 452840010 _____ I:\Users\Steven\Downloads\wcxVIOLETTE01(1).mp4
2013-10-30 09:16 - 2013-10-30 09:00 - 544962067 _____ I:\Users\Steven\Downloads\wcxVIOLETTE02.mp4
2013-10-24 17:18 - 2013-10-23 15:12 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-10-23 16:00 - 2013-10-23 15:11 - 00003256 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-23 15:45 - 2013-05-06 18:08 - 00001769 _____ C:\Windows\Language_trs.ini
2013-10-23 15:37 - 2013-05-06 18:15 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-23 15:33 - 2013-05-06 18:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-23 15:24 - 2013-10-23 15:24 - 00001097 _____ I:\Users\Public\Desktop\HD VDeck.lnk
2013-10-23 15:19 - 2013-10-23 15:19 - 00000000 ____D I:\Users\Steven\Downloads\23894-AMD_VGA_V871000_XPVISTAWIN7
2013-10-23 15:14 - 2013-05-06 21:53 - 00000000 ____D I:\Users\Steven
2013-10-23 15:13 - 2013-10-23 15:13 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-23 15:13 - 2013-10-23 15:13 - 00000000 ____D I:\Users\Steven\AppData\Local\WebPlayer
2013-10-23 14:33 - 2013-10-23 14:32 - 00000000 ____D C:\Program Files\Speccy
2013-10-23 14:21 - 2013-10-23 14:21 - 05552488 _____ (Piriform Ltd) I:\Users\Steven\Downloads\spsetup123.exe
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\UpdatusUser.Steven-PC\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\Steven\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:31 - 2013-10-23 13:31 - 04179293 _____ (Lavalys, Inc.                                              ) I:\Users\Steven\Downloads\everesthome220.exe
2013-10-23 13:24 - 2013-10-23 13:24 - 00000000 ____D I:\Users\Steven\AppData\Local\NVIDIA
2013-10-23 13:00 - 2013-10-23 13:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-23 12:58 - 2013-10-23 12:58 - 00000020 ___SH I:\Users\UpdatusUser.Steven-PC\ntuser.ini
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Vorlagen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Startmenü
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Netzwerkumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Lokale Einstellungen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Eigene Dateien
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Druckumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Musik
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Bilder
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Verlauf
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Anwendungsdaten
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Anwendungsdaten
2013-10-23 12:49 - 2013-10-23 12:49 - 00000733 _____ I:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-23 12:49 - 2013-10-23 12:49 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Malwarebytes
2013-10-23 12:48 - 2013-10-23 12:45 - 253931296 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.58-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-10-23 11:30 - 2013-11-11 13:13 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-11-11 13:13 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-23 11:30 - 2013-10-23 12:51 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2013-05-06 18:30 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-10-23 11:30 - 2013-05-06 18:30 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-10-23 11:30 - 2013-05-06 18:29 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2013-05-06 18:29 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-23 11:30 - 2013-05-06 18:29 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 09:20 - 2013-05-06 18:30 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 03426956 _____ C:\Windows\system32\nvcoproc.bin
2013-10-23 09:20 - 2013-05-06 18:30 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2013-05-06 18:30 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-22 23:13 - 2013-10-22 23:13 - 00000000 ____D I:\Users\Steven\AppData\Roaming\SUPERAntiSpyware.com

Some content of TEMP:
====================
I:\Users\Steven\AppData\Local\Temp\avgnt.exe
I:\Users\Steven\AppData\Local\Temp\drm_dyndata_7380015.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 05:03

==================== End Of Log ============================
--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by Steven at 2013-11-20 03:47:19
Running from I:\Users\Steven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Reader X - Deutsch (x32 Version: 10.0.0)
AION Free-to-Play (x32)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0)
ATI Catalyst Install Manager (Version: 3.0.765.0)
avast! Free Antivirus (x32 Version: 9.0.2008)
B010 (x32 Version: 140.0.344.000)
BufferChm (x32 Version: 140.0.212.000)
Command & Conquer 3 Kane's Wrath(TM) Worldbuilder (x32 Version: 1.0)
Command & Conquer 3 Tiberium Wars(TM) Worldbuilder (x32 Version: 1.0)
Command & Conquer 3 Tiberium Wars™ (x32 Version: 1.0.0.0)
Command & Conquer™ 3 Kane's Wrath (x32 Version: 1.0.0.0)
Command and Conquer 4: Tiberian Twilight (x32)
Destinations (x32 Version: 140.0.167.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
FUSSBALL MANAGER 12 (x32 Version: 1.0.0.3)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0)
GeForce Experience NvStream Client Components (Version: 1.6.28)
GPBaseService2 (x32 Version: 140.0.211.000)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.002.002.002)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
Infestation Survivor Stories version 1.0 (x32 Version: 1.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Maxthon Cloud Browser (x32 Version: 4.0.5.4000)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.2.1.4399)
Platform (x32 Version: 1.39)
PS_AIO_07_B010_SW_Min (x32 Version: 140.0.224.000)
Razer Game Booster (x32 Version: 4.0.68.0)
Realtek Ethernet Controller Driver (x32 Version: 7.43.321.2011)
Realtek Ethernet Diagnostic Utility (x32 Version: 1.00.0000)
Scan (x32 Version: 140.0.80.000)
Serious Sam 3: BFE (x32)
SHIELD Streaming (Version: 1.6.34)
Sid Meier's Civilization V (x32)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.214.000)
Speccy (Version: 1.23)
StarCraft II (x32)
Status (x32 Version: 140.0.256.000)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.13.1)
Toolbox (x32 Version: 140.0.428.000)
TrayApp (x32 Version: 140.0.212.000)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
Unity Web Player (HKCU Version: )
VLC media player 2.0.6 (Version: 2.0.6)
WebReg (x32 Version: 140.0.212.017)
World of Warcraft (x32 Version: 5.3.0.17128)

==================== Restore Points  =========================

13-11-2013 07:30:45 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {034B0710-21A8-4A8A-AD7B-1F7D3FE13294} - System32\Tasks\HP-Online-Aktualisierungsprogramm => D:\HP Photosmart B010\HP Software Update\hpwuschd2.exe [2009-11-18] (Hewlett-Packard)
Task: {20097410-477C-4304-8339-A5E8EF82D72E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {52B9251B-25AD-4504-AA26-D3A24A1096D0} - System32\Tasks\Maxthon Update => D:\Maxthon\Bin\MxUp.exe [2013-10-09] (Maxthon International ltd.)
Task: {6F5C5C7C-0E7B-44E7-9C9B-9F665ADDD7DC} - System32\Tasks\SomotoUpdateCheckerAutoStart => I:\Users\Steven\AppData\Local\FilesFrog Update Checker\update_checker.exe
Task: {87D50A26-78EF-435B-B28A-CA9DD2D59447} - System32\Tasks\{16483288-D1FE-4BCA-A23D-C0DDBFDA0855} => H:\Gameforge Live\GameforgeLive\GameforgeLive.exe [2013-10-02] ()
Task: {943FE881-9817-4168-A75C-C21BD743B103} - System32\Tasks\avast! Emergency Update => D:\Antivirus\AvastEmUpdate.exe [2013-11-12] (AVAST Software)
Task: {F4875661-7007-4FD6-9AD1-1C7A0D825E5F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => D:\Tune Up\OneClick.exe [2013-01-28] (TuneUp Software)

==================== Loaded Modules (whitelisted) =============

2013-05-06 18:22 - 2010-12-17 19:25 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-05-06 18:22 - 2010-12-17 19:25 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-05-06 18:22 - 2010-12-17 19:25 - 00105584 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-05-06 18:22 - 2010-12-17 19:25 - 64643696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-11-18 23:44 - 2013-11-18 21:31 - 02145792 _____ () D:\Antivirus\defs\13111801\algo.dll
2013-11-12 13:08 - 2013-11-12 13:08 - 19336120 _____ () D:\Antivirus\libcef.dll
2013-04-23 17:30 - 2013-10-24 18:45 - 00691200 _____ () H:\Steam\SDL2.dll
2013-05-03 14:35 - 2013-10-30 20:25 - 01123240 _____ () H:\Steam\bin\chromehtml.DLL
2013-03-26 15:16 - 2013-10-23 21:07 - 20625832 _____ () H:\Steam\bin\libcef.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 01100800 _____ () H:\Steam\bin\avcodec-53.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00124416 _____ () H:\Steam\bin\avutil-51.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00192000 _____ () H:\Steam\bin\avformat-53.dll
2013-11-12 17:51 - 2012-11-20 16:13 - 00264192 _____ () D:\Razzer Game Booster\Razer Game Booster\D3DX8Wrapper.dll
2013-11-12 17:51 - 2013-03-18 14:53 - 07477262 _____ () D:\Razzer Game Booster\Razer Game Booster\avcodec-54.dll
2013-11-12 17:51 - 2013-03-18 14:53 - 00156174 _____ () D:\Razzer Game Booster\Razer Game Booster\keutil-51.dll
2013-11-12 17:51 - 2013-03-18 14:53 - 01191950 _____ () D:\Razzer Game Booster\Razer Game Booster\avformat-54.dll
2013-11-12 17:51 - 2013-03-18 14:53 - 00333326 _____ () D:\Razzer Game Booster\Razer Game Booster\swscale-2.dll
2013-05-03 14:35 - 2013-10-30 20:25 - 00121256 _____ () H:\Steam\bin\audio.dll
2012-09-07 14:37 - 2013-06-15 00:49 - 00071680 _____ () H:\Steam\bin\mssmp3.asi
2013-07-16 22:13 - 2013-06-15 00:49 - 00153088 _____ () H:\Steam\bin\mssvoice.asi
2013-05-06 22:23 - 2012-10-16 06:20 - 00258944 _____ () D:\Maxthon\bin\Maxzlib.dll
2013-05-06 22:23 - 2012-10-16 06:20 - 00258944 _____ () D:\Maxthon\Bin\maxzlib.dll
2013-11-08 22:42 - 2013-08-09 09:44 - 00232760 _____ () D:\Maxthon\Addons\Mobile\MxMobile.dll
2013-05-06 22:23 - 2013-08-09 09:44 - 00755000 _____ () D:\Maxthon\Core\Webkit\libglesv2.dll
2013-05-06 22:23 - 2013-08-09 09:44 - 00149304 _____ () D:\Maxthon\Core\Webkit\libegl.dll
2013-05-06 22:23 - 2013-08-14 09:06 - 14586736 _____ () D:\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/19/2013 11:53:19 PM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14bc

Startzeit: 01cee57a0b975425

Endzeit: 236

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: 5f01e4df-516d-11e3-b4d0-c8600060e495

Error: (11/19/2013 02:59:34 PM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2028

Startzeit: 01cee52f8a5cd1de

Endzeit: 202

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: d00833b0-5122-11e3-ae43-c8600060e495

Error: (11/19/2013 01:53:42 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c24

Startzeit: 01cee4c1bab7eafc

Endzeit: 332

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: 070d2d78-50b5-11e3-ae43-c8600060e495

Error: (11/19/2013 01:51:36 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b60

Startzeit: 01cee4c172af8839

Endzeit: 338

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: bbc487a6-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:50:48 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2568

Startzeit: 01cee4c15a279225

Endzeit: 199

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: 9f72d12f-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:49:53 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2d70

Startzeit: 01cee4c139088a2e

Endzeit: 201

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: 7e8d298f-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:49:05 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 22a0

Startzeit: 01cee4c117d49a58

Endzeit: 307

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: 6235f4c3-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:47:30 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f18

Startzeit: 01cee4c0dfe11f0d

Endzeit: 316

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: 24e5de2f-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:44:38 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 690

Startzeit: 01cee4c07b20349e

Endzeit: 226

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: c01bcbdd-50b3-11e3-ae43-c8600060e495

Error: (11/19/2013 01:44:06 AM) (Source: Application Hang) (User: )
Description: Programm AION.bin, Version 4213.206.911.7443 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1708

Startzeit: 01cee4c062d6f625

Endzeit: 205

Anwendungspfad: H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin

Berichts-ID: aef10383-50b3-11e3-ae43-c8600060e495


System errors:
=============
Error: (11/14/2013 08:57:33 PM) (Source: Service Control Manager) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/13/2013 08:28:02 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (11/12/2013 01:08:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! Antivirus" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (11/12/2013 01:10:51 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (11/11/2013 01:17:51 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/11/2013 00:53:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (11/11/2013 00:51:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (11/03/2013 02:37:28 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎03.‎11.‎2013 um 02:35:53 unerwartet heruntergefahren.

Error: (11/01/2013 10:50:33 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (11/01/2013 09:21:04 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎01.‎11.‎2013 um 21:18:41 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (11/19/2013 11:53:19 PM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.744314bc01cee57a0b975425236H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin5f01e4df-516d-11e3-b4d0-c8600060e495

Error: (11/19/2013 02:59:34 PM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.7443202801cee52f8a5cd1de202H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bind00833b0-5122-11e3-ae43-c8600060e495

Error: (11/19/2013 01:53:42 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.74431c2401cee4c1bab7eafc332H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin070d2d78-50b5-11e3-ae43-c8600060e495

Error: (11/19/2013 01:51:36 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.74431b6001cee4c172af8839338H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.binbbc487a6-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:50:48 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.7443256801cee4c15a279225199H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin9f72d12f-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:49:53 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.74432d7001cee4c139088a2e201H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin7e8d298f-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:49:05 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.744322a001cee4c117d49a58307H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin6235f4c3-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:47:30 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.74431f1801cee4c0dfe11f0d316H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin24e5de2f-50b4-11e3-ae43-c8600060e495

Error: (11/19/2013 01:44:38 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.744369001cee4c07b20349e226H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.binc01bcbdd-50b3-11e3-ae43-c8600060e495

Error: (11/19/2013 01:44:06 AM) (Source: Application Hang)(User: )
Description: AION.bin4213.206.911.7443170801cee4c062d6f625205H:\Gameforge Live\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.binaef10383-50b3-11e3-ae43-c8600060e495


CodeIntegrity Errors:
===================================
  Date: 2013-11-20 03:46:17.197
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:39:41.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:25:29.463
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:24:45.723
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:24:27.986
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:22:45.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:22:26.938
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:22:22.111
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:22:10.419
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 03:20:45.900
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 16366.12 MB
Available physical RAM: 12905.03 MB
Total Pagefile: 32730.42 MB
Available Pagefile: 28684.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:53.61 GB) (Free:15.74 GB) NTFS
Drive d: (Programme) (Fixed) (Total:101.07 GB) (Free:99.37 GB) NTFS
Drive e: (MANAGER12) (CDROM) (Total:6.87 GB) (Free:0 GB) CDFS
Drive h: (Spiele) (Fixed) (Total:260.68 GB) (Free:141.7 GB) NTFS
Drive i: (Sonstiges) (Fixed) (Total:50.29 GB) (Free:42.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 10BECBF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=54 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=101 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=311 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus 20.11.2013 09:10
Zitat:
In den Logdateien ist nichts drin, dafür aber unter Quarantäne 256 Einträge,
Durchforste mal alle Logs nach Funden.
Ansonsten mal die Liste der Quarantäne screenshotten und hier posten.

Zitat:
damit habe ich in den letzten Tagen 9 Viren gelöscht und 1 in den Virus Container verschoben.
Logs sollten da zu finden sein => C:\ProgramData\AVAST Software\Avast\log

Smexer 20.11.2013 15:29
Ich entschuldige mich im voraus, aber ich muss mehrfach posten.

Hier sind die Screenshots aus dem Quarantäne Reiter von Malware:

hxxp://saved.im/mtg3mjyyoxhs/screen1.html
hxxp://saved.im/mtg3mjy2exrn/screen2.html
hxxp://saved.im/mtg3mjy3ohzu/screen3.html
hxxp://saved.im/mtg3mjy4c2wx/screen4.html
hxxp://saved.im/mtg3mjy5bg5o/screen5.html
hxxp://saved.im/mtg3mjcwn2hk/screen6.html

Hier ist ein Screenshot aus dem Log Ordner von avast! den sie mir beschrieben haben:

hxxp://saved.im/mtg3mjcxym52/screen7.html

Hier sind die Logs in der Reihenfolge wie auf dem Screen:

Code:
avast! Antirootkit, version 1.0
Scan started: Mittwoch, 20. November 2013 15:20:44

Process  [0]
Process  [4]
Process C:\Windows\System32\smss.exe [352]
Process C:\Windows\System32\csrss.exe [504]
Process C:\Windows\System32\wininit.exe [584]
Process C:\Windows\System32\csrss.exe [608]
Process C:\Windows\System32\services.exe [644]
Process C:\Windows\System32\winlogon.exe [688]
Process C:\Windows\System32\lsass.exe [716]
Process C:\Windows\System32\lsm.exe [724]
Process C:\Windows\System32\svchost.exe [828]
Process C:\Windows\System32\nvvsvc.exe [920]
Process C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [944]
Process C:\Windows\System32\svchost.exe [988]
Process C:\Windows\System32\svchost.exe [372]
Process C:\Windows\System32\svchost.exe [492]
Process C:\Windows\System32\svchost.exe [720]
Process C:\Windows\System32\svchost.exe [1036]
Process C:\Windows\System32\audiodg.exe [1128]
Process C:\Windows\System32\svchost.exe [1232]
Process C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1312]
Process C:\Windows\System32\nvvsvc.exe [1320]
Process D:\Antivirus\AvastSvc.exe [1352]
Process C:\Windows\System32\spoolsv.exe [1664]
Process C:\Windows\System32\taskhost.exe [1700]
Process C:\Windows\System32\svchost.exe [1708]
Process C:\Windows\SysWOW64\svchost.exe [1904]
Process C:\Windows\System32\svchost.exe [1944]
Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2024]
Process C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1364]
Process C:\Windows\System32\svchost.exe [2160]
Process C:\Windows\SysWOW64\PnkBstrA.exe [2184]
Process D:\Razzer Game Booster\Razer Game Booster\RzKLService.exe [2212]
Process C:\Windows\System32\svchost.exe [2236]
Process D:\Tune Up\TuneUpUtilitiesService64.exe [2300]
Process C:\Windows\System32\ViakaraokeSrv.exe [2328]
Process C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2388]
Process C:\Windows\System32\sppsvc.exe [2832]
Process C:\Windows\System32\WUDFHost.exe [1872]
Process C:\Windows\System32\rundll32.exe [3056]
Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2508]
Process C:\Windows\System32\conhost.exe [2056]
Process D:\Tune Up\TuneUpUtilitiesApp64.exe [3420]
Process C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [3468]
Process C:\Windows\System32\dwm.exe [3600]
Process C:\Windows\explorer.exe [3624]
Process C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [3712]
Process C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3860]
Process D:\Antivirus\AvastUI.exe [3868]
Process D:\Maxthon\Bin\Maxthon.exe [2876]
Process D:\Maxthon\Bin\Maxthon.exe [4000]
Process D:\Maxthon\Bin\Maxthon.exe [4056]
Process D:\Maxthon\Bin\Maxthon.exe [3824]
Process C:\Windows\System32\svchost.exe [5096]
Process C:\Program Files\Windows Media Player\wmpnetwk.exe [196]
Process C:\Windows\System32\svchost.exe [4344]
Process C:\Windows\System32\wbem\WmiPrvSE.exe [1412]
Disk 0 MBR
Service .NET CLR Data [???]
Service .NET CLR Networking [???]
Service .NET CLR Networking 4.0.0.0 [???]
Service .NET Data Provider for Oracle [???]
Service .NET Data Provider for SqlServer [???]
Service .NET Memory Cache 4.0 [???]
Service .NETFramework [???]
Service 1394ohci [C:\Windows\system32\drivers\1394ohci.sys]
Service ACPI [C:\Windows\system32\drivers\ACPI.sys]
Service AcpiPmi [C:\Windows\system32\drivers\acpipmi.sys]
Service adp94xx [C:\Windows\system32\DRIVERS\adp94xx.sys]
Service adpahci [C:\Windows\system32\DRIVERS\adpahci.sys]
Service adpu320 [C:\Windows\system32\DRIVERS\adpu320.sys]
Service adsi [???]
Service AeLookupSvc [C:\Windows\System32\aelupsvc.dll]
Service AFD [C:\Windows\system32\drivers\afd.sys]
Service agp440 [C:\Windows\system32\drivers\agp440.sys]
Service AiCharger [C:\Windows\SysWow64\drivers\AiCharger.sys]
Service ALG [C:\Windows\System32\alg.exe]
Service aliide [C:\Windows\system32\drivers\aliide.sys]
Service amdide [C:\Windows\system32\drivers\amdide.sys]
Service AmdK8 [C:\Windows\system32\DRIVERS\amdk8.sys]
Service AmdPPM [C:\Windows\system32\DRIVERS\amdppm.sys]
Service amdsata [C:\Windows\system32\drivers\amdsata.sys]
Service amdsbs [C:\Windows\system32\DRIVERS\amdsbs.sys]
Service amdxata [C:\Windows\system32\drivers\amdxata.sys]
Service AppID [C:\Windows\system32\drivers\appid.sys]
Service AppIDSvc [C:\Windows\System32\appidsvc.dll]
Service Appinfo [C:\Windows\System32\appinfo.dll]
Service arc [C:\Windows\system32\DRIVERS\arc.sys]
Service arcsas [C:\Windows\system32\DRIVERS\arcsas.sys]
Service asmthub3 [C:\Windows\system32\DRIVERS\asmthub3.sys]
Service asmtxhci [C:\Windows\system32\DRIVERS\asmtxhci.sys]
Service ASP.NET [???]
Service ASP.NET_4.0.30319 [???]
Service aspnet_state [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe]
Service aswFsBlk [C:\Windows\system32\drivers\aswFsBlk.sys]
Service aswMonFlt [C:\Windows\system32\drivers\aswMonFlt.sys]
Service aswRdr [C:\Windows\system32\drivers\aswRdr2.sys]
Service aswRvrt [C:\Windows\System32\Drivers\aswRvrt.sys]
Service aswSnx [C:\Windows\system32\drivers\aswSnx.sys]
Service aswSP [C:\Windows\system32\drivers\aswSP.sys]
Service aswTdi [C:\Windows\system32\drivers\aswTdi.sys]
Service aswVmm [C:\Windows\System32\Drivers\aswVmm.sys]
Service AsyncMac [C:\Windows\system32\DRIVERS\asyncmac.sys]
Service atapi [C:\Windows\system32\drivers\atapi.sys]
Service AtiPcie [C:\Windows\system32\DRIVERS\AtiPcie.sys]
Service AudioEndpointBuilder [C:\Windows\System32\Audiosrv.dll]
Service AudioSrv [C:\Windows\System32\Audiosrv.dll]
Service avast! Antivirus [D:\Antivirus\AvastSvc.exe]
Service AxInstSV [C:\Windows\System32\AxInstSV.dll]
Service b06bdrv [C:\Windows\system32\DRIVERS\bxvbda.sys]
Service b57nd60a [C:\Windows\system32\DRIVERS\b57nd60a.sys]
Service BattC [???]
Service BDESVC [C:\Windows\System32\bdesvc.dll]
Service Beep [C:\Windows\System32\Drivers\Beep.sys]
Service BFE [C:\Windows\System32\bfe.dll]
Service BITS [C:\Windows\System32\qmgr.dll]
Service blbdrive [C:\Windows\system32\DRIVERS\blbdrive.sys]
Service bowser [C:\Windows\system32\DRIVERS\bowser.sys]
Service BrFiltLo [C:\Windows\system32\DRIVERS\BrFiltLo.sys]
Service BrFiltUp [C:\Windows\system32\DRIVERS\BrFiltUp.sys]
Service Browser [C:\Windows\System32\browser.dll]
Service Brserid [C:\Windows\System32\Drivers\Brserid.sys]
Service BrSerWdm [C:\Windows\System32\Drivers\BrSerWdm.sys]
Service BrUsbMdm [C:\Windows\System32\Drivers\BrUsbMdm.sys]
Service BrUsbSer [C:\Windows\System32\Drivers\BrUsbSer.sys]
Service BTHMODEM [C:\Windows\system32\DRIVERS\bthmodem.sys]
Service BTHPORT [???]
Service bthserv [C:\Windows\system32\bthserv.dll]
Service cdfs [C:\Windows\system32\DRIVERS\cdfs.sys]
Service cdrom [C:\Windows\system32\drivers\cdrom.sys]
Service CertPropSvc [C:\Windows\System32\certprop.dll]
Service circlass [C:\Windows\system32\DRIVERS\circlass.sys]
Service CLFS [C:\Windows\System32\CLFS.sys]
Service clr_optimization_v2.0.50727_32 [C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe]
Service clr_optimization_v2.0.50727_64 [C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe]
Service clr_optimization_v4.0.30319_32 [C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe]
Service clr_optimization_v4.0.30319_64 [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe]
Service CmBatt [C:\Windows\system32\DRIVERS\CmBatt.sys]
Service cmdide [C:\Windows\system32\drivers\cmdide.sys]
Service CNG [C:\Windows\System32\Drivers\cng.sys]
Service CodeMeter.exe [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe]
Service Compbatt [C:\Windows\system32\DRIVERS\compbatt.sys]
Service CompositeBus [C:\Windows\system32\drivers\CompositeBus.sys]
Service COMSysApp [C:\Windows\system32\dllhost.exe]
Service crcdisk [C:\Windows\system32\DRIVERS\crcdisk.sys]
Service crypt32 [???]
Service CryptSvc [C:\Windows\system32\cryptsvc.dll]
Service DCLocator [???]
Service DcomLaunch [C:\Windows\system32\rpcss.dll]
Service defragsvc [C:\Windows\System32\defragsvc.dll]
Service DfsC [C:\Windows\System32\Drivers\dfsc.sys]
Service Dhcp [C:\Windows\system32\dhcpcore.dll]
Service discache [C:\Windows\System32\drivers\discache.sys]
Service Disk [C:\Windows\system32\DRIVERS\disk.sys]
Service Dnscache [C:\Windows\System32\dnsrslvr.dll]
Service dot3svc [C:\Windows\System32\dot3svc.dll]
Service Dot4 [C:\Windows\system32\DRIVERS\Dot4.sys]
Service Dot4Print [C:\Windows\system32\DRIVERS\Dot4Prt.sys]
Service dot4usb [C:\Windows\system32\DRIVERS\dot4usb.sys]
Service DPS [C:\Windows\system32\dps.dll]
Service drmkaud [C:\Windows\system32\drivers\drmkaud.sys]
Service DXGKrnl [C:\Windows\System32\drivers\dxgkrnl.sys]
Service EapHost [C:\Windows\System32\eapsvc.dll]
Service ebdrv [C:\Windows\system32\DRIVERS\evbda.sys]
Service EFS [C:\Windows\System32\lsass.exe]
Service ehRecvr [C:\Windows\ehome\ehRecvr.exe]
Service ehSched [C:\Windows\ehome\ehsched.exe]
Service elxstor [C:\Windows\system32\DRIVERS\elxstor.sys]
Service ErrDev [C:\Windows\system32\drivers\errdev.sys]
Service ESENT [???]
Service eventlog [C:\Windows\System32\wevtsvc.dll]
Service EventSystem [C:\Windows\system32\es.dll]
Service exfat [C:\Windows\System32\Drivers\exfat.sys]
Service fastfat [C:\Windows\System32\Drivers\fastfat.sys]
Service Fax [C:\Windows\system32\fxssvc.exe]
Service fdc [C:\Windows\system32\DRIVERS\fdc.sys]
Service fdPHost [C:\Windows\system32\fdPHost.dll]
Service FDResPub [C:\Windows\system32\fdrespub.dll]
Service FileInfo [C:\Windows\system32\drivers\fileinfo.sys]
Service Filetrace [C:\Windows\system32\drivers\filetrace.sys]
Service flpydisk [C:\Windows\system32\DRIVERS\flpydisk.sys]
Service FltMgr [C:\Windows\system32\drivers\fltmgr.sys]
Service FontCache [C:\Windows\system32\FntCache.dll]
Service FontCache3.0.0.0 [C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe]
Service FsDepends [C:\Windows\System32\drivers\FsDepends.sys]
Service Fs_Rec [C:\Windows\System32\Drivers\Fs_Rec.sys]
Service fvevol [C:\Windows\System32\DRIVERS\fvevol.sys]
Service gagp30kx [C:\Windows\system32\DRIVERS\gagp30kx.sys]
Service gpsvc [C:\Windows\System32\gpsvc.dll]
Service hcw85cir [C:\Windows\system32\drivers\hcw85cir.sys]
Service HdAudAddService [C:\Windows\system32\drivers\HdAudio.sys]
Service HDAudBus [C:\Windows\system32\DRIVERS\HDAudBus.sys]
Service HidBatt [C:\Windows\system32\DRIVERS\HidBatt.sys]
Service HidBth [C:\Windows\system32\DRIVERS\hidbth.sys]
Service HidIr [C:\Windows\system32\DRIVERS\hidir.sys]
Service hidserv [C:\Windows\system32\hidserv.dll]
Service HidUsb [C:\Windows\system32\DRIVERS\hidusb.sys]
Service hkmsvc [C:\Windows\system32\kmsvc.dll]
Service HomeGroupListener [C:\Windows\system32\ListSvc.dll]
Service HomeGroupProvider [C:\Windows\system32\provsvc.dll]
Service hpqcxs08 [D:\HP Photosmart B010\Digital Imaging\bin\hpqcxs08.dll]
Service hpqddsvc [D:\HP Photosmart B010\Digital Imaging\bin\hpqddsvc.dll]
Service HpSAMD [C:\Windows\system32\drivers\HpSAMD.sys]
Service HTTP [C:\Windows\system32\drivers\HTTP.sys]
Service hwpolicy [C:\Windows\System32\drivers\hwpolicy.sys]
Service i8042prt [C:\Windows\system32\drivers\i8042prt.sys]
Service iaStorV [C:\Windows\system32\drivers\iaStorV.sys]
Service idsvc [C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe]
Service iirsp [C:\Windows\system32\DRIVERS\iirsp.sys]
Service IKEEXT [C:\Windows\System32\ikeext.dll]
Service inetaccs [???]
Service intelide [C:\Windows\system32\drivers\intelide.sys]
Service intelppm [C:\Windows\system32\DRIVERS\intelppm.sys]
Service IPBusEnum [C:\Windows\system32\ipbusenum.dll]
Service IpFilterDriver [C:\Windows\system32\DRIVERS\ipfltdrv.sys]
Service iphlpsvc [C:\Windows\System32\iphlpsvc.dll]
Service IPMIDRV [C:\Windows\system32\drivers\IPMIDrv.sys]
Service IPNAT [C:\Windows\System32\drivers\ipnat.sys]
Service IRENUM [C:\Windows\system32\drivers\irenum.sys]
Service isapnp [C:\Windows\system32\drivers\isapnp.sys]
Service iScsiPrt [C:\Windows\system32\drivers\msiscsi.sys]
Service kbdclass [C:\Windows\system32\drivers\kbdclass.sys]
Service kbdhid [C:\Windows\system32\drivers\kbdhid.sys]
Service KeyIso [C:\Windows\system32\lsass.exe]
Service KSecDD [C:\Windows\System32\Drivers\ksecdd.sys]
Service KSecPkg [C:\Windows\System32\Drivers\ksecpkg.sys]
Service ksthunk [C:\Windows\system32\drivers\ksthunk.sys]
Service KtmRm [C:\Windows\system32\msdtckrm.dll]
Service LanmanServer [C:\Windows\system32\srvsvc.dll]
Service LanmanWorkstation [C:\Windows\System32\wkssvc.dll]
Service ldap [???]
Service lltdio [C:\Windows\system32\DRIVERS\lltdio.sys]
Service lltdsvc [C:\Windows\System32\lltdsvc.dll]
Service lmhosts [C:\Windows\System32\lmhsvc.dll]
Service Lsa [???]
Service LSI_FC [C:\Windows\system32\DRIVERS\lsi_fc.sys]
Service LSI_SAS [C:\Windows\system32\DRIVERS\lsi_sas.sys]
Service LSI_SAS2 [C:\Windows\system32\DRIVERS\lsi_sas2.sys]
Service LSI_SCSI [C:\Windows\system32\DRIVERS\lsi_scsi.sys]
Service luafv [C:\Windows\system32\drivers\luafv.sys]
Service Mcx2Svc [C:\Windows\system32\Mcx2Svc.dll]
Service megasas [C:\Windows\system32\DRIVERS\megasas.sys]
Service MegaSR [C:\Windows\system32\DRIVERS\MegaSR.sys]
Service MMCSS [C:\Windows\system32\mmcss.dll]
Service Modem [C:\Windows\system32\drivers\modem.sys]
Service monitor [C:\Windows\system32\DRIVERS\monitor.sys]
Service mouclass [C:\Windows\system32\DRIVERS\mouclass.sys]
Service mouhid [C:\Windows\system32\DRIVERS\mouhid.sys]
Service mountmgr [C:\Windows\System32\drivers\mountmgr.sys]
Service mpio [C:\Windows\system32\drivers\mpio.sys]
Service mpsdrv [C:\Windows\System32\drivers\mpsdrv.sys]
Service MpsSvc [C:\Windows\system32\mpssvc.dll]
Service MRxDAV [C:\Windows\system32\drivers\mrxdav.sys]
Service mrxsmb [C:\Windows\system32\DRIVERS\mrxsmb.sys]
Service mrxsmb10 [C:\Windows\system32\DRIVERS\mrxsmb10.sys]
Service mrxsmb20 [C:\Windows\system32\DRIVERS\mrxsmb20.sys]
Service msahci [C:\Windows\system32\drivers\msahci.sys]
Service msdsm [C:\Windows\system32\drivers\msdsm.sys]
Service MSDTC [C:\Windows\System32\msdtc.exe]
Service MSDTC Bridge 3.0.0.0 [???]
Service MSDTC Bridge 4.0.0.0 [???]
Service Msfs [C:\Windows\System32\Drivers\Msfs.sys]
Service mshidkmdf [C:\Windows\System32\drivers\mshidkmdf.sys]
Service msisadrv [C:\Windows\system32\drivers\msisadrv.sys]
Service MSiSCSI [C:\Windows\system32\iscsiexe.dll]
Service msiserver [C:\Windows\system32\msiexec.exe]
Service MSKSSRV [C:\Windows\system32\drivers\MSKSSRV.sys]
Service MSPCLOCK [C:\Windows\system32\drivers\MSPCLOCK.sys]
Service MSPQM [C:\Windows\system32\drivers\MSPQM.sys]
Service MsRPC [C:\Windows\System32\Drivers\MsRPC.sys]
Service MSSCNTRS [???]
Service mssmbios [C:\Windows\system32\drivers\mssmbios.sys]
Service MSTEE [C:\Windows\system32\drivers\MSTEE.sys]
Service MTConfig [C:\Windows\system32\DRIVERS\MTConfig.sys]
Service MTsensor [C:\Windows\system32\DRIVERS\ASACPI.sys]
Service Mup [C:\Windows\System32\Drivers\mup.sys]
Service napagent [C:\Windows\system32\qagentRT.dll]
Service NativeWifiP [C:\Windows\system32\DRIVERS\nwifi.sys]
Service NDIS [C:\Windows\system32\drivers\ndis.sys]
Service NdisCap [C:\Windows\system32\DRIVERS\ndiscap.sys]
Service NdisTapi [C:\Windows\system32\DRIVERS\ndistapi.sys]
Service Ndisuio [C:\Windows\system32\DRIVERS\ndisuio.sys]
Service NdisWan [C:\Windows\system32\DRIVERS\ndiswan.sys]
Service NDProxy [C:\Windows\System32\Drivers\NDProxy.sys]
Service Net Driver HPZ12 [C:\Windows\system32\HPZinw12.dll]
Service NetBIOS [C:\Windows\system32\DRIVERS\netbios.sys]
Service NetBT [C:\Windows\System32\DRIVERS\netbt.sys]
Service Netlogon [C:\Windows\system32\lsass.exe]
Service Netman [C:\Windows\System32\netman.dll]
Service NetMsmqActivator [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe]
Service NetPipeActivator [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe]
Service netprofm [C:\Windows\System32\netprofm.dll]
Service NetTcpActivator [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe]
Service NetTcpPortSharing [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe]
Service nfrd960 [C:\Windows\system32\DRIVERS\nfrd960.sys]
Service NlaSvc [C:\Windows\System32\nlasvc.dll]
Service Npfs [C:\Windows\System32\Drivers\Npfs.sys]
Service nsi [C:\Windows\system32\nsisvc.dll]
Service nsiproxy [C:\Windows\system32\drivers\nsiproxy.sys]
Service NTDS [???]
Service Ntfs [C:\Windows\System32\Drivers\Ntfs.sys]
Service Null [C:\Windows\System32\Drivers\Null.sys]
Service NVHDA [C:\Windows\system32\drivers\nvhda64v.sys]
Service nvlddmkm [C:\Windows\system32\DRIVERS\nvlddmkm.sys]
Service nvraid [C:\Windows\system32\drivers\nvraid.sys]
Service nvstor [C:\Windows\system32\drivers\nvstor.sys]
Service NvStreamSvc [C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe]
Service nvsvc [C:\Windows\system32\nvvsvc.exe]
Service nvUpdatusService [C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe]
Service nvvad_WaveExtensible [C:\Windows\system32\drivers\nvvad64v.sys]
Service nv_agp [C:\Windows\system32\drivers\nv_agp.sys]
Service ohci1394 [C:\Windows\system32\drivers\ohci1394.sys]
Service p2pimsvc [C:\Windows\system32\pnrpsvc.dll]
Service p2psvc [C:\Windows\system32\p2psvc.dll]
Service Parport [C:\Windows\system32\DRIVERS\parport.sys]
Service partmgr [C:\Windows\System32\drivers\partmgr.sys]
Service PcaSvc [C:\Windows\System32\pcasvc.dll]
Service pci [C:\Windows\system32\drivers\pci.sys]
Service pciide [C:\Windows\system32\drivers\pciide.sys]
Service pcmcia [C:\Windows\system32\DRIVERS\pcmcia.sys]
Service pcw [C:\Windows\System32\drivers\pcw.sys]
Service PEAUTH [C:\Windows\system32\drivers\peauth.sys]
Service PerfDisk [???]
Service PerfHost [C:\Windows\SysWow64\perfhost.exe]
Service PerfNet [???]
Service PerfOS [???]
Service PerfProc [???]
Service pla [C:\Windows\system32\pla.dll]
Service PlugPlay [C:\Windows\system32\umpnpmgr.dll]
Service Pml Driver HPZ12 [C:\Windows\system32\HPZipm12.dll]
Service PnkBstrA [C:\Windows\system32\PnkBstrA.exe]
Service PNRPAutoReg [C:\Windows\system32\pnrpauto.dll]
Service PNRPsvc [C:\Windows\system32\pnrpsvc.dll]
Service PolicyAgent [C:\Windows\System32\ipsecsvc.dll]
Service PortProxy [???]
Service Power [C:\Windows\system32\umpo.dll]
Service PptpMiniport [C:\Windows\system32\DRIVERS\raspptp.sys]
Service Processor [C:\Windows\system32\DRIVERS\processr.sys]
Service ProfSvc [C:\Windows\system32\profsvc.dll]
Service ProtectedStorage [C:\Windows\system32\lsass.exe]
Service Psched [C:\Windows\system32\DRIVERS\pacer.sys]
Service ql2300 [C:\Windows\system32\DRIVERS\ql2300.sys]
Service ql40xx [C:\Windows\system32\DRIVERS\ql40xx.sys]
Service QWAVE [C:\Windows\system32\qwave.dll]
Service QWAVEdrv [C:\Windows\system32\drivers\qwavedrv.sys]
Service RasAcd [C:\Windows\System32\DRIVERS\rasacd.sys]
Service RasAgileVpn [C:\Windows\system32\DRIVERS\AgileVpn.sys]
Service RasAuto [C:\Windows\System32\rasauto.dll]
Service Rasl2tp [C:\Windows\system32\DRIVERS\rasl2tp.sys]
Service RasMan [C:\Windows\System32\rasmans.dll]
Service RasPppoe [C:\Windows\system32\DRIVERS\raspppoe.sys]
Service RasSstp [C:\Windows\system32\DRIVERS\rassstp.sys]
Service rdbss [C:\Windows\system32\DRIVERS\rdbss.sys]
Service rdpbus [C:\Windows\system32\DRIVERS\rdpbus.sys]
Service RDPCDD [C:\Windows\System32\DRIVERS\RDPCDD.sys]
Service RDPDD [???]
Service RDPENCDD [C:\Windows\system32\drivers\rdpencdd.sys]
Service RDPNP [???]
Service RDPREFMP [C:\Windows\system32\drivers\rdprefmp.sys]
Service RDPWD [C:\Windows\System32\Drivers\RDPWD.sys]
Service rdyboost [C:\Windows\System32\drivers\rdyboost.sys]
Service RemoteAccess [C:\Windows\System32\mprdim.dll]
Service RemoteRegistry [C:\Windows\system32\regsvc.dll]
Service RpcEptMapper [C:\Windows\System32\RpcEpMap.dll]
Service RpcLocator [C:\Windows\system32\locator.exe]
Service RpcSs [C:\Windows\system32\rpcss.dll]
Service rspndr [C:\Windows\system32\DRIVERS\rspndr.sys]
Service RTL8167 [C:\Windows\system32\DRIVERS\Rt64win7.sys]
Service RtNdPt60 [C:\Windows\system32\DRIVERS\RtNdPt60.sys]
Service RTTEAMPT [C:\Windows\system32\DRIVERS\RtTeam60.sys]
Service RTVLANPT [C:\Windows\system32\DRIVERS\RtVlan60.sys]
Service RzKLService [D:\Razzer Game Booster\Razer Game Booster\RzKLService.exe]
Service SamSs [C:\Windows\system32\lsass.exe]
Service sbp2port [C:\Windows\system32\drivers\sbp2port.sys]
Service SCardSvr [C:\Windows\System32\SCardSvr.dll]
Service scfilter [C:\Windows\System32\DRIVERS\scfilter.sys]
Service Schedule [C:\Windows\system32\schedsvc.dll]
Service SCPolicySvc [C:\Windows\System32\certprop.dll]
Service SDRSVC [C:\Windows\System32\SDRSVC.dll]
Service secdrv [C:\Windows\System32\Drivers\secdrv.sys]
Service seclogon [C:\Windows\system32\seclogon.dll]
Service SENS [C:\Windows\System32\sens.dll]
Service SensrSvc [C:\Windows\system32\sensrsvc.dll]
Service Serenum [C:\Windows\system32\DRIVERS\serenum.sys]
Service Serial [C:\Windows\system32\DRIVERS\serial.sys]
Service sermouse [C:\Windows\system32\DRIVERS\sermouse.sys]
Service ServiceModelEndpoint 3.0.0.0 [???]
Service ServiceModelOperation 3.0.0.0 [???]
Service ServiceModelService 3.0.0.0 [???]
Service SessionEnv [C:\Windows\system32\sessenv.dll]
Service sffdisk [C:\Windows\system32\drivers\sffdisk.sys]
Service sffp_mmc [C:\Windows\system32\drivers\sffp_mmc.sys]
Service sffp_sd [C:\Windows\system32\drivers\sffp_sd.sys]
Service sfloppy [C:\Windows\system32\DRIVERS\sfloppy.sys]
Service SharedAccess [C:\Windows\System32\ipnathlp.dll]
Service ShellHWDetection [C:\Windows\System32\shsvcs.dll]
Service SiSRaid2 [C:\Windows\system32\DRIVERS\SiSRaid2.sys]
Service SiSRaid4 [C:\Windows\system32\DRIVERS\sisraid4.sys]
Service Smb [C:\Windows\system32\DRIVERS\smb.sys]
Service SMSvcHost 3.0.0.0 [???]
Service SMSvcHost 4.0.0.0 [???]
Service SNMPTRAP [C:\Windows\System32\snmptrap.exe]
Service spldr [C:\Windows\System32\Drivers\spldr.sys]
Service Spooler [C:\Windows\System32\spoolsv.exe]
Service sppsvc [C:\Windows\system32\sppsvc.exe]
Service sppuinotify [C:\Windows\system32\sppuinotify.dll]
Service srv [C:\Windows\System32\DRIVERS\srv.sys]
Service srv2 [C:\Windows\System32\DRIVERS\srv2.sys]
Service srvnet [C:\Windows\System32\DRIVERS\srvnet.sys]
Service SSDPSRV [C:\Windows\System32\ssdpsrv.dll]
Service SstpSvc [C:\Windows\system32\sstpsvc.dll]
Service Steam Client Service [C:\Program Files (x86)\Common Files\Steam\SteamService.exe]
Service Stereo Service [C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe]
Service stexstor [C:\Windows\system32\DRIVERS\stexstor.sys]
Service stisvc [C:\Windows\System32\wiaservc.dll]
Service swenum [C:\Windows\system32\drivers\swenum.sys]
Service swprv [C:\Windows\System32\swprv.dll]
Service SysMain [C:\Windows\system32\sysmain.dll]
Service TabletInputService [C:\Windows\System32\TabSvc.dll]
Service TapiSrv [C:\Windows\System32\tapisrv.dll]
Service TBS [C:\Windows\System32\tbssvc.dll]
Service Tcpip [C:\Windows\System32\drivers\tcpip.sys]
Service TCPIP6 [C:\Windows\system32\DRIVERS\tcpip.sys]
Service TCPIP6TUNNEL [???]
Service tcpipreg [C:\Windows\System32\drivers\tcpipreg.sys]
Service TCPIPTUNNEL [???]
Service TDPIPE [C:\Windows\system32\drivers\tdpipe.sys]
Service TDTCP [C:\Windows\system32\drivers\tdtcp.sys]
Service tdx [C:\Windows\system32\DRIVERS\tdx.sys]
Service TEAM [C:\Windows\system32\DRIVERS\RtTeam60.sys]
Service TermDD [C:\Windows\system32\drivers\termdd.sys]
Service TermService [C:\Windows\System32\termsrv.dll]
Service Themes [C:\Windows\system32\themeservice.dll]
Service THREADORDER [C:\Windows\system32\mmcss.dll]
Service TrkWks [C:\Windows\System32\trkwks.dll]
Service TrustedInstaller [C:\Windows\servicing\TrustedInstaller.exe]
Service TSDDD [???]
Service tssecsrv [C:\Windows\System32\DRIVERS\tssecsrv.sys]
Service TsUsbFlt [C:\Windows\system32\drivers\tsusbflt.sys]
Service TuneUp.UtilitiesSvc [D:\Tune Up\TuneUpUtilitiesService64.exe]
Service TuneUpUtilitiesDrv [D:\Tune Up\TuneUpUtilitiesDriver64.sys]
Service tunnel [C:\Windows\system32\DRIVERS\tunnel.sys]
Service uagp35 [C:\Windows\system32\DRIVERS\uagp35.sys]
Service udfs [C:\Windows\system32\DRIVERS\udfs.sys]
Service UGatherer [???]
Service UGTHRSVC [???]
Service UI0Detect [C:\Windows\system32\UI0Detect.exe]
Service uliagpkx [C:\Windows\system32\drivers\uliagpkx.sys]
Service umbus [C:\Windows\system32\drivers\umbus.sys]
Service UmPass [C:\Windows\system32\DRIVERS\umpass.sys]
Service upnphost [C:\Windows\System32\upnphost.dll]
Service usbccgp [C:\Windows\system32\DRIVERS\usbccgp.sys]
Service usbcir [C:\Windows\system32\drivers\usbcir.sys]
Service usbehci [C:\Windows\system32\DRIVERS\usbehci.sys]
Service usbhub [C:\Windows\system32\DRIVERS\usbhub.sys]
Service usbohci [C:\Windows\system32\DRIVERS\usbohci.sys]
Service usbprint [C:\Windows\system32\DRIVERS\usbprint.sys]
Service usbscan [C:\Windows\system32\DRIVERS\usbscan.sys]
Service USBSTOR [C:\Windows\system32\DRIVERS\USBSTOR.SYS]
Service usbuhci [C:\Windows\system32\drivers\usbuhci.sys]
Service UxSms [C:\Windows\System32\uxsms.dll]
Service VaultSvc [C:\Windows\system32\lsass.exe]
Service vdrvroot [C:\Windows\system32\drivers\vdrvroot.sys]
Service vds [C:\Windows\System32\vds.exe]
Service vga [C:\Windows\system32\DRIVERS\vgapnp.sys]
Service VgaSave [C:\Windows\System32\drivers\vga.sys]
Service vhdmp [C:\Windows\system32\drivers\vhdmp.sys]
Service VIA HD Audio Codec Default [???]
Service VIAHdAudAddService [C:\Windows\system32\drivers\viahduaa.sys]
Service viaide [C:\Windows\system32\drivers\viaide.sys]
Service VIAKaraokeService [C:\Windows\system32\viakaraokesrv.exe]
Service VLAN [C:\Windows\system32\DRIVERS\RtVLAN60.sys]
Service volmgr [C:\Windows\system32\drivers\volmgr.sys]
Service volmgrx [C:\Windows\System32\drivers\volmgrx.sys]
Service volsnap [C:\Windows\system32\drivers\volsnap.sys]
Service vsmraid [C:\Windows\system32\DRIVERS\vsmraid.sys]
Service VSS [C:\Windows\system32\vssvc.exe]
Service vwifibus [C:\Windows\System32\drivers\vwifibus.sys]
Service W32Time [C:\Windows\system32\w32time.dll]
Service W3SVC [???]
Service WacomPen [C:\Windows\system32\DRIVERS\wacompen.sys]
Service WANARP [C:\Windows\system32\DRIVERS\wanarp.sys]
Service Wanarpv6 [C:\Windows\system32\DRIVERS\wanarp.sys]
Service wbengine [C:\Windows\system32\wbengine.exe]
Service WbioSrvc [C:\Windows\System32\wbiosrvc.dll]
Service wcncsvc [C:\Windows\System32\wcncsvc.dll]
Service WcsPlugInService [C:\Windows\System32\WcsPlugInService.dll]
Service Wd [C:\Windows\system32\DRIVERS\wd.sys]
Service Wdf01000 [C:\Windows\system32\drivers\Wdf01000.sys]
Service WdiServiceHost [C:\Windows\system32\wdi.dll]
Service WdiSystemHost [C:\Windows\system32\wdi.dll]
Service WebClient [C:\Windows\System32\webclnt.dll]
Service Wecsvc [C:\Windows\system32\wecsvc.dll]
Service wercplsupport [C:\Windows\System32\wercplsupport.dll]
Service WerSvc [C:\Windows\System32\WerSvc.dll]
Service WfpLwf [C:\Windows\system32\DRIVERS\wfplwf.sys]
Service WIMMount [C:\Windows\system32\drivers\wimmount.sys]
Service WinDefend [C:\Program Files\Windows Defender\mpsvc.dll]
Service Windows Workflow Foundation 3.0.0.0 [???]
Service Windows Workflow Foundation 4.0.0.0 [???]
Service WinHttpAutoProxySvc [C:\Windows\system32\winhttp.dll]
Service Winmgmt [C:\Windows\system32\wbem\WMIsvc.dll]
Service WinRM [C:\Windows\system32\WsmSvc.dll]
Service Winsock [C:\Windows\System32\Drivers\Winsock.sys]
Service WinSock2 [???]
Service Wlansvc [C:\Windows\System32\wlansvc.dll]
Service WmiAcpi [C:\Windows\system32\drivers\wmiacpi.sys]
Service WmiApRpl [???]
Service wmiApSrv [C:\Windows\system32\wbem\WmiApSrv.exe]
Service WMPNetworkSvc [C:\Program Files\Windows Media Player\wmpnetwk.exe]
Service WPCSvc [C:\Windows\System32\wpcsvc.dll]
Service WPDBusEnum [C:\Windows\system32\wpdbusenum.dll]
Service ws2ifsl [C:\Windows\system32\drivers\ws2ifsl.sys]
Service wscsvc [C:\Windows\System32\wscsvc.dll]
Service WSearch [C:\Windows\system32\SearchIndexer.exe]
Service WSearchIdxPi [???]
Service wuauserv [C:\Windows\system32\wuaueng.dll]
Service WudfPf [C:\Windows\system32\drivers\WudfPf.sys]
Service WUDFRd [C:\Windows\system32\DRIVERS\WUDFRd.sys]
Service wudfsvc [C:\Windows\System32\WUDFSvc.dll]
Service WwanSvc [C:\Windows\System32\wwansvc.dll]
Service X6va012 [C:\Windows\SysWOW64\Drivers\X6va012]
Service X6va013 [C:\Windows\SysWOW64\Drivers\X6va013]
Service X6va014 [C:\Windows\SysWOW64\Drivers\X6va014]
Service X6va015 [C:\Windows\SysWOW64\Drivers\X6va015]
Service xmlprov [???]
Service {E8B16E98-6E2F-489D-83E6-C9347A9BB08F} [???]

Scan finished: Mittwoch, 20. November 2013 15:21:03
Hidden files found: 0
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0


----------

cosinus 20.11.2013 15:46
Deine Briefmarkenbildchen sind leider unbrauchbar :(

Smexer 20.11.2013 15:47
Code:
CmdLine - quick
aswBoot.exe /A:"*" /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /wow /dir:"D:\Antivirus"
CmdLine end
SafeBoot: 0
CreateKbThread
new CKbBuffer
CKbBuffer::Init
CKbBuffer::Init end
NtCreateEvent(g_hStopEvent)
dep_osBeginThread - KbThread
CreateKbThread end
NtInitializeRegistry
KbThread start
ReadRegistry
DATA=C:\ProgramData\AVAST Software\Avast
PROG=D:\Antivirus
BUILD=2008
Windows 7 Home Premium Service Pack 1
SystemRoot=C:\Windows
TEMP=C:\Windows\TEMP
TMP=C:\Windows\TEMP
ReadRegistry end
CreateTemp
CreateTemp end
aswcmnbDllMain
cmnbInit
aswEnginDllMain(DLL_PROCESS_ATTACH)
InitLog
InitLog end
CmdLine - full
aswBoot.exe /A:"*" /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /wow /dir:"D:\Antivirus"
CmdLine end
Program folder: D:\Antivirus
Engine folder: D:\Antivirus\defs\13111401
Base addr: 77520000
TimeStamp: 5284be74
Unschedule
61,00,75,00,74,00,6F,00,63,00,68,00,65,00,63,00,
6B,00,20,00,61,00,75,00,74,00,6F,00,63,00,68,00,
6B,00,20,00,2A,00,00,00,61,00,73,00,77,00,42,00,
6F,00,6F,00,74,00,2E,00,65,00,78,00,65,00,20,00,
2F,00,41,00,3A,00,22,00,2A,00,22,00,20,00,2F,00,
4C,00,3A,00,22,00,31,00,30,00,33,00,31,00,22,00,
20,00,2F,00,68,00,65,00,75,00,72,00,3A,00,38,00,
30,00,20,00,2F,00,52,00,41,00,3A,00,61,00,73,00,
6B,00,20,00,2F,00,70,00,75,00,70,00,20,00,2F,00,
61,00,72,00,63,00,68,00,69,00,76,00,65,00,73,00,
20,00,2F,00,49,00,41,00,3A,00,30,00,20,00,2F,00,
4B,00,42,00,44,00,3A,00,32,00,20,00,2F,00,77,00,
6F,00,77,00,20,00,2F,00,64,00,69,00,72,00,3A,00,
22,00,44,00,3A,00,5C,00,41,00,6E,00,74,00,69,00,
76,00,69,00,72,00,75,00,73,00,22,00,00,00,00,00,

Unschedule end
LoadResources
LoadResources end
InitReport
InitReport end
New global exclusions:
NtSetEvent(g_hInitEvent) - 1
InitKeyboard
CPU: Phys(4), Log(8), Aff(8), Feat(00000fff)
g_dwKbdNum: 2
FreeMemory: 16015908864
avworkInitialize
s_dwKbdClassCnt: 2
InitKeyboard end
NtSetEvent(g_hInitEvent) - 2
GetKey
FreeMemory: 15999778816
CKbBuffer::Wait
CKbBuffer::Get
CKbBuffer::Get end
CKbBuffer::Wait end
ProcessArea
avfilesScanAdd *MBR0
avfilesScanAdd *BOOTC:
Loading raw access support
avfilesScanAdd *RAW:C:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTD:
avfilesScanAdd *RAW:D:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTH:
avfilesScanAdd *RAW:H:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTI:
avfilesScanAdd *RAW:I:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTVolume{2b1cbb54-b664-11e2-898d-806e6f6e6963}
avfilesScanAdd *RAW:Volume{2b1cbb54-b664-11e2-898d-806e6f6e6963}\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanRealMulti begin
Key: 0, 1, 0, 0, 0
GetKey end (?/1b)
CKbBuffer::Put
CKbBuffer::Put end
Aborted
avfilesScanRealMulti finished
Runtime: 342982ms
avworkClose
TerminateKbThread
CloseKeyboard
CloseKeyboard end
KbThread stop
CKbBuffer::~CKbBuffer
CKbBuffer::~CKbBuffer end
aswEnginDllMain(DLL_PROCESS_DETACH)
cmnbFree
FreeResources
CloseReport
CloseLog
Code:
15.11.2013 09:39:56        Autosandbox candidate: C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b38a60ef.exe
        [Source: hxxp://definitionupdates.microsoft.com/download/DefinitionUpdates/VersionedSignatures/AM/1.161.2207.0/amd64/mpas-d.exe]
        [Opened by: C:\Program Files\Windows Defender\MpCmdRun.exe]
        [Reason: 0x00020000]
        --> Result: Not sandboxing (because the file is trusted).

17.11.2013 22:57:38        Autosandbox candidate: H:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
        [Source: ]
        [Opened by: H:\Steam\Steam.exe]
        [Reason: 0x00020000]
        --> Result: Not sandboxing (because the file is trusted).

19.11.2013 00:14:56        Autosandbox candidate: H:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
        [Source: ]
        [Opened by: H:\Steam\Steam.exe]
        [Reason: 0x00020000]
        --> Result: Not sandboxing (because the file is trusted).

19.11.2013 14:43:22        Autosandbox candidate: H:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
        [Source: ]
        [Opened by: H:\Steam\Steam.exe]
        [Reason: 0x00020000]
        --> Result: Not sandboxing (because the file is trusted).

20.11.2013 00:54:47        Autosandbox candidate: H:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
        [Source: ]
        [Opened by: H:\Steam\Steam.exe]
        [Reason: 0x00020000]
        --> Result: Not sandboxing (because the file is trusted).
Code:
[1112/212459:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1113/054747:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1114/162816:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1114/162817:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1115/092035:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1115/092036:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1117/131502:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1118/114342:WARNING:dns_config_service_win.cc(622)] Failed to read DnsConfig.
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.027009876520440512"," source: file://statistics.htm/(0)
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.14979831882365424"," source: file://statistics.htm/(0)
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.21821970399542523"," source: file://statistics.htm/(0)
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.2353752510800069"," source: file://statistics.htm/(0)
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.20973735793403248"," source: file://statistics.htm/(0)
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.15305893696553907"," source: file://statistics.htm/(0)
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.07832593694426637"," source: file://statistics.htm/(0)
[1120/033348:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.02224399811629274"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.0315100449290624"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.152671103672255"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.21946132868976242"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.23517378481489382"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.20841145985942"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.15099382766744474"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.07591466443511119"," source: file://statistics.htm/(0)
[1120/035518:INFO:CONSOLE(0)] "Error: Invalid negative value for <rect> attribute width="-0.03936356876834557"," source: file://statistics.htm/(0)
Code:
12.11.2013        13:10:03        chest start
13.11.2013        11:59:48        chest stop
13.11.2013        12:55:37        chest start
13.11.2013        15:57:40        chest stop
13.11.2013        16:20:38        chest start
14.11.2013        10:25:28        chest stop
14.11.2013        10:26:40        chest start
14.11.2013        20:55:38        chest stop
14.11.2013        20:56:57        chest start
15.11.2013        01:28:29        chest stop
15.11.2013        01:35:47        chest start
15.11.2013        15:41:41        chest stop
15.11.2013        16:04:19        chest start
15.11.2013        18:41:56        chest stop
15.11.2013        19:13:05        chest start
16.11.2013        09:11:08        chest stop
16.11.2013        10:15:53        chest start
16.11.2013        15:21:46        chest stop
16.11.2013        15:51:23        chest start
19.11.2013        17:41:28        chest stop
19.11.2013        18:26:59        chest start
20.11.2013        15:11:37        chest stop
20.11.2013        15:12:37        chest start
Code:
12.11.2013        13:10:03        Maj 6 Min 1 GetVersionEx 6.1 Stored 5.0
12.11.2013        13:10:03        RegisterAVASFirewall preVista 0 pszProductName avast! Antivirus pszProductExe D:\Antivirus\VisthAux.exe firewall 0
12.11.2013        13:10:03        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
12.11.2013        13:10:03        Antivirus state 0 updatedSign 1
12.11.2013        13:10:03        Antispyware state 0 updatedSign 1
12.11.2013        13:10:03        StartPatchManagement: ASU Component is not installed
12.11.2013        13:10:03        Aavm AUID event 4, product 1,  ARCEn 0, rn , status 0, progver 150996952, Guid 9e2b088e-a057-4403-adbb-227f9088c23a, Auid
12.11.2013        17:12:02        The virus definitions have been automatically updated to version 131112-0.
12.11.2013        17:12:07        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
12.11.2013        17:12:07        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
12.11.2013        17:12:07        Antivirus state 0 updatedSign 1
12.11.2013        17:12:07        Antispyware state 0 updatedSign 1
13.11.2013        05:48:04        The virus definitions have been automatically updated to version 131112-1.
13.11.2013        05:48:08        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.11.2013        05:48:08        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.11.2013        05:48:08        Antivirus state 0 updatedSign 1
13.11.2013        05:48:08        Antispyware state 0 updatedSign 1
13.11.2013        11:59:47        StopPatchManagement: ASU Component is not installed
13.11.2013        12:55:37        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.11.2013        12:55:37        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.11.2013        12:55:37        StartPatchManagement: ASU Component is not installed
13.11.2013        12:57:45        Antivirus state 0 updatedSign 1
13.11.2013        12:57:45        Antispyware state 0 updatedSign 1
13.11.2013        15:57:40        StopPatchManagement: ASU Component is not installed
13.11.2013        16:20:38        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.11.2013        16:20:41        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.11.2013        16:20:45        StartPatchManagement: ASU Component is not installed
13.11.2013        16:22:52        Antivirus state 0 updatedSign 1
13.11.2013        16:22:52        Antispyware state 0 updatedSign 1
13.11.2013        20:21:14        The virus definitions have been automatically updated to version 131113-2.
13.11.2013        20:21:19        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.11.2013        20:21:19        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.11.2013        20:21:19        Antivirus state 0 updatedSign 1
13.11.2013        20:21:19        Antispyware state 0 updatedSign 1
14.11.2013        10:25:27        StopPatchManagement: ASU Component is not installed
14.11.2013        10:26:40        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.11.2013        10:26:40        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.11.2013        10:26:42        StartPatchManagement: ASU Component is not installed
14.11.2013        10:29:00        Antivirus state 0 updatedSign 1
14.11.2013        10:29:00        Antispyware state 0 updatedSign 1
14.11.2013        16:28:38        The virus definitions have been automatically updated to version 131114-0.
14.11.2013        16:28:43        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.11.2013        16:28:43        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.11.2013        16:28:43        Antivirus state 0 updatedSign 1
14.11.2013        16:28:43        Antispyware state 0 updatedSign 1
14.11.2013        20:55:38        StopPatchManagement: ASU Component is not installed
14.11.2013        20:56:57        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.11.2013        20:56:57        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.11.2013        20:56:57        StartPatchManagement: ASU Component is not installed
14.11.2013        20:59:21        Antivirus state 0 updatedSign 1
14.11.2013        20:59:22        Antispyware state 0 updatedSign 1
15.11.2013        00:57:32        The virus definitions have been automatically updated to version 131114-1.
15.11.2013        00:57:37        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
15.11.2013        00:57:37        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
15.11.2013        00:57:38        Antivirus state 0 updatedSign 1
15.11.2013        00:57:39        Antispyware state 0 updatedSign 1
15.11.2013        01:28:28        StopPatchManagement: ASU Component is not installed
15.11.2013        01:35:47        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
15.11.2013        01:35:47        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
15.11.2013        01:35:51        StartPatchManagement: ASU Component is not installed
15.11.2013        01:38:10        Antivirus state 0 updatedSign 1
15.11.2013        01:38:10        Antispyware state 0 updatedSign 1
15.11.2013        15:41:41        StopPatchManagement: ASU Component is not installed
15.11.2013        16:04:19        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
15.11.2013        16:04:19        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
15.11.2013        16:04:22        StartPatchManagement: ASU Component is not installed
15.11.2013        16:06:29        Antivirus state 0 updatedSign 1
15.11.2013        16:06:30        Antispyware state 0 updatedSign 1
15.11.2013        18:41:55        StopPatchManagement: ASU Component is not installed
15.11.2013        19:13:05        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
15.11.2013        19:13:05        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
15.11.2013        19:13:07        StartPatchManagement: ASU Component is not installed
15.11.2013        19:15:21        Antivirus state 0 updatedSign 1
15.11.2013        19:15:21        Antispyware state 0 updatedSign 1
15.11.2013        23:13:37        The virus definitions have been automatically updated to version 131115-1.
15.11.2013        23:13:42        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
15.11.2013        23:13:42        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
15.11.2013        23:13:42        Antivirus state 0 updatedSign 1
15.11.2013        23:13:42        Antispyware state 0 updatedSign 1
16.11.2013        09:11:07        StopPatchManagement: ASU Component is not installed
16.11.2013        10:15:53        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.11.2013        10:15:53        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.11.2013        10:15:54        StartPatchManagement: ASU Component is not installed
16.11.2013        10:18:55        Antivirus state 0 updatedSign 1
16.11.2013        10:18:55        Antispyware state 0 updatedSign 1
16.11.2013        14:16:16        The virus definitions have been automatically updated to version 131116-0.
16.11.2013        14:16:20        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.11.2013        14:16:20        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.11.2013        14:16:20        Antivirus state 0 updatedSign 1
16.11.2013        14:16:20        Antispyware state 0 updatedSign 1
16.11.2013        15:21:46        StopPatchManagement: ASU Component is not installed
16.11.2013        15:51:23        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.11.2013        15:51:23        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.11.2013        15:51:25        StartPatchManagement: ASU Component is not installed
16.11.2013        15:53:36        Antivirus state 0 updatedSign 1
16.11.2013        15:53:37        Antispyware state 0 updatedSign 1
16.11.2013        23:51:49        The virus definitions have been automatically updated to version 131116-1.
16.11.2013        23:51:53        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.11.2013        23:51:53        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.11.2013        23:51:53        Antivirus state 0 updatedSign 1
16.11.2013        23:51:53        Antispyware state 0 updatedSign 1
17.11.2013        23:49:45        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
17.11.2013        23:49:45        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
17.11.2013        23:49:45        Antivirus state 2 updatedSign 1
17.11.2013        23:49:45        Antispyware state 2 updatedSign 1
18.11.2013        17:14:38        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
18.11.2013        17:14:38        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
18.11.2013        17:14:38        Antivirus state 0 updatedSign 1
18.11.2013        17:14:38        Antispyware state 0 updatedSign 1
18.11.2013        23:44:22        The virus definitions have been automatically updated to version 131118-1.
18.11.2013        23:44:27        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
18.11.2013        23:44:27        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
18.11.2013        23:44:27        Antivirus state 0 updatedSign 1
18.11.2013        23:44:27        Antispyware state 0 updatedSign 1
19.11.2013        17:41:27        StopPatchManagement: ASU Component is not installed
19.11.2013        18:26:59        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
19.11.2013        18:26:59        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
19.11.2013        18:27:00        StartPatchManagement: ASU Component is not installed
19.11.2013        18:29:07        Antivirus state 0 updatedSign 1
19.11.2013        18:29:08        Antispyware state 0 updatedSign 1
20.11.2013        15:11:36        StopPatchManagement: ASU Component is not installed
20.11.2013        15:12:37        Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
20.11.2013        15:12:37        WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
20.11.2013        15:12:41        StartPatchManagement: ASU Component is not installed
20.11.2013        15:14:45        Antivirus state 0 updatedSign 1
20.11.2013        15:14:46        Antispyware state 0 updatedSign 1
Code:
11/20/2013, 03:29:26    WinHttpReadData returned  200 for: https://program.avast.com/api/?action=1&p_aas=0&p_adc=0&p_adi=-1&p_adp=0000&p_age=7&p_cid=1&p_cnm=STEVEN-PC&p_cpv=150996952&p_elm=0&p_fib=-1&p_fsh=10.0&p_geo=de&p_hid=9e2b088e-a057-4403-adbb-227f9088c23a&p_lan=1031&p_lci=1031&p_let=30&p_lex=23&p_lic=0&p_lid=de-de&p_lng=de&p_lqa=0&p_lqe=0&p_lst=3&p_lsu=0&p_man=0&p_mdc=0&p_osv=6.1&p_pro=0&p_reh=1080&p_rew=1920&p_tzo=europe/berlin&p_vbd=2008&p_vep=9&p_ves=0&p_wdc=0 [response size: 4779 bytes]
11/20/2013, 03:29:26    WinHttpReadData returned  200 for: https://static2.avast.com/program/api/images/banner/envelope_grey_icon.png [response size: 597 bytes]
11/20/2013, 03:29:26    WinHttpReadData returned  200 for: https://static2.avast.com/program/api/images/banner/card_grey_icon.png [response size: 205 bytes]
11/20/2013, 03:29:26    WinHttpReadData returned  200 for: https://static2.avast.com/program/api/images/banner/folder_grey_icon.png [response size: 412 bytes]
11/20/2013, 03:29:26    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=1504967899&utmac=MO-1405551-13&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F0%2Fother%2Fbanner_notregistered_90_banner4_AV.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0xd15431975275a555&utmr=- [response size: 35 bytes]
11/20/2013, 03:29:26    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=975003838&utmac=MO-1405551-20&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F20%2Fbanner_notregistered_90_banner4.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0x7175d3c46681ea1b&utmr=- [response size: 35 bytes]
11/20/2013, 03:29:27    WinHttpReadData returned  200 for: https://static2.avast.com/program/api/images/banner/lock_grey_icon.png [response size: 487 bytes]
11/20/2013, 03:33:28    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=1504967899&utmac=MO-1405551-13&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F0%2Fother%2Fbanner_notregistered_90_banner4_AV.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0xd15431975275a555&utmr=- [response size: 35 bytes]
11/20/2013, 03:33:28    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=975003838&utmac=MO-1405551-20&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F20%2Fbanner_notregistered_90_banner4.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0x7175d3c46681ea1b&utmr=- [response size: 35 bytes]
11/20/2013, 03:53:49    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=1504967899&utmac=MO-1405551-13&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F0%2Fother%2Fbanner_notregistered_90_banner4_AV.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0xd15431975275a555&utmr=- [response size: 35 bytes]
11/20/2013, 03:53:49    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=975003838&utmac=MO-1405551-20&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F20%2Fbanner_notregistered_90_banner4.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0x7175d3c46681ea1b&utmr=- [response size: 35 bytes]
11/20/2013, 03:54:20    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=1504967899&utmac=MO-1405551-13&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F0%2Fother%2Fbanner_notregistered_90_banner4_AV.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0xd15431975275a555&utmr=- [response size: 35 bytes]
11/20/2013, 03:54:20    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=975003838&utmac=MO-1405551-20&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F20%2Fbanner_notregistered_90_banner4.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0x7175d3c46681ea1b&utmr=- [response size: 35 bytes]
11/20/2013, 03:55:13    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=975003838&utmac=MO-1405551-20&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F20%2Fbanner_notregistered_90_banner4.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0x7175d3c46681ea1b&utmr=- [response size: 35 bytes]
11/20/2013, 03:55:13    WinHttpReadData returned  200 for: https://ssl.google-analytics.com/__utm.gif?utmn=1504967899&utmac=MO-1405551-13&utmwv=4.4sh&utmp=%2Ffa-90%2Fde-de%2F0%2Fother%2Fbanner_notregistered_90_banner4_AV.html&utmcc=__utma%3D999.999.999.999.999.1%3B&utmvid=0xd15431975275a555&utmr=- [response size: 35 bytes]
Code:
12.11.2013  19:08:28  Network Shield: blocked access to malicious site hxxp://wzozz.watchforfree.airclearners.com/?sov=336325810&hid=hppljptntnjpxnl&id=XNSX.58402 ([88.150.229.26]:80) [ D:\Maxthon\Bin\Maxthon.exe ( 2332 ) ]
12.11.2013  19:08:28  Network Shield: blocked access to malicious site hxxp://wzozz.watchforfree.airclearners.com/favicon.ico ([88.150.229.26]:80) [ D:\Maxthon\Bin\Maxthon.exe ( 3204 ) ]
17.11.2013  14:31:01  Network Shield: blocked access to malicious site hxxp://voyeurhit.com/videos/voyeur-muw00472/?promo=1016 ([109.206.188.43]:80) [ D:\Maxthon\Bin\Maxthon.exe ( 5372 ) ]
17.11.2013  14:31:01  Network Shield: blocked access to malicious site hxxp://voyeurhit.com/favicon.ico ([109.206.188.43]:80) [ D:\Maxthon\Bin\Maxthon.exe ( 5648 ) ]
17.11.2013  14:31:46  Network Shield: blocked access to malicious site hxxp://voyeurhit.com/videos/voyeur-flu00515/?promo=1016 ([109.206.188.43]:80) [ D:\Maxthon\Bin\Maxthon.exe ( 5372 ) ]
17.11.2013  14:31:47  Network Shield: blocked access to malicious site hxxp://voyeurhit.com/favicon.ico ([109.206.188.43]:80) [ D:\Maxthon\Bin\Maxthon.exe ( 5648 ) ]
Code:
12.11.2013        13:10:03        logCleanupUrls (16)
13.11.2013        12:55:38        logCleanupUrls (514)
13.11.2013        16:20:46        logCleanupUrls (609)
14.11.2013        10:26:42        logCleanupUrls (156)
14.11.2013        20:56:58        logCleanupUrls (436)
15.11.2013        01:35:53        logCleanupUrls (1935)
15.11.2013        16:04:22        logCleanupUrls (203)
15.11.2013        19:13:08        logCleanupUrls (124)
16.11.2013        10:15:54        logCleanupUrls (312)
16.11.2013        15:51:25        logCleanupUrls (328)
19.11.2013        18:27:00        logCleanupUrls (188)
20.11.2013        15:12:41        logCleanupUrls (375)
Code:
12.11.2013 13:11:44        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
12.11.2013 13:11:47        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
13.11.2013 12:56:24        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
13.11.2013 15:50:14        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
13.11.2013 16:21:15        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
14.11.2013 10:28:48        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
14.11.2013 16:28:37        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
14.11.2013 20:57:30        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
15.11.2013 01:36:37        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
15.11.2013 16:36:16        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
15.11.2013 18:38:45        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
15.11.2013 20:00:12        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
16.11.2013 10:17:33        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
16.11.2013 15:51:55        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
16.11.2013 18:54:17        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
17.11.2013 20:15:07        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
18.11.2013 21:45:11        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
19.11.2013 03:25:21        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
19.11.2013 18:27:22        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
20.11.2013 04:35:37        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]
20.11.2013 15:13:13        Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus verweigert. [D:\Tune Up\TuneUpUtilitiesService64.exe]

cosinus 20.11.2013 15:56
Mach das doch nciht so kompliziert! :wtf:
Die Bilder in Originalgröße dort hochladen => Saved.im
Und hier im Beitrag postest du nur die URLs der Bilder

Smexer 20.11.2013 16:21
So fertig.

Am Ende sind noch 2 Dateianhänge.

Mfg

cosinus 20.11.2013 16:34
Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Smexer 20.11.2013 17:38
Bei frst hab ich ein häkchen bei addition.txt gesetzt, da er sonst keinen erstellt hatte.

Code:
# AdwCleaner v3.012 - Bericht erstellt am 20/11/2013 um 17:10:49
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Steven - STEVEN-PC
# Gestartet von : I:\Users\Steven\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\optimizer pro
Ordner Gelöscht : I:\Users\Steven\AppData\Local\webplayer
Ordner Gelöscht : I:\Users\Steven\AppData\Local\Temp\OCS
Ordner Gelöscht : I:\Users\Steven\AppData\LocalLow\Minibar

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : I:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_testdisk_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_testdisk_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_tuneup-utilities-2013_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_tuneup-utilities-2013_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412268}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416668}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412268}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416668}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\smartbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Webplayer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16660

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

*************************

AdwCleaner[R0].txt - [4836 octets] - [20/11/2013 17:07:48]
AdwCleaner[S0].txt - [3914 octets] - [20/11/2013 17:10:49]

########## EOF - I:\AdwCleaner\AdwCleaner[S0].txt - [3974 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Steven on 20.11.2013 at 17:19:36,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "I:\Users\Steven\appdata\local\appshat mobile apps"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.11.2013 at 17:25:54,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Steven (administrator) on STEVEN-PC on 20-11-2013 17:36:39
Running from I:\Users\Steven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) D:\Antivirus\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) D:\Razzer Game Booster\Razer Game Booster\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) D:\Tune Up\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(TuneUp Software) D:\Tune Up\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) D:\Antivirus\AvastUI.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Maxthon\Bin\Maxthon.exe
(Farbar) I:\Users\Steven\Desktop\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MountPoints2: {2b1cbb59-b664-11e2-898d-806e6f6e6963} - E:\Installer.exe
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AvastUI.exe] - D:\Antivirus\AvastUI.exe [3568312 2013-11-12] (AVAST Software)
AppInit_DLLs:  [ ] ()
IMEO\hpwucli.exe: [Debugger] "D:\Tune Up\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2678D22EB5ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/0022/
BHO: a2zLyrics-16 - {11111111-1111-1111-1111-110411411168} -  No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\HP Photosmart B010\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\HP Photosmart B010\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

==================== Services (Whitelisted) =================

R2 avast! Antivirus; D:\Antivirus\AvastSvc.exe [50344 2013-11-12] (AVAST Software)
R3 hpqcxs08; D:\HP Photosmart B010\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; D:\HP Photosmart B010\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-18] ()
R2 RzKLService; D:\Razzer Game Booster\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
R2 TuneUp.UtilitiesSvc; D:\Tune Up\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2013-05-06] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-12] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-12] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 TuneUpUtilitiesDrv; D:\Tune Up\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK provider)
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-20 17:35 - 2013-11-20 17:36 - 00006274 _____ I:\Users\Steven\Desktop\FRST.txt
2013-11-20 17:35 - 2013-11-20 17:35 - 01957964 _____ (Farbar) I:\Users\Steven\Desktop\FRST64(1).exe
2013-11-20 17:25 - 2013-11-20 17:25 - 00000712 _____ I:\Users\Steven\Desktop\JRT.txt
2013-11-20 17:19 - 2013-11-20 17:19 - 00000000 ____D C:\Windows\ERUNT
2013-11-20 17:18 - 2013-11-20 17:18 - 01034531 _____ (Thisisu) I:\Users\Steven\Desktop\JRT.exe
2013-11-20 17:06 - 2013-11-20 17:06 - 01085542 _____ I:\Users\Steven\Desktop\adwcleaner.exe
2013-11-20 16:17 - 2013-11-20 16:17 - 01689825 _____ I:\Users\Steven\Desktop\aswAr1.zip
2013-11-20 16:17 - 2013-11-20 16:17 - 00037075 _____ I:\Users\Steven\Desktop\usntr.zip
2013-11-20 15:07 - 2013-11-20 15:07 - 01454384 _____ I:\Users\Steven\Desktop\htzu.odt
2013-11-20 14:38 - 2013-11-20 14:38 - 00000000 ____D I:\Users\Steven\AppData\Local\NVIDIA Corporation
2013-11-20 03:46 - 2013-11-20 03:46 - 01957964 _____ (Farbar) I:\Users\Steven\Desktop\FRST64.exe
2013-11-20 03:46 - 2013-11-20 03:46 - 00000000 ____D C:\FRST
2013-11-19 01:46 - 2013-11-19 01:46 - 00002968 _____ C:\Windows\System32\Tasks\{16483288-D1FE-4BCA-A23D-C0DDBFDA0855}
2013-11-19 01:03 - 2013-11-19 01:03 - 00000000 ____D I:\Users\Steven\Downloads\Gameforge Live
2013-11-16 11:02 - 2013-11-16 11:02 - 00000000 ____D I:\Users\Steven\AppData\Local\Arktos Entertainment
2013-11-12 17:53 - 2013-11-12 17:53 - 00000000 ____D I:\Users\Steven\Documents\Razer
2013-11-12 17:51 - 2013-11-12 17:51 - 00000897 _____ I:\Users\Public\Desktop\Razer Game Booster.lnk
2013-11-12 17:51 - 2013-11-12 17:51 - 00000000 ____D I:\Users\Steven\AppData\Local\Razer
2013-11-12 17:40 - 2013-11-12 17:41 - 39721880 _____ (Razer Inc.                                                  ) I:\Users\Steven\Downloads\RazerGameBoosterSetup_4.0.68.0.exe
2013-11-12 13:10 - 2013-11-12 13:10 - 00000000 ____D I:\Users\Steven\AppData\Roaming\AVAST Software
2013-11-12 13:09 - 2013-11-20 17:15 - 00004132 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-12 13:09 - 2013-11-12 13:11 - 00000000 ____D I:\Users\Steven\AppData\Local\Google
2013-11-12 13:09 - 2013-11-12 13:09 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-12 13:08 - 2013-11-12 13:08 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-12 13:08 - 2013-11-12 13:08 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-12 13:08 - 2013-11-12 13:08 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-12 13:04 - 2013-11-12 13:05 - 00003510 _____ C:\shared.log
2013-11-12 13:02 - 2013-11-12 13:03 - 87529432 _____ (AVAST Software) I:\Users\Steven\Downloads\avast_free_antivirus_setup2008.exe
2013-11-11 13:17 - 2013-11-11 13:17 - 00001176 _____ I:\Users\Public\Desktop\GeForce Experience.lnk
2013-11-11 13:16 - 2013-11-08 21:47 - 01064224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-11 13:16 - 2013-11-08 21:47 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-11 13:13 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-11-11 13:13 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-11-11 13:13 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-11-11 13:13 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-11-11 13:13 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-11-11 13:09 - 2013-11-11 13:12 - 255060336 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.65-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-11-11 12:56 - 2013-11-11 12:56 - 00064408 _____ I:\Users\Steven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-11 12:17 - 2013-11-13 12:55 - 00176438 _____ C:\Windows\PFRO.log
2013-11-11 12:17 - 2013-11-11 12:17 - 00294888 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-10 02:46 - 2013-11-20 17:13 - 00004108 _____ C:\Windows\setupact.log
2013-11-10 02:46 - 2013-11-10 02:46 - 00000000 _____ C:\Windows\setuperr.log
2013-10-30 17:25 - 2013-10-30 17:37 - 452840010 _____ I:\Users\Steven\Downloads\wcxVIOLETTE01(1).mp4
2013-10-30 09:00 - 2013-10-30 09:16 - 544962067 _____ I:\Users\Steven\Downloads\wcxVIOLETTE02.mp4
2013-10-23 20:56 - 2013-11-12 16:00 - 00007652 _____ I:\Users\Steven\AppData\Local\Resmon.ResmonCfg
2013-10-23 15:36 - 2011-03-21 20:22 - 00452200 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-10-23 15:36 - 2011-03-21 20:22 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2013-10-23 15:33 - 2010-01-14 19:27 - 00048416 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2013-10-23 15:33 - 2010-01-14 19:27 - 00032544 _____ (Realtek                                            ) C:\Windows\system32\Drivers\RtNdPt60.sys
2013-10-23 15:33 - 2010-01-14 19:27 - 00029472 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\RtVlan60.sys
2013-10-23 15:24 - 2013-10-23 15:24 - 00001097 _____ I:\Users\Public\Desktop\HD VDeck.lnk
2013-10-23 15:24 - 2010-10-02 02:41 - 01349232 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2013-10-23 15:24 - 2010-10-02 02:41 - 00991856 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00549488 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00248944 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00202864 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00091760 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2013-10-23 15:24 - 2010-10-02 02:41 - 00085616 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2013-10-23 15:24 - 2007-12-04 10:28 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2013-10-23 15:24 - 2007-12-04 10:28 - 00082432 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2013-10-23 15:19 - 2013-10-23 15:19 - 00000000 ____D I:\Users\Steven\Downloads\23894-AMD_VGA_V871000_XPVISTAWIN7
2013-10-23 15:13 - 2013-11-20 17:10 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-23 15:11 - 2013-10-23 16:00 - 00003256 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-23 14:33 - 2013-11-13 18:23 - 00000761 _____ I:\Users\Public\Desktop\Speccy.lnk
2013-10-23 14:32 - 2013-10-23 14:33 - 00000000 ____D C:\Program Files\Speccy
2013-10-23 14:21 - 2013-10-23 14:21 - 05552488 _____ (Piriform Ltd) I:\Users\Steven\Downloads\spsetup123.exe
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\UpdatusUser.Steven-PC\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\Steven\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:31 - 2013-10-23 13:31 - 04179293 _____ (Lavalys, Inc.                                              ) I:\Users\Steven\Downloads\everesthome220.exe
2013-10-23 13:24 - 2013-10-23 13:24 - 00000000 ____D I:\Users\Steven\AppData\Local\NVIDIA
2013-10-23 13:00 - 2013-10-23 13:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-23 12:58 - 2013-11-03 02:37 - 00000000 ____D I:\Users\UpdatusUser.Steven-PC
2013-10-23 12:58 - 2013-10-23 12:58 - 00000020 ___SH I:\Users\UpdatusUser.Steven-PC\ntuser.ini
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Vorlagen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Startmenü
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Netzwerkumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Lokale Einstellungen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Eigene Dateien
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Druckumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Musik
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Bilder
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Verlauf
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Anwendungsdaten
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Anwendungsdaten
2013-10-23 12:58 - 2013-05-06 19:27 - 00000000 ___RD I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-23 12:58 - 2013-05-06 19:27 - 00000000 ___RD I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-23 12:54 - 2013-11-12 17:49 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-23 12:51 - 2013-10-23 11:30 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 12:51 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-23 12:51 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-23 12:51 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-23 12:51 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-23 12:51 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-23 12:49 - 2013-10-23 12:49 - 00000733 _____ I:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-23 12:49 - 2013-10-23 12:49 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Malwarebytes
2013-10-23 12:49 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-23 12:45 - 2013-10-23 12:48 - 253931296 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.58-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-22 23:13 - 2013-11-13 12:55 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-10-22 23:13 - 2013-10-22 23:13 - 00000000 ____D I:\Users\Steven\AppData\Roaming\SUPERAntiSpyware.com

==================== One Month Modified Files and Folders =======

2013-11-20 17:36 - 2013-11-20 17:35 - 00006274 _____ I:\Users\Steven\Desktop\FRST.txt
2013-11-20 17:35 - 2013-11-20 17:35 - 01957964 _____ (Farbar) I:\Users\Steven\Desktop\FRST64(1).exe
2013-11-20 17:25 - 2013-11-20 17:25 - 00000712 _____ I:\Users\Steven\Desktop\JRT.txt
2013-11-20 17:19 - 2013-11-20 17:19 - 00000000 ____D C:\Windows\ERUNT
2013-11-20 17:19 - 2009-07-14 18:58 - 00698124 _____ C:\Windows\system32\perfh007.dat
2013-11-20 17:19 - 2009-07-14 18:58 - 00148820 _____ C:\Windows\system32\perfc007.dat
2013-11-20 17:19 - 2009-07-14 06:13 - 01616954 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-20 17:18 - 2013-11-20 17:18 - 01034531 _____ (Thisisu) I:\Users\Steven\Desktop\JRT.exe
2013-11-20 17:16 - 2013-05-06 16:54 - 01512675 _____ C:\Windows\WindowsUpdate.log
2013-11-20 17:15 - 2013-11-12 13:09 - 00004132 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-20 17:13 - 2013-11-10 02:46 - 00004108 _____ C:\Windows\setupact.log
2013-11-20 17:13 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-20 17:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-20 17:11 - 2009-07-14 05:45 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-20 17:11 - 2009-07-14 05:45 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-20 17:10 - 2013-10-23 15:13 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-11-20 17:06 - 2013-11-20 17:06 - 01085542 _____ I:\Users\Steven\Desktop\adwcleaner.exe
2013-11-20 16:17 - 2013-11-20 16:17 - 01689825 _____ I:\Users\Steven\Desktop\aswAr1.zip
2013-11-20 16:17 - 2013-11-20 16:17 - 00037075 _____ I:\Users\Steven\Desktop\usntr.zip
2013-11-20 15:07 - 2013-11-20 15:07 - 01454384 _____ I:\Users\Steven\Desktop\htzu.odt
2013-11-20 14:38 - 2013-11-20 14:38 - 00000000 ____D I:\Users\Steven\AppData\Local\NVIDIA Corporation
2013-11-20 03:46 - 2013-11-20 03:46 - 01957964 _____ (Farbar) I:\Users\Steven\Desktop\FRST64.exe
2013-11-20 03:46 - 2013-11-20 03:46 - 00000000 ____D C:\FRST
2013-11-19 13:21 - 2013-05-10 16:24 - 00013754 _____ I:\Users\Steven\Desktop\Vorlage Anschreiben.odt
2013-11-19 11:56 - 2013-10-18 06:31 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-19 11:56 - 2013-10-18 06:29 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-19 01:50 - 2013-09-09 12:34 - 00000855 _____ I:\Users\Public\Desktop\AION Free-to-Play.lnk
2013-11-19 01:46 - 2013-11-19 01:46 - 00002968 _____ C:\Windows\System32\Tasks\{16483288-D1FE-4BCA-A23D-C0DDBFDA0855}
2013-11-19 01:03 - 2013-11-19 01:03 - 00000000 ____D I:\Users\Steven\Downloads\Gameforge Live
2013-11-19 01:03 - 2013-09-09 12:25 - 00000733 _____ I:\Users\Public\Desktop\Gameforge Live.lnk
2013-11-18 19:32 - 2013-10-18 06:29 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-16 11:02 - 2013-11-16 11:02 - 00000000 ____D I:\Users\Steven\AppData\Local\Arktos Entertainment
2013-11-13 18:23 - 2013-10-23 14:33 - 00000761 _____ I:\Users\Public\Desktop\Speccy.lnk
2013-11-13 12:55 - 2013-11-11 12:17 - 00176438 _____ C:\Windows\PFRO.log
2013-11-13 12:55 - 2013-10-22 23:13 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-11-12 17:53 - 2013-11-12 17:53 - 00000000 ____D I:\Users\Steven\Documents\Razer
2013-11-12 17:51 - 2013-11-12 17:51 - 00000897 _____ I:\Users\Public\Desktop\Razer Game Booster.lnk
2013-11-12 17:51 - 2013-11-12 17:51 - 00000000 ____D I:\Users\Steven\AppData\Local\Razer
2013-11-12 17:49 - 2013-10-23 12:54 - 01590298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-12 17:41 - 2013-11-12 17:40 - 39721880 _____ (Razer Inc.                                                  ) I:\Users\Steven\Downloads\RazerGameBoosterSetup_4.0.68.0.exe
2013-11-12 16:00 - 2013-10-23 20:56 - 00007652 _____ I:\Users\Steven\AppData\Local\Resmon.ResmonCfg
2013-11-12 13:11 - 2013-11-12 13:09 - 00000000 ____D I:\Users\Steven\AppData\Local\Google
2013-11-12 13:10 - 2013-11-12 13:10 - 00000000 ____D I:\Users\Steven\AppData\Roaming\AVAST Software
2013-11-12 13:09 - 2013-11-12 13:09 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-12 13:08 - 2013-11-12 13:08 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-12 13:08 - 2013-11-12 13:08 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-12 13:08 - 2013-11-12 13:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-12 13:08 - 2013-11-12 13:08 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-12 13:05 - 2013-11-12 13:04 - 00003510 _____ C:\shared.log
2013-11-12 13:03 - 2013-11-12 13:02 - 87529432 _____ (AVAST Software) I:\Users\Steven\Downloads\avast_free_antivirus_setup2008.exe
2013-11-11 13:17 - 2013-11-11 13:17 - 00001176 _____ I:\Users\Public\Desktop\GeForce Experience.lnk
2013-11-11 13:16 - 2013-05-06 18:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-11 13:16 - 2013-05-06 18:29 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-11 13:12 - 2013-11-11 13:09 - 255060336 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.65-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-11-11 12:56 - 2013-11-11 12:56 - 00064408 _____ I:\Users\Steven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-11 12:17 - 2013-11-11 12:17 - 00294888 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-10 02:46 - 2013-11-10 02:46 - 00000000 _____ C:\Windows\setuperr.log
2013-11-08 22:42 - 2013-05-06 22:23 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Maxthon3
2013-11-08 21:47 - 2013-11-11 13:16 - 01064224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-08 21:47 - 2013-11-11 13:16 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-03 02:37 - 2013-10-23 12:58 - 00000000 ____D I:\Users\UpdatusUser.Steven-PC
2013-11-01 20:14 - 2013-05-06 22:23 - 00003544 _____ C:\Windows\System32\Tasks\Maxthon Update
2013-10-31 17:03 - 2013-05-09 14:24 - 00000000 ____D I:\Users\Steven\AppData\Roaming\vlc
2013-10-30 17:37 - 2013-10-30 17:25 - 452840010 _____ I:\Users\Steven\Downloads\wcxVIOLETTE01(1).mp4
2013-10-30 09:16 - 2013-10-30 09:00 - 544962067 _____ I:\Users\Steven\Downloads\wcxVIOLETTE02.mp4
2013-10-23 16:00 - 2013-10-23 15:11 - 00003256 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-23 15:45 - 2013-05-06 18:08 - 00001769 _____ C:\Windows\Language_trs.ini
2013-10-23 15:37 - 2013-05-06 18:15 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-23 15:33 - 2013-05-06 18:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-23 15:24 - 2013-10-23 15:24 - 00001097 _____ I:\Users\Public\Desktop\HD VDeck.lnk
2013-10-23 15:19 - 2013-10-23 15:19 - 00000000 ____D I:\Users\Steven\Downloads\23894-AMD_VGA_V871000_XPVISTAWIN7
2013-10-23 15:14 - 2013-05-06 21:53 - 00000000 ____D I:\Users\Steven
2013-10-23 14:33 - 2013-10-23 14:32 - 00000000 ____D C:\Program Files\Speccy
2013-10-23 14:21 - 2013-10-23 14:21 - 05552488 _____ (Piriform Ltd) I:\Users\Steven\Downloads\spsetup123.exe
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\UpdatusUser.Steven-PC\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:32 - 2013-10-23 13:32 - 00000691 _____ I:\Users\Steven\Desktop\EVEREST Home Edition.lnk
2013-10-23 13:31 - 2013-10-23 13:31 - 04179293 _____ (Lavalys, Inc.                                              ) I:\Users\Steven\Downloads\everesthome220.exe
2013-10-23 13:24 - 2013-10-23 13:24 - 00000000 ____D I:\Users\Steven\AppData\Local\NVIDIA
2013-10-23 13:00 - 2013-10-23 13:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-23 12:58 - 2013-10-23 12:58 - 00000020 ___SH I:\Users\UpdatusUser.Steven-PC\ntuser.ini
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Vorlagen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Startmenü
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Netzwerkumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Lokale Einstellungen
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Eigene Dateien
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Druckumgebung
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Musik
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Documents\Eigene Bilder
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Verlauf
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\AppData\Local\Anwendungsdaten
2013-10-23 12:58 - 2013-10-23 12:58 - 00000000 _SHDL I:\Users\UpdatusUser.Steven-PC\Anwendungsdaten
2013-10-23 12:49 - 2013-10-23 12:49 - 00000733 _____ I:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-23 12:49 - 2013-10-23 12:49 - 00000000 ____D I:\Users\Steven\AppData\Roaming\Malwarebytes
2013-10-23 12:48 - 2013-10-23 12:45 - 253931296 _____ (NVIDIA Corporation) I:\Users\Steven\Downloads\331.58-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-10-23 11:30 - 2013-11-11 13:13 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-11-11 13:13 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-23 11:30 - 2013-11-11 13:13 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-23 11:30 - 2013-10-23 12:51 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2013-05-06 18:30 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-10-23 11:30 - 2013-05-06 18:30 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-10-23 11:30 - 2013-05-06 18:29 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2013-05-06 18:29 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-23 11:30 - 2013-05-06 18:29 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 09:20 - 2013-05-06 18:30 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 03426956 _____ C:\Windows\system32\nvcoproc.bin
2013-10-23 09:20 - 2013-05-06 18:30 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2013-05-06 18:30 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2013-05-06 18:30 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-22 23:13 - 2013-10-22 23:13 - 00000000 ____D I:\Users\Steven\AppData\Roaming\SUPERAntiSpyware.com

Some content of TEMP:
====================
I:\Users\Steven\AppData\Local\Temp\avgnt.exe
I:\Users\Steven\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 04:54

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by Steven at 2013-11-20 17:37:02
Running from I:\Users\Steven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Reader X - Deutsch (x32 Version: 10.0.0)
AION Free-to-Play (x32)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0)
ATI Catalyst Install Manager (Version: 3.0.765.0)
avast! Free Antivirus (x32 Version: 9.0.2008)
B010 (x32 Version: 140.0.344.000)
BufferChm (x32 Version: 140.0.212.000)
Command & Conquer 3 Kane's Wrath(TM) Worldbuilder (x32 Version: 1.0)
Command & Conquer 3 Tiberium Wars(TM) Worldbuilder (x32 Version: 1.0)
Command & Conquer 3 Tiberium Wars™ (x32 Version: 1.0.0.0)
Command & Conquer™ 3 Kane's Wrath (x32 Version: 1.0.0.0)
Command and Conquer 4: Tiberian Twilight (x32)
Destinations (x32 Version: 140.0.167.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
FUSSBALL MANAGER 12 (x32 Version: 1.0.0.3)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0)
GeForce Experience NvStream Client Components (Version: 1.6.28)
GPBaseService2 (x32 Version: 140.0.211.000)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.002.002.002)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
Infestation Survivor Stories version 1.0 (x32 Version: 1.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Maxthon Cloud Browser (x32 Version: 4.0.5.4000)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 9.3.21 (Version: 9.3.21)
NVIDIA Update Components (Version: 9.3.21)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.2.1.4399)
Platform (x32 Version: 1.39)
PS_AIO_07_B010_SW_Min (x32 Version: 140.0.224.000)
Razer Game Booster (x32 Version: 4.0.68.0)
Realtek Ethernet Controller Driver (x32 Version: 7.43.321.2011)
Realtek Ethernet Diagnostic Utility (x32 Version: 1.00.0000)
Scan (x32 Version: 140.0.80.000)
Serious Sam 3: BFE (x32)
SHIELD Streaming (Version: 1.6.53)
Sid Meier's Civilization V (x32)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.214.000)
Speccy (Version: 1.23)
StarCraft II (x32)
Status (x32 Version: 140.0.256.000)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.13.1)
Toolbox (x32 Version: 140.0.428.000)
TrayApp (x32 Version: 140.0.212.000)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
Unity Web Player (HKCU Version: )
VLC media player 2.0.6 (Version: 2.0.6)
WebReg (x32 Version: 140.0.212.017)
World of Warcraft (x32 Version: 5.3.0.17128)

==================== Restore Points  =========================

13-11-2013 07:30:45 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {034B0710-21A8-4A8A-AD7B-1F7D3FE13294} - System32\Tasks\HP-Online-Aktualisierungsprogramm => D:\HP Photosmart B010\HP Software Update\hpwuschd2.exe [2009-11-18] (Hewlett-Packard)
Task: {20097410-477C-4304-8339-A5E8EF82D72E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {52B9251B-25AD-4504-AA26-D3A24A1096D0} - System32\Tasks\Maxthon Update => D:\Maxthon\Bin\MxUp.exe [2013-10-09] (Maxthon International ltd.)
Task: {6F5C5C7C-0E7B-44E7-9C9B-9F665ADDD7DC} - System32\Tasks\SomotoUpdateCheckerAutoStart => I:\Users\Steven\AppData\Local\FilesFrog Update Checker\update_checker.exe
Task: {87D50A26-78EF-435B-B28A-CA9DD2D59447} - System32\Tasks\{16483288-D1FE-4BCA-A23D-C0DDBFDA0855} => H:\Gameforge Live\GameforgeLive\GameforgeLive.exe [2013-10-02] ()
Task: {943FE881-9817-4168-A75C-C21BD743B103} - System32\Tasks\avast! Emergency Update => D:\Antivirus\AvastEmUpdate.exe [2013-11-12] (AVAST Software)
Task: {F4875661-7007-4FD6-9AD1-1C7A0D825E5F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => D:\Tune Up\OneClick.exe [2013-01-28] (TuneUp Software)

==================== Loaded Modules (whitelisted) =============

2013-05-06 18:22 - 2010-12-17 19:25 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-05-06 18:22 - 2010-12-17 19:25 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-05-06 18:22 - 2010-12-17 19:25 - 00105584 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-05-06 18:22 - 2010-12-17 19:25 - 64643696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-11-18 23:44 - 2013-11-18 21:31 - 02145792 _____ () D:\Antivirus\defs\13111801\algo.dll
2013-11-12 13:08 - 2013-11-12 13:08 - 19336120 _____ () D:\Antivirus\libcef.dll
2013-05-06 22:23 - 2012-10-16 06:20 - 00258944 _____ () D:\Maxthon\bin\Maxzlib.dll
2013-05-06 22:23 - 2012-10-16 06:20 - 00258944 _____ () D:\Maxthon\Bin\maxzlib.dll
2013-11-08 22:42 - 2013-08-09 09:44 - 00232760 _____ () D:\Maxthon\Addons\Mobile\MxMobile.dll
2013-05-06 22:23 - 2013-08-09 09:44 - 00755000 _____ () D:\Maxthon\Core\Webkit\libglesv2.dll
2013-05-06 22:23 - 2013-08-09 09:44 - 00149304 _____ () D:\Maxthon\Core\Webkit\libegl.dll
2013-05-06 22:23 - 2012-10-16 06:20 - 00258944 _____ () D:\Maxthon\Bin\MaxZLib.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-11-20 17:21:50.091
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 17:15:24.053
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 17:10:42.253
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 17:05:37.146
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 17:05:09.652
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 17:05:05.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 17:04:52.233
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 17:02:14.412
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 16:27:53.320
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-20 16:25:18.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 16366.12 MB
Available physical RAM: 14246.61 MB
Total Pagefile: 32730.42 MB
Available Pagefile: 30529.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:53.61 GB) (Free:15.61 GB) NTFS
Drive d: (Programme) (Fixed) (Total:101.07 GB) (Free:99.37 GB) NTFS
Drive e: (MANAGER12) (CDROM) (Total:6.87 GB) (Free:0 GB) CDFS
Drive h: (Spiele) (Fixed) (Total:260.68 GB) (Free:141.7 GB) NTFS
Drive i: (Sonstiges) (Fixed) (Total:50.29 GB) (Free:43.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 10BECBF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=54 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=101 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=311 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus 20.11.2013 21:03
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Alle Zeitangaben in WEZ +1. Es ist jetzt 01:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131