Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Pc ist seit paar Tagen sehr Langsam! (https://www.trojaner-board.de/151139-pc-seit-paar-tagen-sehr-langsam.html)

cosinus 17.03.2014 01:23
Erstell dir mal ein neues Profil und teste => Firefox-Profile erstellen und löschen | Hilfe zu Firefox

nannju 17.03.2014 01:31
ich benutze opera soll ich mich firefox downloaden?

Auf dem linken bild dieses spyware fenster kommt überall und wenn ich mal chrome öffne kommt, dass ich updaten soll aber diese extra seiten sind bestimmt nicht richtig...

cosinus 17.03.2014 01:35
Ich bin mir sicher, dass du eine Anleitung im Web findest wie man Opera resettet. Ansonsten probierst du einfach mal testweise den Firefox aus.

nannju 17.03.2014 01:42
firefox ist noch schlimmer. Nun öffnen sich bei jedem wechseln vom forum thread oder tab 3 neue fenster, selbst opera lässtdie tabs nicht mehr schließen das dauert manchmal 5-10 min bis einer geschlossen wird...

cosinus 17.03.2014 03:04
Dann gibt es nicht mehr viele Möglichkeiten.
Schau erstmal nach, ob dieser Rechner auch mit einem Live-Linux lahmt oder ob das nur unter Windows so ist. Als Live-Linux böte sich Knoppix oder Lubuntu im Ausprobiermodus an.

nannju 17.03.2014 14:54
Ich probiere es nachher aus.
Welche Möglichkeiten gibt's den noch für mich? Es werden manchmal mehr Tabs, die Einfach öffnen... Lassen sich nicht immer sofort schließen.. ist es ein Trojaner den ich drauf habe?

Edit
Ih habe mir mal avast runtergelqden ( hast du in einem thread gegen antivi geschrieben^^)
Hab ein fund: c/programm Files (c86)\Show password soft\uninstall.exe ist infiziert von win 32 dropper gen drp

Hab auf löschen gedrückt =-O

2. Edit:

nach löschen und meheren avast scanns sind schonmal die nervigen pob dinger weg und es kommt auch keine meldung mehr, dass ich irgendwas runterladen muss bei opera und chrome... heißt es der trojaner /virus oder was es war ist nun weg ??

jetzt kommt zum 4 mal eine avast ROOTKIT gefunden warnung

SVC:Show-Password > C:\Program Fules (x86)\...\Show-Password157.exe Rootkit -Name Win32:Evo-gen

Mehrmals gelöscht und dann neustart und kompletten scann durchgeführt aber diese meldung kommt wie gesagt immer wieder soll ich den ordner einfach löschen?


gruß

cosinus 17.03.2014 16:25
Mach mal frische FRST-Logs. Haken setzen bei additions. Offenbar haben unsere Anti-Junkware-Tools und auch auch dieses show password übersehen :stirn:

nannju 17.03.2014 18:35

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Mark (administrator) on SCHNUFFEL on 17-03-2014 18:33:57
Running from C:\Users\Mark\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.77\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-03-17] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1822400 2014-02-20] (Valve Corporation)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\MountPoints2: {31529e3d-c958-11e2-be71-10604b6748bd} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\MountPoints2: {e751f3da-86be-11e3-be8c-10604b6748bd} - "G:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM - {E1EF7A1C-74E8-4654-9E07-E2F4282A200A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326313&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP68360964-9372-4830-8A41-36B42410B4AF&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\kb8q0lr6.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-17]
FF HKCU\...\Firefox\Extensions: [{28583f9a-1bdc-4b12-94a4-ee2211ad53a5}] - C:\Program Files (x86)\Show-Password-soft\157.xpi
FF Extension: Show-Password - C:\Program Files (x86)\Show-Password-soft\157.xpi [2014-03-13]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "sync": {
      "suppress_start"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Extension: (avast! Online Security) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-17]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-17] (AVAST Software)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)
S4 Show-Password; C:\Program Files (x86)\Show-Password-soft\Show-Password157.exe [195072 2014-03-13] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [78648 2014-03-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2014-03-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-17] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1038072 2014-03-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [421704 2014-03-17] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [80184 2014-03-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-03-17] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RzDxgk; C:\WINDOWS\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 16:08 - 2014-03-17 16:08 - 00092162 _____ () C:\Users\Mark\Desktop\wdwdqqw.odt
2014-03-17 12:52 - 2014-03-17 12:52 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-17 12:52 - 2014-03-17 12:52 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-17 12:52 - 2014-03-17 12:52 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-17 12:52 - 2014-03-17 12:52 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\AVAST Software
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-17 12:49 - 2014-03-17 12:50 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-17 12:47 - 2014-03-17 12:48 - 00000000 ____D () C:\Users\Mark\Desktop\deskt
2014-03-17 12:43 - 2014-03-17 12:49 - 90578216 _____ (AVAST Software) C:\Users\Mark\Desktop\avast_free_antivirus_setup_9.0.2013.exe
2014-03-17 01:39 - 2014-03-17 01:39 - 00000000 ____D () C:\Users\Mark\AppData\Local\Macromedia
2014-03-17 01:38 - 2014-03-17 01:38 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Local\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-16 23:05 - 2014-03-17 18:34 - 00020111 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-03-16 23:04 - 2014-03-16 23:04 - 02157056 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-03-16 22:59 - 2014-03-16 22:59 - 00000906 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-03-16 22:55 - 2014-03-16 22:55 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-16 22:50 - 2014-03-16 22:52 - 00000000 ____D () C:\AdwCleaner
2014-03-16 22:43 - 2014-03-16 22:43 - 01950720 _____ () C:\Users\Mark\Desktop\adwcleaner.exe
2014-03-16 22:43 - 2014-03-16 22:43 - 01037734 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-03-16 22:26 - 2014-03-16 22:35 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-16 22:24 - 2014-03-16 22:39 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-16 22:24 - 2014-03-16 22:35 - 00000000 ____D () C:\Users\Mark\Desktop\mbar
2014-03-16 22:22 - 2014-03-16 22:23 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mark\Desktop\mbar-1.07.0.1009.exe
2014-03-16 21:15 - 2014-03-16 21:16 - 05190279 _____ (Swearware) C:\Users\Mark\Downloads\ComboFix.exe
2014-03-16 20:59 - 2014-03-16 20:59 - 00004204 _____ () C:\Users\Mark\Desktop\Ereignisse.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00068137 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00031536 _____ () C:\Users\Mark\Downloads\Addition.txt
2014-03-16 20:53 - 2014-03-17 18:33 - 00000000 ____D () C:\FRST
2014-03-16 20:53 - 2014-03-16 20:53 - 02157056 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe
2014-03-16 20:52 - 2014-03-16 20:52 - 01145856 _____ (Farbar) C:\Users\Mark\Downloads\FRST.exe
2014-03-16 20:35 - 2014-03-16 20:35 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner_3.022.exe
2014-03-16 20:24 - 2014-03-16 20:24 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner.exe
2014-03-16 20:04 - 2014-03-16 20:04 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-16 20:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-16 20:02 - 2014-03-16 20:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 15:30 - 2014-03-16 15:30 - 00847848 _____ (Google Inc.) C:\Users\Mark\Downloads\ChromeSetup.exe
2014-03-16 15:23 - 2014-03-16 15:23 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-16 12:57 - 2014-03-16 12:57 - 00000000 ____D () C:\Users\Mark\Downloads\Doom_CooldownPulse
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse.zip
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse (1).zip
2014-03-14 18:34 - 2014-03-17 14:01 - 00493562 _____ () C:\WINDOWS\PFRO.log
2014-03-14 17:50 - 2014-03-14 17:50 - 00003676 _____ () C:\WINDOWS\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\TuneUp Software
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Local\Avg2014
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-14 17:44 - 2013-12-18 10:01 - 00040760 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-03-14 17:44 - 2013-12-18 10:01 - 00029496 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-03-14 17:44 - 2013-12-18 10:01 - 00025400 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2014-03-14 17:42 - 2014-03-14 17:50 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-14 17:42 - 2014-03-14 17:46 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-14 17:38 - 2014-03-14 17:40 - 35955112 _____ (TuneUp Software) C:\Users\Mark\Downloads\TuneUpUtilities2014_de-DE.exe
2014-03-14 17:28 - 2014-03-17 17:24 - 01441342 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-14 17:20 - 2014-03-17 01:29 - 00000880 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-14 17:20 - 2014-03-14 17:20 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-14 17:20 - 2014-03-14 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-14 17:19 - 2014-03-14 17:19 - 03690256 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup411_slim.exe
2014-03-14 11:43 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-14 11:43 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-14 11:43 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-14 11:43 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-14 11:42 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-14 11:42 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-14 11:42 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-14 11:42 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-14 11:42 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-14 11:42 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-14 11:42 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-14 11:42 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-14 11:42 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-14 11:42 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-14 11:42 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-14 11:42 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-14 11:42 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-14 11:42 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-14 11:42 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-14 11:42 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-14 11:42 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-14 11:42 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-14 11:42 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-14 11:42 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-14 11:42 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-14 11:42 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-14 11:42 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-14 11:42 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-14 11:42 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-14 11:42 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-14 11:42 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-14 11:42 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-14 11:42 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-14 11:42 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-14 11:42 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-14 11:42 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-14 11:42 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-14 11:42 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-14 11:42 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-14 11:42 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-14 11:42 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-14 11:42 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-14 11:42 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-14 11:42 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-14 11:42 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-14 11:42 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-14 11:42 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-14 11:42 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-14 11:42 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-14 11:42 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-14 11:42 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-14 11:42 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-14 11:41 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-14 11:41 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-14 11:41 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-14 11:40 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-14 11:40 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-14 11:40 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-13 20:45 - 2014-03-14 17:21 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-13 13:35 - 2014-03-13 13:39 - 00000000 ____D () C:\Users\Mark\Downloads\VuhDo_3.53
2014-03-13 13:34 - 2014-03-13 13:34 - 01009533 _____ () C:\Users\Mark\Downloads\VuhDo_3.53.zip
2014-03-13 12:47 - 2014-03-17 01:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-13 12:46 - 2014-03-17 16:10 - 00000432 _____ () C:\WINDOWS\Tasks\Show-Password_wd.job
2014-03-13 12:46 - 2014-03-17 13:19 - 00000000 ____D () C:\Program Files (x86)\Show-Password-soft
2014-03-13 12:46 - 2014-03-13 12:46 - 00003010 _____ () C:\WINDOWS\System32\Tasks\Show-Password_wd
2014-03-12 20:29 - 2014-03-12 20:29 - 00216513 _____ () C:\Users\Mark\Downloads\tMorph (6).zip
2014-03-12 20:29 - 2014-03-12 20:29 - 00000000 ____D () C:\Users\Mark\Desktop\tMorph (6)
2014-03-12 12:15 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-03-12 12:08 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 15783992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-12 12:08 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433523.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433523.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-03-11 20:38 - 2014-03-16 19:47 - 00000348 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMark.job
2014-03-11 20:38 - 2014-03-16 15:12 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMark
2014-03-03 20:22 - 2014-03-03 20:22 - 00215663 _____ () C:\Users\Mark\Downloads\tMorph (5).zip
2014-02-20 21:44 - 2014-02-20 21:44 - 00215661 _____ () C:\Users\Mark\Downloads\tMorph (4).zip
2014-02-19 23:30 - 2014-02-19 23:30 - 00215659 _____ () C:\Users\Mark\Downloads\tMorph (3).zip
2014-02-18 20:52 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 20:52 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-17 18:04 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-17 18:04 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-17 18:04 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-17 18:04 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-17 18:04 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-17 18:04 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-17 18:04 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-17 18:04 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-17 18:04 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-17 18:04 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-17 18:04 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-17 18:04 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-17 18:04 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-17 18:04 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-17 18:04 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-17 18:04 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-17 18:04 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-17 18:04 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-17 18:04 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-17 18:04 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-17 18:04 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-17 18:04 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-17 18:04 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-17 18:04 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-17 18:04 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-17 18:04 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-17 18:04 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-17 18:04 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-17 18:04 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-17 18:04 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-17 18:04 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-17 18:04 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-17 18:04 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-17 18:04 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-17 18:04 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-17 18:04 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-17 18:04 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-17 18:04 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-17 18:04 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-17 18:04 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-17 18:04 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-17 18:04 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-17 18:04 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-17 18:04 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-17 18:04 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-17 18:04 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 13:29 - 2014-02-16 13:29 - 00002239 _____ () C:\Users\Mark\Desktop\HP Support Assistant.lnk
2014-02-16 13:28 - 2014-03-14 17:50 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-16 13:27 - 2014-03-14 17:50 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\hpqLog
2014-02-16 11:33 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-16 11:33 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-16 11:33 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-16 11:33 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-16 11:33 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-16 11:33 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-16 11:33 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-16 11:33 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-16 11:33 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-16 11:33 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-16 11:33 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-16 11:33 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-16 11:33 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-16 11:33 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-16 11:33 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-16 11:33 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-16 11:33 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-16 11:33 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-16 11:33 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-16 11:33 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-16 11:33 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-16 11:33 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-16 11:33 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-16 11:33 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-16 11:33 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-16 11:33 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-16 11:33 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-16 11:33 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-16 11:30 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-16 11:30 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-16 11:30 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-16 11:30 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-16 11:30 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-16 11:30 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-16 11:30 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-16 11:30 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-16 11:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-16 11:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-16 11:29 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-16 11:29 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-16 11:29 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-16 11:29 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-16 11:29 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-16 11:29 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-16 11:28 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-16 11:28 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-16 11:28 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-16 11:28 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-16 11:28 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-16 11:28 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-16 11:28 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-16 11:28 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-16 11:28 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-16 11:28 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-16 11:26 - 2014-02-16 11:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-16 11:21 - 2014-01-16 00:13 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433467.dll
2014-02-16 11:21 - 2014-01-16 00:13 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433467.dll

==================== One Month Modified Files and Folders =======

2014-03-17 18:34 - 2014-03-16 23:05 - 00020111 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-03-17 18:33 - 2014-03-16 20:53 - 00000000 ____D () C:\FRST
2014-03-17 18:31 - 2013-09-19 19:47 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-17 18:25 - 2013-11-04 18:45 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1A66557B-D5EB-47B3-98D0-C87D0B057751}
2014-03-17 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-17 17:49 - 2013-05-13 20:24 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 17:24 - 2014-03-14 17:28 - 01441342 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-17 16:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-17 16:23 - 2013-05-13 20:21 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994830636-2804794430-2304076529-1001
2014-03-17 16:16 - 2013-09-30 05:14 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-17 16:16 - 2013-09-30 04:56 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-17 16:16 - 2013-09-30 04:56 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-17 16:12 - 2013-05-13 20:25 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-17 16:11 - 2013-10-29 16:49 - 00000000 __RDO () C:\Users\Mark\SkyDrive
2014-03-17 16:11 - 2013-05-13 20:24 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 16:10 - 2014-03-13 12:46 - 00000432 _____ () C:\WINDOWS\Tasks\Show-Password_wd.job
2014-03-17 16:10 - 2013-10-29 14:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-17 16:10 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-17 16:08 - 2014-03-17 16:08 - 00092162 _____ () C:\Users\Mark\Desktop\wdwdqqw.odt
2014-03-17 16:08 - 2013-05-26 20:15 - 00551936 ___SH () C:\Users\Mark\Desktop\Thumbs.db
2014-03-17 15:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-17 14:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-17 14:01 - 2014-03-14 18:34 - 00493562 _____ () C:\WINDOWS\PFRO.log
2014-03-17 13:19 - 2014-03-13 12:46 - 00000000 ____D () C:\Program Files (x86)\Show-Password-soft
2014-03-17 12:52 - 2014-03-17 12:52 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-17 12:52 - 2014-03-17 12:52 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-17 12:52 - 2014-03-17 12:52 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-17 12:52 - 2014-03-17 12:52 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\AVAST Software
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-17 12:50 - 2014-03-17 12:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-17 12:49 - 2014-03-17 12:43 - 90578216 _____ (AVAST Software) C:\Users\Mark\Desktop\avast_free_antivirus_setup_9.0.2013.exe
2014-03-17 12:48 - 2014-03-17 12:47 - 00000000 ____D () C:\Users\Mark\Desktop\deskt
2014-03-17 01:51 - 2013-10-29 14:42 - 00000000 ____D () C:\Users\Mark
2014-03-17 01:39 - 2014-03-17 01:39 - 00000000 ____D () C:\Users\Mark\AppData\Local\Macromedia
2014-03-17 01:38 - 2014-03-17 01:38 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Local\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-17 01:38 - 2014-03-13 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-17 01:29 - 2014-03-14 17:20 - 00000880 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-17 01:29 - 2013-06-08 22:02 - 00001013 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-16 23:04 - 2014-03-16 23:04 - 02157056 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-03-16 22:59 - 2014-03-16 22:59 - 00000906 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-03-16 22:55 - 2014-03-16 22:55 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-16 22:52 - 2014-03-16 22:50 - 00000000 ____D () C:\AdwCleaner
2014-03-16 22:43 - 2014-03-16 22:43 - 01950720 _____ () C:\Users\Mark\Desktop\adwcleaner.exe
2014-03-16 22:43 - 2014-03-16 22:43 - 01037734 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-03-16 22:39 - 2014-03-16 22:24 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-16 22:35 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-16 22:35 - 2014-03-16 22:24 - 00000000 ____D () C:\Users\Mark\Desktop\mbar
2014-03-16 22:23 - 2014-03-16 22:22 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mark\Desktop\mbar-1.07.0.1009.exe
2014-03-16 21:16 - 2014-03-16 21:15 - 05190279 _____ (Swearware) C:\Users\Mark\Downloads\ComboFix.exe
2014-03-16 21:12 - 2012-12-22 10:44 - 00000000 ____D () C:\ProgramData\Norton
2014-03-16 21:10 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-16 20:59 - 2014-03-16 20:59 - 00004204 _____ () C:\Users\Mark\Desktop\Ereignisse.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00068137 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00031536 _____ () C:\Users\Mark\Downloads\Addition.txt
2014-03-16 20:53 - 2014-03-16 20:53 - 02157056 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe
2014-03-16 20:52 - 2014-03-16 20:52 - 01145856 _____ (Farbar) C:\Users\Mark\Downloads\FRST.exe
2014-03-16 20:35 - 2014-03-16 20:35 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner_3.022.exe
2014-03-16 20:24 - 2014-03-16 20:24 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner.exe
2014-03-16 20:04 - 2014-03-16 20:04 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-16 20:03 - 2014-03-16 20:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 19:47 - 2014-03-11 20:38 - 00000348 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMark.job
2014-03-16 15:30 - 2014-03-16 15:30 - 00847848 _____ (Google Inc.) C:\Users\Mark\Downloads\ChromeSetup.exe
2014-03-16 15:30 - 2013-09-19 19:47 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-16 15:30 - 2013-06-07 20:49 - 00000000 ____D () C:\Users\Mark\AppData\Local\Adobe
2014-03-16 15:23 - 2014-03-16 15:23 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-16 15:12 - 2014-03-11 20:38 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMark
2014-03-16 12:57 - 2014-03-16 12:57 - 00000000 ____D () C:\Users\Mark\Downloads\Doom_CooldownPulse
2014-03-16 02:12 - 2013-07-12 21:45 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse.zip
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse (1).zip
2014-03-15 14:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-14 17:54 - 2013-05-28 22:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 17:50 - 2014-03-14 17:50 - 00003676 _____ () C:\WINDOWS\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-03-14 17:50 - 2014-03-14 17:42 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-14 17:50 - 2014-02-16 13:28 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-14 17:50 - 2014-02-16 13:27 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\hpqLog
2014-03-14 17:50 - 2013-05-20 20:20 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\HpUpdate
2014-03-14 17:46 - 2014-03-14 17:42 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\TuneUp Software
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Local\Avg2014
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-14 17:40 - 2014-03-14 17:38 - 35955112 _____ (TuneUp Software) C:\Users\Mark\Downloads\TuneUpUtilities2014_de-DE.exe
2014-03-14 17:32 - 2013-08-22 15:44 - 00537376 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-14 17:21 - 2014-03-13 20:45 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-14 17:21 - 2013-10-29 14:36 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-14 17:21 - 2013-06-08 22:03 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\TS3Client
2014-03-14 17:20 - 2014-03-14 17:20 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-14 17:20 - 2014-03-14 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-14 17:19 - 2014-03-14 17:19 - 03690256 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup411_slim.exe
2014-03-14 11:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-13 13:39 - 2014-03-13 13:35 - 00000000 ____D () C:\Users\Mark\Downloads\VuhDo_3.53
2014-03-13 13:34 - 2014-03-13 13:34 - 01009533 _____ () C:\Users\Mark\Downloads\VuhDo_3.53.zip
2014-03-13 12:46 - 2014-03-13 12:46 - 00003010 _____ () C:\WINDOWS\System32\Tasks\Show-Password_wd
2014-03-13 12:40 - 2013-08-24 15:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-12 20:29 - 2014-03-12 20:29 - 00216513 _____ () C:\Users\Mark\Downloads\tMorph (6).zip
2014-03-12 20:29 - 2014-03-12 20:29 - 00000000 ____D () C:\Users\Mark\Desktop\tMorph (6)
2014-03-12 13:24 - 2013-12-12 20:48 - 00001103 _____ () C:\Users\Mark\Desktop\tmorph.txt
2014-03-12 12:15 - 2013-10-29 14:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-12 12:10 - 2013-10-30 17:28 - 00000000 ____D () C:\WINDOWS\Razer Core
2014-03-12 12:07 - 2013-05-13 20:33 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-03-11 11:13 - 2013-05-14 19:01 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-03-11 11:13 - 2013-05-14 19:01 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 15:35 - 2014-03-12 12:08 - 31474976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 25255256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 17755424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 15783992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 12708128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-12 12:08 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 03143456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 02958792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 02783008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 01516488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00877856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00863064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00846168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 18302384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 14709720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 03093280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 02715264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 00947808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 00024544 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-03-04 15:35 - 2012-12-22 10:25 - 00062408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-03-04 15:35 - 2012-12-22 10:25 - 00054216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-03-04 14:06 - 2013-10-29 14:38 - 06714312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-03-04 14:06 - 2013-10-29 14:38 - 03497816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-10-29 14:38 - 03649185 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-03-04 14:05 - 2013-10-29 14:38 - 02558808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-03-04 14:05 - 2013-10-29 14:38 - 00922968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-03-04 14:05 - 2013-10-29 14:38 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-03-04 14:05 - 2013-10-29 14:38 - 00064968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-12 12:15 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-03-03 20:22 - 2014-03-03 20:22 - 00215663 _____ () C:\Users\Mark\Downloads\tMorph (5).zip
2014-03-01 07:05 - 2014-03-14 11:43 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-14 11:42 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-14 11:43 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-14 11:42 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-14 11:42 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-14 11:42 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-14 11:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-14 11:42 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-14 11:42 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-14 11:42 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 04:03 - 2014-03-14 11:42 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-14 11:42 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-14 11:42 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-14 11:42 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-14 11:42 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-14 11:42 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-14 11:42 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-25 11:29 - 2012-12-22 10:30 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-22 22:30 - 2013-05-13 20:14 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-22 22:30 - 2013-05-13 20:14 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-22 22:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-22 22:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-22 22:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-21 07:04 - 2013-10-30 17:29 - 00129472 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\RzDxgk.sys
2014-02-21 07:04 - 2013-10-30 17:29 - 00074432 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\RzFilter.sys
2014-02-20 21:44 - 2014-02-20 21:44 - 00215661 _____ () C:\Users\Mark\Downloads\tMorph (4).zip
2014-02-19 23:30 - 2014-02-19 23:30 - 00215659 _____ () C:\Users\Mark\Downloads\tMorph (3).zip
2014-02-18 14:42 - 2013-07-27 13:44 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-18 14:41 - 2013-05-13 22:13 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-16 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-16 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-16 21:44 - 2013-05-13 20:24 - 00004098 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 21:44 - 2013-05-13 20:24 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 17:51 - 2013-07-30 19:37 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2014-02-16 13:29 - 2014-02-16 13:29 - 00002239 _____ () C:\Users\Mark\Desktop\HP Support Assistant.lnk
2014-02-16 13:29 - 2012-12-22 10:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-02-16 13:29 - 2012-12-22 10:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 13:28 - 2012-12-22 10:29 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-16 13:27 - 2012-08-02 04:15 - 00000000 ____D () C:\SWSETUP
2014-02-16 11:26 - 2014-02-16 11:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\avgnt.exe
C:\Users\Mark\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-14 11:42] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-17 16:23

==================== End Of Log ============================
--- --- ---




Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Mark at 2014-03-17 18:34:23
Running from C:\Users\Mark\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DS-Timer Version 1.0.0.0 (HKLM-x32\...\{C93F8F79-128F-483E-93D9-A7744F8A66BD}_is1) (Version: 1.7.0.8 - Niondir)
Free YouTube to MP3 Converter version 3.12.13.925 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.13.925 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Opera Stable 20.0.1387.77 (HKLM-x32\...\Opera 20.0.1387.77) (Version: 20.0.1387.77 - Opera Software ASA)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.61 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Show-Password (HKLM-x32\...\fde2cbd1-816c-4b04-af69-e7f8e204b988) (Version:  - Show-Password LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
War Thunder Launcher 1.0.1.269 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
XSplit (HKLM-x32\...\{DAA18A0D-A57C-4611-B135-46EA06990E7D}) (Version: 1.2.1303.0101 - SplitMediaLabs)

==================== Restore Points  =========================

16-03-2014 18:58:18 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2876F447-326F-47D2-82DD-81BB1C5D4EAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {40ACD962-894F-4E75-9B8C-6A264C76B663} - System32\Tasks\Show-Password_wd => C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe [2014-03-13] () <==== ATTENTION
Task: {41C6F697-DF1D-439D-93F2-806979E76F15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {46BBEB70-89D4-4D62-9013-F0A1E3661FCD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-17] (AVAST Software)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {59423549-66A1-4477-94AF-EEACD63C433B} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E8DE363-9218-4B57-B964-A02A80AF98AC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-18] (Microsoft Corporation)
Task: {722457FB-B8F2-45AA-ABD3-66B58FBD397A} - System32\Tasks\HPCeeScheduleForMark => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B95774F-503F-4BA3-B81A-AB14E17D45B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {7BFB9AA0-6D69-4177-81F3-45F0FD70AE5B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {7DA1BB57-D7DC-4D6A-AE9A-8DDDF44FFFAF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {821DC8D4-91BF-4F10-A25A-268E416E85C1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {98381DF9-DF47-473B-A4E8-79E4A9D38DF8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {9E3A3BE3-35DA-4DB1-9251-BBA99748F87D} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B5C6651D-4387-4462-AFF2-A0D7EBD11D0B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {B9AC2727-EE75-4B1F-AB34-E096F27F9DBC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2D506BE-1FB6-4A8E-950D-D68E79976744} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FCC3B72B-9C01-419D-A733-AD23358811D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: {FFD56986-6911-4E1A-AF42-18C8816CDE43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMark.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Show-Password_wd.job => C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-10-29 14:38 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-29 13:14 - 2013-08-23 14:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-05-29 13:14 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-05-29 13:14 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-12-18 10:01 - 2013-12-18 10:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-03-13 12:46 - 2014-03-13 12:46 - 00093184 _____ () C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe
2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-10-29 16:35 - 2013-10-29 16:35 - 00120224 _____ () C:\Users\Mark\AppData\Local\assembly\dl3\L8VLBJ07.VKN\RJ6AQOG3.0N5\ccb8cacf\0017145d_cd85cd01\HPItunesModule.DLL
2014-03-13 12:40 - 2014-03-12 12:40 - 01380192 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\opera_crashreporter.exe
2014-03-17 12:57 - 2014-03-17 10:20 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14031700\algo.dll
2014-03-17 12:52 - 2014-03-17 12:52 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-22 10:31 - 2012-07-18 09:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-13 12:40 - 2014-03-12 12:40 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\libglesv2.dll
2014-03-13 12:40 - 2014-03-12 12:40 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\libegl.dll
2014-03-13 12:40 - 2014-03-12 12:40 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Mark\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2014 04:49:41 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073422302

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/17/2014 04:14:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde nicht richtig gestartet.

Error: (03/17/2014 04:12:39 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (03/17/2014 04:12:33 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (03/17/2014 04:08:29 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:29 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (03/17/2014 04:49:41 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073422302

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 8147.36 MB
Available physical RAM: 6299.11 MB
Total Pagefile: 16339.36 MB
Available Pagefile: 14070.65 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1849.99 GB) (Free:1720.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 346C34DE)

Partition: GPT Partition Type.

==================== End Of Log ============================

cosinus 17.03.2014 18:45
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3326313&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP68360964-9372-4830-8A41-36B42410B4AF&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
FF HKCU\...\Firefox\Extensions: [{28583f9a-1bdc-4b12-94a4-ee2211ad53a5}] - C:\Program Files (x86)\Show-Password-soft\157.xpi
FF Extension: Show-Password - C:\Program Files (x86)\Show-Password-soft\157.xpi [2014-03-13]
S4 Show-Password; C:\Program Files (x86)\Show-Password-soft\Show-Password157.exe [195072 2014-03-13] ()
C:\Users\Mark\Downloads\VuhDo_3.53
C:\Users\Mark\Downloads\VuhDo_3.53.zip
C:\WINDOWS\Tasks\Show-Password_wd.job
C:\Program Files (x86)\Show-Password-soft
C:\WINDOWS\System32\Tasks\Show-Password_wd
C:\Program Files (x86)\Show-Password-soft

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


nannju 17.03.2014 18:51
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Mark at 2014-03-17 18:48:47 Run:2
Running from C:\Users\Mark\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326313&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP68360964-9372-4830-8A41-36B42410B4AF&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
FF HKCU\...\Firefox\Extensions: [{28583f9a-1bdc-4b12-94a4-ee2211ad53a5}] - C:\Program Files (x86)\Show-Password-soft\157.xpi
FF Extension: Show-Password - C:\Program Files (x86)\Show-Password-soft\157.xpi [2014-03-13]
S4 Show-Password; C:\Program Files (x86)\Show-Password-soft\Show-Password157.exe [195072 2014-03-13] ()
C:\Users\Mark\Downloads\VuhDo_3.53
C:\Users\Mark\Downloads\VuhDo_3.53.zip
C:\WINDOWS\Tasks\Show-Password_wd.job
C:\Program Files (x86)\Show-Password-soft
C:\WINDOWS\System32\Tasks\Show-Password_wd
C:\Program Files (x86)\Show-Password-soft
       
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => Value deleted successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\{28583f9a-1bdc-4b12-94a4-ee2211ad53a5} => Value deleted successfully.
C:\Program Files (x86)\Show-Password-soft\157.xpi => Moved successfully.
Show-Password => Service deleted successfully.
C:\Users\Mark\Downloads\VuhDo_3.53 => Moved successfully.
C:\Users\Mark\Downloads\VuhDo_3.53.zip => Moved successfully.
C:\WINDOWS\Tasks\Show-Password_wd.job => Moved successfully.

"C:\Program Files (x86)\Show-Password-soft" directory move:

C:\Program Files (x86)\Show-Password-soft\157.dat => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\a.db => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\b.db => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\Show-Password157.bin => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\Show-Password157.exe => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\Show-Password157.ini => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\Show_.exe => Moved successfully.
C:\Program Files (x86)\Show-Password-soft\Sqlite3.dll => Moved successfully.
Could not move "C:\Program Files (x86)\Show-Password-soft" directory. => Scheduled to move on reboot.

C:\WINDOWS\System32\Tasks\Show-Password_wd => Moved successfully.
C:\Program Files (x86)\Show-Password-soft => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-03-17 18:49:59)<=

C:\Program Files (x86)\Show-Password-soft => Is moved successfully.

==== End of Fixlog ====

cosinus 17.03.2014 18:56
frische FRST-Logs bitte, Haken setzen bei additions.

nannju 17.03.2014 18:58

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Mark (administrator) on SCHNUFFEL on 17-03-2014 18:57:05
Running from C:\Users\Mark\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Opera\20.0.1387.77\opera_crashreporter.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.77\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-03-17] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1822400 2014-02-20] (Valve Corporation)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\MountPoints2: {31529e3d-c958-11e2-be71-10604b6748bd} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1994830636-2804794430-2304076529-1001\...\MountPoints2: {e751f3da-86be-11e3-be8c-10604b6748bd} - "G:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM - {E1EF7A1C-74E8-4654-9E07-E2F4282A200A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\kb8q0lr6.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-17]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "sync": {
      "suppress_start"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Extension: (avast! Online Security) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-17]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-17] (AVAST Software)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [78648 2014-03-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2014-03-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-17] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1038072 2014-03-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [421704 2014-03-17] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [80184 2014-03-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-03-17] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RzDxgk; C:\WINDOWS\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 18:34 - 2014-03-17 18:34 - 00028434 _____ () C:\Users\Mark\Desktop\Addition.txt
2014-03-17 16:08 - 2014-03-17 16:08 - 00092162 _____ () C:\Users\Mark\Desktop\wdwdqqw.odt
2014-03-17 12:52 - 2014-03-17 12:52 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-17 12:52 - 2014-03-17 12:52 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-17 12:52 - 2014-03-17 12:52 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-17 12:52 - 2014-03-17 12:52 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\AVAST Software
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-17 12:49 - 2014-03-17 12:50 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-17 12:47 - 2014-03-17 12:48 - 00000000 ____D () C:\Users\Mark\Desktop\deskt
2014-03-17 12:43 - 2014-03-17 12:49 - 90578216 _____ (AVAST Software) C:\Users\Mark\Desktop\avast_free_antivirus_setup_9.0.2013.exe
2014-03-17 01:39 - 2014-03-17 01:39 - 00000000 ____D () C:\Users\Mark\AppData\Local\Macromedia
2014-03-17 01:38 - 2014-03-17 01:38 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Local\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-16 23:05 - 2014-03-17 18:57 - 00019456 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-03-16 23:04 - 2014-03-16 23:04 - 02157056 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-03-16 22:59 - 2014-03-16 22:59 - 00000906 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-03-16 22:55 - 2014-03-16 22:55 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-16 22:50 - 2014-03-16 22:52 - 00000000 ____D () C:\AdwCleaner
2014-03-16 22:43 - 2014-03-16 22:43 - 01950720 _____ () C:\Users\Mark\Desktop\adwcleaner.exe
2014-03-16 22:43 - 2014-03-16 22:43 - 01037734 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-03-16 22:26 - 2014-03-16 22:35 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-16 22:24 - 2014-03-16 22:39 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-16 22:24 - 2014-03-16 22:35 - 00000000 ____D () C:\Users\Mark\Desktop\mbar
2014-03-16 22:22 - 2014-03-16 22:23 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mark\Desktop\mbar-1.07.0.1009.exe
2014-03-16 21:15 - 2014-03-16 21:16 - 05190279 _____ (Swearware) C:\Users\Mark\Downloads\ComboFix.exe
2014-03-16 20:59 - 2014-03-16 20:59 - 00004204 _____ () C:\Users\Mark\Desktop\Ereignisse.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00068137 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00031536 _____ () C:\Users\Mark\Downloads\Addition.txt
2014-03-16 20:53 - 2014-03-17 18:57 - 00000000 ____D () C:\FRST
2014-03-16 20:53 - 2014-03-16 20:53 - 02157056 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe
2014-03-16 20:52 - 2014-03-16 20:52 - 01145856 _____ (Farbar) C:\Users\Mark\Downloads\FRST.exe
2014-03-16 20:35 - 2014-03-16 20:35 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner_3.022.exe
2014-03-16 20:24 - 2014-03-16 20:24 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner.exe
2014-03-16 20:04 - 2014-03-16 20:04 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-16 20:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-16 20:02 - 2014-03-16 20:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 15:30 - 2014-03-16 15:30 - 00847848 _____ (Google Inc.) C:\Users\Mark\Downloads\ChromeSetup.exe
2014-03-16 15:23 - 2014-03-16 15:23 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-16 12:57 - 2014-03-16 12:57 - 00000000 ____D () C:\Users\Mark\Downloads\Doom_CooldownPulse
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse.zip
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse (1).zip
2014-03-14 18:34 - 2014-03-17 18:49 - 00493902 _____ () C:\WINDOWS\PFRO.log
2014-03-14 17:50 - 2014-03-14 17:50 - 00003676 _____ () C:\WINDOWS\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\TuneUp Software
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Local\Avg2014
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-14 17:44 - 2013-12-18 10:01 - 00040760 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-03-14 17:44 - 2013-12-18 10:01 - 00029496 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-03-14 17:44 - 2013-12-18 10:01 - 00025400 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2014-03-14 17:42 - 2014-03-14 17:50 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-14 17:42 - 2014-03-14 17:46 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-14 17:38 - 2014-03-14 17:40 - 35955112 _____ (TuneUp Software) C:\Users\Mark\Downloads\TuneUpUtilities2014_de-DE.exe
2014-03-14 17:28 - 2014-03-17 18:51 - 01469085 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-14 17:20 - 2014-03-17 01:29 - 00000880 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-14 17:20 - 2014-03-14 17:20 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-14 17:20 - 2014-03-14 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-14 17:19 - 2014-03-14 17:19 - 03690256 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup411_slim.exe
2014-03-14 11:43 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-14 11:43 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-14 11:43 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-14 11:43 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-14 11:42 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-14 11:42 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-14 11:42 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-14 11:42 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-14 11:42 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-14 11:42 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-14 11:42 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-14 11:42 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-14 11:42 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-14 11:42 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-14 11:42 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-14 11:42 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-14 11:42 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-14 11:42 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-14 11:42 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-14 11:42 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-14 11:42 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-14 11:42 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-14 11:42 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-14 11:42 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-14 11:42 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-14 11:42 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-14 11:42 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-14 11:42 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-14 11:42 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-14 11:42 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-14 11:42 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-14 11:42 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-14 11:42 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-14 11:42 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-14 11:42 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-14 11:42 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-14 11:42 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-14 11:42 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-14 11:42 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-14 11:42 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-14 11:42 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-14 11:42 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-14 11:42 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-14 11:42 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-14 11:42 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-14 11:42 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-14 11:42 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-14 11:42 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-14 11:42 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-14 11:42 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-14 11:42 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-14 11:42 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-14 11:41 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-14 11:41 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-14 11:41 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-14 11:40 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-14 11:40 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-14 11:40 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-13 20:45 - 2014-03-14 17:21 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-13 12:47 - 2014-03-17 01:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-12 20:29 - 2014-03-12 20:29 - 00216513 _____ () C:\Users\Mark\Downloads\tMorph (6).zip
2014-03-12 20:29 - 2014-03-12 20:29 - 00000000 ____D () C:\Users\Mark\Desktop\tMorph (6)
2014-03-12 12:15 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-03-12 12:08 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 15783992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-12 12:08 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433523.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433523.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-03-12 12:08 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-03-11 20:38 - 2014-03-16 19:47 - 00000348 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMark.job
2014-03-11 20:38 - 2014-03-16 15:12 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMark
2014-03-03 20:22 - 2014-03-03 20:22 - 00215663 _____ () C:\Users\Mark\Downloads\tMorph (5).zip
2014-02-20 21:44 - 2014-02-20 21:44 - 00215661 _____ () C:\Users\Mark\Downloads\tMorph (4).zip
2014-02-19 23:30 - 2014-02-19 23:30 - 00215659 _____ () C:\Users\Mark\Downloads\tMorph (3).zip
2014-02-18 20:52 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 20:52 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-17 18:04 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-17 18:04 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-17 18:04 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-17 18:04 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-17 18:04 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-17 18:04 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-17 18:04 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-17 18:04 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-17 18:04 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-17 18:04 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-17 18:04 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-17 18:04 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-17 18:04 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-17 18:04 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-17 18:04 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-17 18:04 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-17 18:04 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-17 18:04 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-17 18:04 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-17 18:04 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-17 18:04 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-17 18:04 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-17 18:04 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-17 18:04 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-17 18:04 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-17 18:04 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-17 18:04 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-17 18:04 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-17 18:04 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-17 18:04 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-17 18:04 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-17 18:04 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-17 18:04 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-17 18:04 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-17 18:04 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-17 18:04 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-17 18:04 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-17 18:04 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-17 18:04 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-17 18:04 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-17 18:04 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-17 18:04 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-17 18:04 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-17 18:04 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-17 18:04 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-17 18:04 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 13:29 - 2014-02-16 13:29 - 00002239 _____ () C:\Users\Mark\Desktop\HP Support Assistant.lnk
2014-02-16 13:28 - 2014-03-14 17:50 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-16 13:27 - 2014-03-14 17:50 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\hpqLog
2014-02-16 11:33 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-16 11:33 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-16 11:33 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-16 11:33 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-16 11:33 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-16 11:33 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-16 11:33 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-16 11:33 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-16 11:33 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-16 11:33 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-16 11:33 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-16 11:33 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-16 11:33 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-16 11:33 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-16 11:33 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-16 11:33 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-16 11:33 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-16 11:33 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-16 11:33 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-16 11:33 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-16 11:33 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-16 11:33 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-16 11:33 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-16 11:33 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-16 11:33 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-16 11:33 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-16 11:33 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-16 11:33 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-16 11:30 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-16 11:30 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-16 11:30 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-16 11:30 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-16 11:30 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-16 11:30 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-16 11:30 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-16 11:30 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-16 11:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-16 11:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-16 11:29 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-16 11:29 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-16 11:29 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-16 11:29 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-16 11:29 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-16 11:29 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-16 11:28 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-16 11:28 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-16 11:28 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-16 11:28 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-16 11:28 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-16 11:28 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-16 11:28 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-16 11:28 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-16 11:28 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-16 11:28 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-16 11:26 - 2014-02-16 11:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-16 11:21 - 2014-01-16 00:13 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433467.dll
2014-02-16 11:21 - 2014-01-16 00:13 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433467.dll

==================== One Month Modified Files and Folders =======

2014-03-17 18:57 - 2014-03-16 23:05 - 00019456 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-03-17 18:57 - 2014-03-16 20:53 - 00000000 ____D () C:\FRST
2014-03-17 18:56 - 2013-05-13 20:21 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994830636-2804794430-2304076529-1001
2014-03-17 18:55 - 2013-11-04 18:45 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1A66557B-D5EB-47B3-98D0-C87D0B057751}
2014-03-17 18:54 - 2013-09-30 05:14 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-17 18:54 - 2013-09-30 04:56 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-17 18:54 - 2013-09-30 04:56 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-17 18:51 - 2014-03-14 17:28 - 01469085 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-17 18:51 - 2013-05-13 20:25 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-17 18:50 - 2013-10-29 16:49 - 00000000 __RDO () C:\Users\Mark\SkyDrive
2014-03-17 18:50 - 2013-05-13 20:24 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 18:49 - 2014-03-14 18:34 - 00493902 _____ () C:\WINDOWS\PFRO.log
2014-03-17 18:49 - 2013-10-29 14:42 - 00000000 ____D () C:\Users\Mark
2014-03-17 18:49 - 2013-10-29 14:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-17 18:49 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-17 18:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-17 18:34 - 2014-03-17 18:34 - 00028434 _____ () C:\Users\Mark\Desktop\Addition.txt
2014-03-17 18:31 - 2013-09-19 19:47 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-17 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-17 17:49 - 2013-05-13 20:24 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 16:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-17 16:08 - 2014-03-17 16:08 - 00092162 _____ () C:\Users\Mark\Desktop\wdwdqqw.odt
2014-03-17 16:08 - 2013-05-26 20:15 - 00551936 ___SH () C:\Users\Mark\Desktop\Thumbs.db
2014-03-17 15:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-17 12:52 - 2014-03-17 12:52 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-17 12:52 - 2014-03-17 12:52 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-17 12:52 - 2014-03-17 12:52 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-17 12:52 - 2014-03-17 12:52 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-17 12:52 - 2014-03-17 12:52 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\AVAST Software
2014-03-17 12:52 - 2014-03-17 12:52 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-17 12:50 - 2014-03-17 12:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-17 12:49 - 2014-03-17 12:43 - 90578216 _____ (AVAST Software) C:\Users\Mark\Desktop\avast_free_antivirus_setup_9.0.2013.exe
2014-03-17 12:48 - 2014-03-17 12:47 - 00000000 ____D () C:\Users\Mark\Desktop\deskt
2014-03-17 01:39 - 2014-03-17 01:39 - 00000000 ____D () C:\Users\Mark\AppData\Local\Macromedia
2014-03-17 01:38 - 2014-03-17 01:38 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Users\Mark\AppData\Local\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-17 01:38 - 2014-03-17 01:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-17 01:38 - 2014-03-13 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-17 01:29 - 2014-03-14 17:20 - 00000880 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-17 01:29 - 2013-06-08 22:02 - 00001013 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-16 23:04 - 2014-03-16 23:04 - 02157056 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-03-16 22:59 - 2014-03-16 22:59 - 00000906 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-03-16 22:55 - 2014-03-16 22:55 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-16 22:52 - 2014-03-16 22:50 - 00000000 ____D () C:\AdwCleaner
2014-03-16 22:43 - 2014-03-16 22:43 - 01950720 _____ () C:\Users\Mark\Desktop\adwcleaner.exe
2014-03-16 22:43 - 2014-03-16 22:43 - 01037734 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-03-16 22:39 - 2014-03-16 22:24 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-16 22:35 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-16 22:35 - 2014-03-16 22:24 - 00000000 ____D () C:\Users\Mark\Desktop\mbar
2014-03-16 22:23 - 2014-03-16 22:22 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mark\Desktop\mbar-1.07.0.1009.exe
2014-03-16 21:16 - 2014-03-16 21:15 - 05190279 _____ (Swearware) C:\Users\Mark\Downloads\ComboFix.exe
2014-03-16 21:12 - 2012-12-22 10:44 - 00000000 ____D () C:\ProgramData\Norton
2014-03-16 21:10 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-16 20:59 - 2014-03-16 20:59 - 00004204 _____ () C:\Users\Mark\Desktop\Ereignisse.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00068137 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-03-16 20:54 - 2014-03-16 20:54 - 00031536 _____ () C:\Users\Mark\Downloads\Addition.txt
2014-03-16 20:53 - 2014-03-16 20:53 - 02157056 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe
2014-03-16 20:52 - 2014-03-16 20:52 - 01145856 _____ (Farbar) C:\Users\Mark\Downloads\FRST.exe
2014-03-16 20:35 - 2014-03-16 20:35 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner_3.022.exe
2014-03-16 20:24 - 2014-03-16 20:24 - 01950720 _____ () C:\Users\Mark\Downloads\adwcleaner.exe
2014-03-16 20:04 - 2014-03-16 20:04 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 20:03 - 2014-03-16 20:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-16 20:03 - 2014-03-16 20:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 19:47 - 2014-03-11 20:38 - 00000348 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMark.job
2014-03-16 15:30 - 2014-03-16 15:30 - 00847848 _____ (Google Inc.) C:\Users\Mark\Downloads\ChromeSetup.exe
2014-03-16 15:30 - 2013-09-19 19:47 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-16 15:30 - 2013-06-07 20:49 - 00000000 ____D () C:\Users\Mark\AppData\Local\Adobe
2014-03-16 15:23 - 2014-03-16 15:23 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-16 15:12 - 2014-03-11 20:38 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMark
2014-03-16 12:57 - 2014-03-16 12:57 - 00000000 ____D () C:\Users\Mark\Downloads\Doom_CooldownPulse
2014-03-16 02:12 - 2013-07-12 21:45 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse.zip
2014-03-16 00:39 - 2014-03-16 00:39 - 00006731 _____ () C:\Users\Mark\Downloads\Doom_CooldownPulse (1).zip
2014-03-15 14:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-14 17:54 - 2013-05-28 22:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 17:50 - 2014-03-14 17:50 - 00003676 _____ () C:\WINDOWS\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-03-14 17:50 - 2014-03-14 17:42 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-14 17:50 - 2014-02-16 13:28 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-14 17:50 - 2014-02-16 13:27 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\hpqLog
2014-03-14 17:50 - 2013-05-20 20:20 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\HpUpdate
2014-03-14 17:46 - 2014-03-14 17:42 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\TuneUp Software
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Users\Mark\AppData\Local\Avg2014
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-14 17:40 - 2014-03-14 17:38 - 35955112 _____ (TuneUp Software) C:\Users\Mark\Downloads\TuneUpUtilities2014_de-DE.exe
2014-03-14 17:32 - 2013-08-22 15:44 - 00537376 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 17:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-14 17:21 - 2014-03-13 20:45 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-14 17:21 - 2013-10-29 14:36 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-14 17:21 - 2013-06-08 22:03 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\TS3Client
2014-03-14 17:20 - 2014-03-14 17:20 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-14 17:20 - 2014-03-14 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-14 17:19 - 2014-03-14 17:19 - 03690256 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup411_slim.exe
2014-03-14 11:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-13 12:40 - 2013-08-24 15:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-12 20:29 - 2014-03-12 20:29 - 00216513 _____ () C:\Users\Mark\Downloads\tMorph (6).zip
2014-03-12 20:29 - 2014-03-12 20:29 - 00000000 ____D () C:\Users\Mark\Desktop\tMorph (6)
2014-03-12 13:24 - 2013-12-12 20:48 - 00001103 _____ () C:\Users\Mark\Desktop\tmorph.txt
2014-03-12 12:15 - 2013-10-29 14:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-12 12:10 - 2013-10-30 17:28 - 00000000 ____D () C:\WINDOWS\Razer Core
2014-03-12 12:07 - 2013-05-13 20:33 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-03-11 11:13 - 2013-05-14 19:01 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-03-11 11:13 - 2013-05-14 19:01 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 15:35 - 2014-03-12 12:08 - 31474976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 25255256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 17755424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 15783992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 12708128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-12 12:08 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 03143456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 02958792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 02783008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 01516488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00877856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00863064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00846168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-12 12:08 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 18302384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 14709720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 03093280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 02715264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 00947808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-03-04 15:35 - 2013-10-22 21:44 - 00024544 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-03-04 15:35 - 2012-12-22 10:25 - 00062408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-03-04 15:35 - 2012-12-22 10:25 - 00054216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-03-04 14:06 - 2013-10-29 14:38 - 06714312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-03-04 14:06 - 2013-10-29 14:38 - 03497816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-10-29 14:38 - 03649185 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-03-04 14:05 - 2013-10-29 14:38 - 02558808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-03-04 14:05 - 2013-10-29 14:38 - 00922968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-03-04 14:05 - 2013-10-29 14:38 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-03-04 14:05 - 2013-10-29 14:38 - 00064968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-12 12:15 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-03-03 20:22 - 2014-03-03 20:22 - 00215663 _____ () C:\Users\Mark\Downloads\tMorph (5).zip
2014-03-01 07:05 - 2014-03-14 11:43 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-14 11:42 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-14 11:43 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-14 11:42 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-14 11:42 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-14 11:42 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-14 11:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-14 11:42 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-14 11:42 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-14 11:42 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 04:03 - 2014-03-14 11:42 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-14 11:42 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-14 11:42 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-14 11:42 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-14 11:42 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-14 11:42 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-14 11:42 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-25 11:29 - 2012-12-22 10:30 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-22 22:30 - 2013-05-13 20:14 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-22 22:30 - 2013-05-13 20:14 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-22 22:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-22 22:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-22 22:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-21 07:04 - 2013-10-30 17:29 - 00129472 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\RzDxgk.sys
2014-02-21 07:04 - 2013-10-30 17:29 - 00074432 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\RzFilter.sys
2014-02-20 21:44 - 2014-02-20 21:44 - 00215661 _____ () C:\Users\Mark\Downloads\tMorph (4).zip
2014-02-19 23:30 - 2014-02-19 23:30 - 00215659 _____ () C:\Users\Mark\Downloads\tMorph (3).zip
2014-02-18 14:42 - 2013-07-27 13:44 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-18 14:41 - 2013-05-13 22:13 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-16 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-16 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-16 21:44 - 2013-05-13 20:24 - 00004098 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 21:44 - 2013-05-13 20:24 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 17:51 - 2013-07-30 19:37 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2014-02-16 13:29 - 2014-02-16 13:29 - 00002239 _____ () C:\Users\Mark\Desktop\HP Support Assistant.lnk
2014-02-16 13:29 - 2012-12-22 10:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-02-16 13:29 - 2012-12-22 10:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 13:28 - 2012-12-22 10:29 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-16 13:27 - 2012-08-02 04:15 - 00000000 ____D () C:\SWSETUP
2014-02-16 11:26 - 2014-02-16 11:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\avgnt.exe
C:\Users\Mark\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-14 11:42] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-17 16:23

==================== End Of Log ============================
--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Mark at 2014-03-17 18:57:29
Running from C:\Users\Mark\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DS-Timer Version 1.0.0.0 (HKLM-x32\...\{C93F8F79-128F-483E-93D9-A7744F8A66BD}_is1) (Version: 1.7.0.8 - Niondir)
Free YouTube to MP3 Converter version 3.12.13.925 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.13.925 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Opera Stable 20.0.1387.77 (HKLM-x32\...\Opera 20.0.1387.77) (Version: 20.0.1387.77 - Opera Software ASA)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.61 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Show-Password (HKLM-x32\...\fde2cbd1-816c-4b04-af69-e7f8e204b988) (Version:  - Show-Password LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
War Thunder Launcher 1.0.1.269 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
XSplit (HKLM-x32\...\{DAA18A0D-A57C-4611-B135-46EA06990E7D}) (Version: 1.2.1303.0101 - SplitMediaLabs)

==================== Restore Points  =========================

16-03-2014 18:58:18 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2876F447-326F-47D2-82DD-81BB1C5D4EAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {40ACD962-894F-4E75-9B8C-6A264C76B663} - \Show-Password_wd No Task File
Task: {41C6F697-DF1D-439D-93F2-806979E76F15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {46BBEB70-89D4-4D62-9013-F0A1E3661FCD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-17] (AVAST Software)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {59423549-66A1-4477-94AF-EEACD63C433B} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E8DE363-9218-4B57-B964-A02A80AF98AC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-18] (Microsoft Corporation)
Task: {722457FB-B8F2-45AA-ABD3-66B58FBD397A} - System32\Tasks\HPCeeScheduleForMark => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B95774F-503F-4BA3-B81A-AB14E17D45B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {7BFB9AA0-6D69-4177-81F3-45F0FD70AE5B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {7DA1BB57-D7DC-4D6A-AE9A-8DDDF44FFFAF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {821DC8D4-91BF-4F10-A25A-268E416E85C1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {98381DF9-DF47-473B-A4E8-79E4A9D38DF8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {9E3A3BE3-35DA-4DB1-9251-BBA99748F87D} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B5C6651D-4387-4462-AFF2-A0D7EBD11D0B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {B9AC2727-EE75-4B1F-AB34-E096F27F9DBC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2D506BE-1FB6-4A8E-950D-D68E79976744} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FCC3B72B-9C01-419D-A733-AD23358811D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: {FFD56986-6911-4E1A-AF42-18C8816CDE43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMark.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-10-29 14:38 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-29 13:14 - 2013-08-23 14:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-05-29 13:14 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-05-29 13:14 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-12-18 10:01 - 2013-12-18 10:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-03-13 12:40 - 2014-03-12 12:40 - 01380192 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\opera_crashreporter.exe
2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-10-29 16:35 - 2013-10-29 16:35 - 00120224 _____ () C:\Users\Mark\AppData\Local\assembly\dl3\L8VLBJ07.VKN\RJ6AQOG3.0N5\ccb8cacf\0017145d_cd85cd01\HPItunesModule.DLL
2014-03-17 12:57 - 2014-03-17 10:20 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14031700\algo.dll
2014-03-13 12:40 - 2014-03-12 12:40 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\libglesv2.dll
2014-03-13 12:40 - 2014-03-12 12:40 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\libegl.dll
2014-03-13 12:40 - 2014-03-12 12:40 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.77\ffmpegsumo.dll
2014-03-17 12:52 - 2014-03-17 12:52 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-22 10:31 - 2012-07-18 09:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Mark\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2014 04:49:41 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073422302

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/17/2014 06:52:03 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (03/17/2014 06:51:58 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (03/17/2014 04:14:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde nicht richtig gestartet.

Error: (03/17/2014 04:12:39 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (03/17/2014 04:12:33 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (03/17/2014 04:08:29 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:29 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 04:08:28 PM) (Source: DCOM) (User: SCHNUFFEL)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (03/17/2014 04:49:41 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073422302

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5578

Error: (03/17/2014 03:52:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4469

Error: (03/17/2014 03:52:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3359

Error: (03/17/2014 03:52:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8147.36 MB
Available physical RAM: 6192.43 MB
Total Pagefile: 16339.36 MB
Available Pagefile: 14148.08 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1849.99 GB) (Free:1720.17 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 346C34DE)

Partition: GPT Partition Type.

==================== End Of Log ============================

cosinus 17.03.2014 19:02
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


nannju 17.03.2014 20:48
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.17.07

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
Mark :: SCHNUFFEL [Administrator]

Schutz: Aktiviert

17.03.2014 19:06:26
mbam-log-2014-03-17 (19-06-26).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 233954
Laufzeit: 2 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a3adedaf6ca4a542ae43b357f25b3d2c
# engine=17480
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-17 07:34:57
# local_time=2014-03-17 08:34:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 71 74 31355 31360 0 0
# compatibility_mode=5893 16776574 100 94 80481 12401194 0 0
# scanned=212857
# found=0
# cleaned=0
# scan_time=4624

cosinus 17.03.2014 20:55
TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:01 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131