Achja, hier:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by user (administrator) on STANS-PC on 03-06-2014 17:09:48
Running from C:\Users\user\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\spotify.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3019376 2011-02-22] (VIA)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2012-01-08] (FNet Co., Ltd.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-10] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-10] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files (x86)\brother\controlcenter3\brctrcensrv.exe, [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2406318905-1240849825-252203313-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-2406318905-1240849825-252203313-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2406318905-1240849825-252203313-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-09-29] ()
HKU\S-1-5-21-2406318905-1240849825-252203313-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2406318905-1240849825-252203313-1000\...\Run: [Spotify] => C:\Users\user\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-2406318905-1240849825-252203313-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2014-06-02] () <==== ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB4A034104DDECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {4CA0C149-4213-4B04-B3CA-76141F79093B} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {6EC98539-C975-41B0-8D84-967EBD599058} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline-browser_toolbar3_search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {A31EAB68-FEA5-4C79-903F-9CB11BCA86E9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKCU - No Name - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\4102exwr.default
FF NewTab: chrome://quick_start/content/index.html
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.2.1 - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\user\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\user\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\4102exwr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-10]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\4102exwr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-06]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\user\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx []
CHR HKLM-x32\...\Chrome\Extension: [neibkbfmjpkenkbjpajgfkedjaehefnc] - C:\ProgramData\DownloadnSave\neibkbfmjpkenkbjpajgfkedjaehefnc.crx []
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\user\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx []
CHR StartMenuInternet: Google Chrome - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-31] (AVAST Software)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2404864 2011-03-24] (Deutsche Telekom AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-02-17] (VIA Technologies, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S2 Mikogo-Service; C:\Users\user\AppData\Roaming\Mikogo\Mikogo-Service.exe [X]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-31] ()
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2012-01-08] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-01-08] (FNet Co., Ltd.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-03 16:45 - 2014-06-03 16:45 - 00000000 ____D () C:\Users\user\Desktop\FRST-OlderVersion
2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-03 16:41 - 2014-06-03 16:41 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-03 16:41 - 2014-06-03 16:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-03 16:41 - 2014-06-03 16:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-03 16:41 - 2014-06-03 16:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-03 16:39 - 2014-06-03 16:39 - 00918952 _____ (Oracle Corporation) C:\Users\user\Downloads\chromeinstall-7u60.exe
2014-06-03 16:37 - 2014-06-03 16:37 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-03 16:36 - 2014-06-03 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 16:34 - 2014-06-03 16:34 - 00004026 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1375122614
2014-06-03 16:23 - 2014-06-03 16:24 - 00000000 ____D () C:\Users\user\Desktop\revouninstaller-portable
2014-06-03 16:18 - 2014-06-03 16:18 - 00000000 ____D () C:\ProgramData\Sun
2014-06-03 16:16 - 2014-06-03 16:16 - 03007700 _____ () C:\Users\user\Downloads\revouninstaller.zip
2014-06-03 13:24 - 2014-06-03 13:24 - 00004065 _____ () C:\Windows\collectionCache.bnk
2014-06-02 22:55 - 2014-06-02 22:55 - 00004065 _____ () C:\Windows\SysWOW64\collectionCache.bnk
2014-06-02 21:38 - 2014-06-02 21:38 - 00000132 _____ () C:\Users\user\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-06-02 15:46 - 2014-06-02 15:46 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe
2014-06-02 09:01 - 2014-06-02 09:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 09:01 - 2014-06-02 09:01 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 09:01 - 2014-06-02 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 09:01 - 2014-06-02 09:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 09:01 - 2014-06-02 09:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 09:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-02 09:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-02 09:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-02 08:59 - 2014-06-02 09:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-02 08:21 - 2014-06-02 08:21 - 00049703 _____ () C:\ComboFix.txt
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.007\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.006\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.005\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.004\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.003\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.002\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.001\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.000\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-02 08:04 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-02 08:04 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-02 08:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-02 08:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-02 08:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-02 08:04 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-02 08:04 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-02 08:04 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-02 08:03 - 2014-06-02 08:22 - 00000000 ____D () C:\Qoobox
2014-06-02 08:03 - 2014-06-02 08:20 - 00000000 ____D () C:\Windows\erdnt
2014-06-02 08:01 - 2014-06-02 08:01 - 05203398 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2014-06-02 08:00 - 2014-06-02 08:01 - 05203398 _____ (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-06-01 21:14 - 2014-06-03 17:09 - 00020446 _____ () C:\Users\user\Desktop\FRST.txt
2014-06-01 21:14 - 2014-06-01 21:15 - 00040504 _____ () C:\Users\user\Desktop\Addition.txt
2014-06-01 21:13 - 2014-06-03 17:09 - 00000000 ____D () C:\FRST
2014-06-01 21:11 - 2014-06-03 16:45 - 02068992 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2014-06-01 19:59 - 2014-06-01 19:59 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 19:59 - 2014-06-01 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-01 19:59 - 2014-06-01 19:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 18:07 - 2014-06-01 18:07 - 00002928 _____ () C:\Windows\System32\Tasks\{44DD2D46-375A-499B-8A4E-B6B9A604D303}
2014-05-31 19:22 - 2014-05-31 19:22 - 00003132 _____ () C:\Windows\System32\Tasks\{D6D44D57-77E6-4CEB-9E24-C0BFC2337A46}
2014-05-31 11:49 - 2014-05-31 11:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\AVAST Software
2014-05-31 11:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-31 11:40 - 2014-05-31 11:43 - 00000000 ____D () C:\AdwCleaner
2014-05-31 11:36 - 2014-05-31 12:07 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-31 11:36 - 2014-05-31 11:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-31 11:36 - 2014-05-31 11:36 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-29 17:31 - 2014-05-29 17:31 - 00000000 _____ () C:\dfu.log
2014-05-27 13:48 - 2014-06-03 13:16 - 895717872 _____ () C:\Windows\MEMORY.DMP
2014-05-27 12:49 - 2014-06-02 08:16 - 00000000 ____D () C:\Users\Public\Documents\MSDCSC
2014-05-24 03:11 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32_backup_wti.dll
2014-05-24 03:11 - 2011-07-05 04:00 - 01857536 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame_backup_wti.dll
2014-05-24 03:11 - 2010-11-20 15:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr_backup_wti.dll
2014-05-24 02:24 - 2014-05-24 02:24 - 00000000 ____D () C:\Users\user\AppData\Local\mfbot.de
2014-05-23 20:09 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.006
2014-05-23 20:09 - 2014-05-23 20:09 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.007
2014-05-23 20:09 - 2013-12-14 02:23 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.007\AppData\Local\Google
2014-05-23 19:29 - 2014-05-23 19:29 - 00558464 _____ () C:\Windows\Minidump\052314-41823-01.dmp
2014-05-23 19:20 - 2014-05-23 19:20 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.005
2014-05-20 21:16 - 2014-05-20 21:17 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-18 02:45 - 2014-05-18 02:35 - 00000000 ____D () C:\images_gui
2014-05-18 01:43 - 2014-05-18 01:43 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.004
2014-05-18 01:43 - 2013-12-14 02:23 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.004\AppData\Local\Google
2014-05-18 01:42 - 2014-05-18 01:42 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.003
2014-05-17 23:03 - 2014-05-17 23:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft Corporation
2014-05-17 13:08 - 2013-04-30 19:18 - 00014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2014-05-17 12:01 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 12:01 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 12:01 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 12:01 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 12:01 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 12:01 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 23:46 - 2014-06-01 19:14 - 00000000 ____D () C:\Users\user\Documents\Visual Studio 2010
2014-05-15 23:46 - 2014-05-19 00:37 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2014-05-15 13:04 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 13:04 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 13:03 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 13:03 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 13:03 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 13:03 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 13:03 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 13:03 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 13:03 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 13:03 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 13:03 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 13:03 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 13:03 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 13:03 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 13:03 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 13:03 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 13:03 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 13:03 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 13:03 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 13:03 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 13:03 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 13:03 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 13:03 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 13:03 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 13:03 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 13:03 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 13:03 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 13:03 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 13:03 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 13:03 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 13:03 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 13:03 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 23:29 - 2014-05-13 23:29 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-06 16:02 - 2014-05-06 16:02 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 ____D () C:\Users\Administrator
2014-05-06 16:02 - 2014-05-03 22:04 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-06 16:02 - 2013-12-14 02:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-06 16:02 - 2013-10-09 00:20 - 00000000 ____D () C:\Users\Administrator\Documents\Visual Studio 2010
2014-05-06 16:02 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-06 16:02 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-04 12:24 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-04 12:18 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-04 12:18 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-04 12:18 - 2014-03-04 16:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-05-04 12:18 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-05-04 12:18 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-05-04 12:11 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-04 12:11 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
==================== One Month Modified Files and Folders =======
2014-06-03 17:09 - 2014-06-01 21:14 - 00020446 _____ () C:\Users\user\Desktop\FRST.txt
2014-06-03 17:09 - 2014-06-01 21:13 - 00000000 ____D () C:\FRST
2014-06-03 17:09 - 2012-01-08 00:36 - 00000000 ____D () C:\Users\user\AppData\Local\Temp
2014-06-03 17:03 - 2012-06-03 19:56 - 00000000 ____D () C:\Users\user\AppData\Roaming\Spotify
2014-06-03 16:48 - 2012-01-16 14:09 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype
2014-06-03 16:45 - 2014-06-03 16:45 - 00000000 ____D () C:\Users\user\Desktop\FRST-OlderVersion
2014-06-03 16:45 - 2014-06-01 21:11 - 02068992 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-03 16:44 - 2012-01-16 15:24 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000UA.job
2014-06-03 16:41 - 2014-06-03 16:41 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-03 16:41 - 2014-06-03 16:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-03 16:41 - 2014-06-03 16:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-03 16:41 - 2014-06-03 16:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-03 16:39 - 2014-06-03 16:39 - 00918952 _____ (Oracle Corporation) C:\Users\user\Downloads\chromeinstall-7u60.exe
2014-06-03 16:37 - 2014-06-03 16:37 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-03 16:37 - 2014-06-03 16:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 16:37 - 2013-10-04 22:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-03 16:34 - 2014-06-03 16:34 - 00004026 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1375122614
2014-06-03 16:34 - 2013-07-29 20:30 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-03 16:34 - 2012-03-05 19:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-03 16:28 - 2012-06-14 22:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-03 16:24 - 2014-06-03 16:23 - 00000000 ____D () C:\Users\user\Desktop\revouninstaller-portable
2014-06-03 16:23 - 2013-04-24 21:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-03 16:22 - 2012-01-21 16:58 - 00000000 ____D () C:\Program Files\Java
2014-06-03 16:20 - 2012-01-30 01:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-03 16:18 - 2014-06-03 16:18 - 00000000 ____D () C:\ProgramData\Sun
2014-06-03 16:16 - 2014-06-03 16:16 - 03007700 _____ () C:\Users\user\Downloads\revouninstaller.zip
2014-06-03 16:09 - 2012-01-08 00:38 - 01154883 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 16:09 - 2009-07-14 06:51 - 00151603 _____ () C:\Windows\setupact.log
2014-06-03 13:34 - 2012-03-05 19:21 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-03 13:24 - 2014-06-03 13:24 - 00004065 _____ () C:\Windows\collectionCache.bnk
2014-06-03 13:22 - 2012-10-06 23:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-03 13:22 - 2012-06-03 19:57 - 00000000 ____D () C:\Users\user\AppData\Local\Spotify
2014-06-03 13:20 - 2012-03-02 21:25 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-03 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-06-03 13:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 13:16 - 2014-05-27 13:48 - 895717872 _____ () C:\Windows\MEMORY.DMP
2014-06-03 13:16 - 2013-06-07 21:53 - 00000000 ____D () C:\Windows\Minidump
2014-06-03 13:16 - 2012-01-08 01:00 - 00000000 ___HD () C:\ProgramData\NVIDIA
2014-06-03 13:15 - 2012-01-12 14:38 - 01790486 _____ () C:\Windows\PFRO.log
2014-06-02 23:44 - 2012-01-16 15:24 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000Core.job
2014-06-02 22:55 - 2014-06-02 22:55 - 00004065 _____ () C:\Windows\SysWOW64\collectionCache.bnk
2014-06-02 22:30 - 2009-07-14 19:58 - 00833144 _____ () C:\Windows\system32\perfh007.dat
2014-06-02 22:30 - 2009-07-14 19:58 - 00200788 _____ () C:\Windows\system32\perfc007.dat
2014-06-02 22:30 - 2009-07-14 07:13 - 01962462 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 21:38 - 2014-06-02 21:38 - 00000132 _____ () C:\Users\user\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-06-02 21:38 - 2012-01-26 14:48 - 88251904 ___SH () C:\Users\user\Desktop\Thumbs.db
2014-06-02 15:50 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 15:50 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 15:46 - 2014-06-02 15:46 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe
2014-06-02 13:34 - 2013-04-25 22:33 - 00925184 _____ () C:\Windows\expstart.exe
2014-06-02 13:33 - 2012-09-11 22:32 - 00000000 ____D () C:\Users\user\AppData\Local\Apps\2.0
2014-06-02 09:27 - 2014-02-25 16:22 - 00000000 ___HD () C:\ProgramData\YTD Video Downloader
2014-06-02 09:27 - 2013-06-28 23:08 - 00000000 ____D () C:\Windows\SysWOW64\DCSCMIN
2014-06-02 09:04 - 2014-06-02 09:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 09:01 - 2014-06-02 09:01 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 09:01 - 2014-06-02 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 09:01 - 2014-06-02 09:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 09:01 - 2014-06-02 09:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 09:00 - 2014-06-02 08:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-02 08:22 - 2014-06-02 08:03 - 00000000 ____D () C:\Qoobox
2014-06-02 08:21 - 2014-06-02 08:21 - 00049703 _____ () C:\ComboFix.txt
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.007\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.006\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.005\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.004\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.003\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.002\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.001\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.000\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-02 08:21 - 2014-05-23 20:09 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.006
2014-06-02 08:20 - 2014-06-02 08:03 - 00000000 ____D () C:\Windows\erdnt
2014-06-02 08:19 - 2009-07-14 04:34 - 00000312 _____ () C:\Windows\system.ini
2014-06-02 08:16 - 2014-05-27 12:49 - 00000000 ____D () C:\Users\Public\Documents\MSDCSC
2014-06-02 08:16 - 2013-05-16 12:45 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 08:16 - 2012-01-20 20:51 - 00000000 __SHD () C:\Users\user\Documents\MSDCSC
2014-06-02 08:01 - 2014-06-02 08:01 - 05203398 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2014-06-02 08:01 - 2014-06-02 08:00 - 05203398 _____ (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-06-01 21:15 - 2014-06-01 21:14 - 00040504 _____ () C:\Users\user\Desktop\Addition.txt
2014-06-01 19:59 - 2014-06-01 19:59 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 19:59 - 2014-06-01 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-01 19:59 - 2014-06-01 19:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 19:55 - 2014-04-29 13:26 - 00000000 ____D () C:\Users\user\AppData\Roaming\WTablet
2014-06-01 19:14 - 2014-05-15 23:46 - 00000000 ____D () C:\Users\user\Documents\Visual Studio 2010
2014-06-01 18:50 - 2014-04-25 22:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-01 18:07 - 2014-06-01 18:07 - 00002928 _____ () C:\Windows\System32\Tasks\{44DD2D46-375A-499B-8A4E-B6B9A604D303}
2014-06-01 17:57 - 2013-10-07 20:57 - 00000000 ___RD () C:\Users\user\Desktop\GTA Mods
2014-06-01 17:54 - 2012-02-24 17:38 - 00000000 ___RD () C:\Users\user\Desktop\Stuff
2014-06-01 17:02 - 2013-08-08 14:19 - 00000000 ____D () C:\Users\user\Documents\GTA San Andreas User Files
2014-05-31 20:08 - 2013-01-04 19:42 - 00000000 ____D () C:\Users\user\AppData\Local\Mato_Technologies
2014-05-31 19:22 - 2014-05-31 19:22 - 00003132 _____ () C:\Windows\System32\Tasks\{D6D44D57-77E6-4CEB-9E24-C0BFC2337A46}
2014-05-31 16:02 - 2012-10-28 23:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-05-31 12:22 - 2012-02-26 00:07 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-05-31 12:07 - 2014-05-31 11:36 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-31 12:07 - 2012-10-06 23:11 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-31 12:07 - 2012-10-06 23:11 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-31 11:49 - 2014-05-31 11:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\AVAST Software
2014-05-31 11:43 - 2014-05-31 11:40 - 00000000 ____D () C:\AdwCleaner
2014-05-31 11:36 - 2014-05-31 11:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-31 11:36 - 2014-05-31 11:36 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-31 11:36 - 2013-03-10 17:07 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-31 11:36 - 2013-03-10 17:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-31 11:36 - 2012-10-06 23:11 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401530828817
2014-05-31 11:36 - 2012-10-06 23:11 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401530828817
2014-05-31 11:36 - 2012-10-06 23:11 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-31 11:36 - 2012-10-06 23:10 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-31 11:36 - 2012-10-06 23:10 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-31 11:31 - 2012-10-06 23:10 - 00000000 ___HD () C:\ProgramData\AVAST Software
2014-05-31 11:30 - 2012-10-06 23:10 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-05-31 11:27 - 2012-09-11 22:32 - 00000000 ____D () C:\Users\user\AppData\Local\Deployment
2014-05-31 10:08 - 2012-01-19 14:36 - 00000000 ____D () C:\Users\user\AppData\Roaming\DVDVideoSoft
2014-05-29 17:31 - 2014-05-29 17:31 - 00000000 _____ () C:\dfu.log
2014-05-29 16:56 - 2013-09-11 22:23 - 00000000 ____D () C:\Users\user\AppData\Local\fabi.me
2014-05-29 13:22 - 2013-09-25 16:27 - 00000000 ____D () C:\Users\user\Documents\Bewerbungszeug
2014-05-27 14:05 - 2012-02-24 17:59 - 00000000 ___HD () C:\ProgramData\MTA San Andreas All
2014-05-26 21:40 - 2013-04-11 13:37 - 00014336 ___SH () C:\Users\user\AppData\Roaming\Thumbs.db
2014-05-26 21:00 - 2013-03-01 16:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-26 21:00 - 2012-01-16 14:09 - 00000000 ___HD () C:\ProgramData\Skype
2014-05-24 03:11 - 2013-04-25 22:40 - 01566616 _____ () C:\Windows\UTP.exe
2014-05-24 02:24 - 2014-05-24 02:24 - 00000000 ____D () C:\Users\user\AppData\Local\mfbot.de
2014-05-23 20:09 - 2014-05-23 20:09 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.007
2014-05-23 19:29 - 2014-05-23 19:29 - 00558464 _____ () C:\Windows\Minidump\052314-41823-01.dmp
2014-05-23 19:20 - 2014-05-23 19:20 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.005
2014-05-22 22:48 - 2013-01-04 02:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\TS3Client
2014-05-20 21:17 - 2014-05-20 21:16 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-19 15:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 00:37 - 2014-05-15 23:46 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2014-05-18 02:35 - 2014-05-18 02:45 - 00000000 ____D () C:\images_gui
2014-05-18 01:43 - 2014-05-18 01:43 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.004
2014-05-18 01:42 - 2014-05-18 01:42 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.003
2014-05-18 00:12 - 2012-09-28 22:47 - 00000000 ___RD () C:\Users\user\Desktop\GFX Stuff
2014-05-17 23:03 - 2014-05-17 23:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft Corporation
2014-05-17 21:56 - 2013-10-08 00:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-05-17 18:56 - 2013-08-21 20:33 - 00000000 ____D () C:\Users\user\minecraft
2014-05-17 13:20 - 2012-01-08 00:37 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 13:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-17 11:58 - 2013-08-15 13:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 11:56 - 2009-10-14 07:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-14 14:38 - 2012-06-16 17:28 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-05-13 23:29 - 2014-05-13 23:29 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-13 23:29 - 2012-06-14 22:33 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 23:29 - 2012-06-14 22:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 23:29 - 2012-01-16 14:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 07:26 - 2014-06-02 09:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-02 09:01 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-02 09:01 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 10:26 - 2013-12-22 21:43 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-05-07 13:29 - 2012-03-05 19:21 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 13:29 - 2012-03-05 19:21 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 16:02 - 2014-05-06 16:02 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA
2014-05-06 16:02 - 2014-05-06 16:02 - 00000000 ____D () C:\Users\Administrator
2014-05-06 06:40 - 2014-05-17 12:01 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-17 12:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-17 12:01 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-17 12:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-17 12:01 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-17 12:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 23:39 - 2012-01-16 15:24 - 00004088 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000UA
2014-05-05 23:39 - 2012-01-16 15:24 - 00003692 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000Core
2014-05-04 12:25 - 2012-10-06 17:11 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-04 12:25 - 2012-01-08 01:00 - 00000000 ___HD () C:\ProgramData\NVIDIA Corporation
2014-05-04 12:25 - 2012-01-08 01:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-04 12:13 - 2014-04-07 01:46 - 00000000 ____D () C:\Users\user\AppData\Local\NVIDIA Corporation
ZeroAccess:
C:\Users\user\AppData\Local\{d07a4bff-1acc-ef4b-5437-0786ab909512}
C:\Users\user\AppData\Local\{d07a4bff-1acc-ef4b-5437-0786ab909512}\@
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe
[2012-01-16 15:08] - [2011-02-25 07:30] - 2616320 ____A (Microsoft Corporation) 697651F303443F98F7EC76D4DCAE6789
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-29 13:58
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by user at 2014-06-03 17:10:10
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock eXtreme Tuner v0.1.78 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Crosshair (HKCU\...\5b164957566923bc) (Version: 1.0.1.1 - Basti B)
DiRT2 (HKLM-x32\...\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}) (Version: 1.00.0000 - Codemasters)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gameforge Live 1.10.1 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.10.1 - Gameforge)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java(TM) SE Development Kit 7 Update 2 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual Basic 2008 Express Edition - DEU (HKLM-x32\...\Microsoft Visual Basic 2008 Express Edition - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Basic 2008 Express Edition - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
MP3jam 1.1.1.6 (HKLM-x32\...\MP3jam_is1) (Version: 1.1.1.6 - MP3jam)
MSDN Library for Microsoft Visual Studio 2008 Express Editions (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
MSDN Library für Microsoft Visual Studio 2008 Express Editions (HKLM-x32\...\MSDN Library for Microsoft Visual Studio 2008 Express Editions) (Version: - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.3.3 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.3 - Multi Theft Auto)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.061 - Deutsche Telekom AG)
Netzmanager (Version: 1.061 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
New Great Effects 1.6 Uninstall (HKLM-x32\...\New Great Effects 1.6 Uninstall) (Version: - )
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 22.0.1471.50 (HKCU\...\Opera 22.0.1471.50) (Version: 22.0.1471.50 - Opera Software ASA)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Radio (HKCU\...\e17cdb53303d6bd9) (Version: 1.0.0.18 - Microsoft)
Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version: - )
T-Online WLAN-Access Finder (HKLM-x32\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version: - )
Tools für Microsoft SQL Server 2005 Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.0.0 - Topaz Labs, LLC)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
Vegas Pro 10.0 (HKLM-x32\...\{6E0E4D61-11EC-11E0-B454-0013D3D69929}) (Version: 10.0.469 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 4.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XFastUsb (HKLM-x32\...\XFastUsb) (Version: - )
YTD Video Downloader 4.7.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.2 - GreenTree Applications SRL)
==================== Restore Points =========================
01-06-2014 17:00:12 Windows-Sicherung
03-06-2014 10:43:24 Windows Update
03-06-2014 14:17:33 Removed Java 7 Update 55
03-06-2014 14:18:33 Removed Java 7 Update 17 (64-bit)
03-06-2014 14:20:01 Removed Java(TM) 6 Update 33
03-06-2014 14:21:24 Removed Java(TM) 6 Update 39 (64-bit)
03-06-2014 14:26:13 Revo Uninstaller's restore point - Camtasia Studio 7
03-06-2014 14:41:08 Installed Java 7 Update 60
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-06-02 08:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {15DF1B55-64F5-4CE5-977B-A69E7F562DA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05] (Google Inc.)
Task: {263A08EF-E768-4BDE-BA6C-2BB0C29575AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05] (Google Inc.)
Task: {3950AADF-E2EB-4979-A1E3-200733FD5914} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3EA8CC69-B289-4A12-B22D-E5576524F962} - System32\Tasks\Opera scheduled Autoupdate 1375122614 => C:\Program Files (x86)\Opera\launcher.exe [2014-05-27] (Opera Software)
Task: {6EAA3458-E9F2-4975-9F9E-0AC679653234} - \Software Updater Ui No Task File <==== ATTENTION
Task: {703F8FAD-E525-41B8-A46A-39E4B715E26F} - System32\Tasks\{5785815B-F91D-4A1B-8C52-2EB9FDBB3691} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.114/de/abandoninstall?page=tsProgressBar
Task: {740E0DE0-0235-4EDD-A714-7A13A9F70C2A} - System32\Tasks\{44DD2D46-375A-499B-8A4E-B6B9A604D303} => C:\ProgramData\UserLayoutOne.exe
Task: {8278A5C6-8BA6-458E-ABE5-872BD0943B13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {93648F88-1D29-4690-8CB6-0CEC42D5E964} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16] (Google Inc.)
Task: {9EA15BC2-9C7D-4786-A1E1-7FB66A709D51} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-31] (AVAST Software)
Task: {CA461829-15E6-421E-9211-FB8F749455AB} - \Software Updater No Task File <==== ATTENTION
Task: {D5A03701-F1BD-4B0D-8431-66591B4D4EC3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16] (Google Inc.)
Task: {F1DF7BB2-0AF8-45EA-8CC7-42C1DE66404A} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {FB4078B5-96A1-40C0-88B4-7DE07D012F39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2406318905-1240849825-252203313-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-08 01:00 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-16 17:28 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2012-01-08 00:46 - 2011-02-22 08:03 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-01-08 00:46 - 2011-02-22 08:03 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-01-08 00:46 - 2011-02-22 08:03 - 00621168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-09-24 22:35 - 2014-05-15 17:54 - 00598072 _____ () C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-03 12:32 - 2014-06-03 12:32 - 02260480 _____ () C:\Program Files\AVAST Software\Avast\defs\14060300\algo.dll
2012-06-16 17:28 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2012-06-03 19:57 - 2014-05-15 17:54 - 36966968 _____ () C:\Users\user\AppData\Roaming\Spotify\Data\libcef.dll
2014-05-31 11:36 - 2014-05-31 11:36 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-24 22:35 - 2014-05-15 17:54 - 00886840 _____ () C:\Users\user\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 22:35 - 2014-05-15 17:54 - 00108600 _____ () C:\Users\user\AppData\Roaming\Spotify\Data\libegl.dll
2014-05-13 23:29 - 2014-05-13 23:29 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-05-21 19:59 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-21 19:59 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-21 19:59 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-21 19:59 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-21 19:59 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-21 19:59 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\user\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\user\AppData\Roaming:NT
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/03/2014 04:44:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/03/2014 04:41:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {9aed2fca-641f-48f1-ba62-2c7d8c8f77cb}
Error: (06/03/2014 04:27:08 PM) (Source: MsiInstaller) (EventID: 11721) (User: STANS-PC)
Description: Produkt: Camtasia Studio 7 -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: TSC_RemoveMediaLibrary, Pfad: C:\Program Files (x86)\TechSmith\Camtasia Studio 7\, Befehl: C:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe /uninstallliball
Error: (06/03/2014 04:26:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {6f8fc7cc-b871-4ef5-b71c-44633623d157}
Error: (06/03/2014 04:21:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 04:20:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 04:18:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 04:17:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 00:43:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {f87a7b15-75ec-445a-a579-cdf599157119}
Error: (06/02/2014 08:59:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (06/03/2014 01:17:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mikogo-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/03/2014 01:16:30 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa800f9714e0, 0xfffff8800f9d7e2c, 0xffffffffc000009a, 0x0000000000000004)C:\Windows\MEMORY.DMP
Error: (06/03/2014 01:16:30 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description:
Error: (06/03/2014 01:16:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.06.2014 um 13:15:05 unerwartet heruntergefahren.
Error: (06/03/2014 00:37:14 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (06/03/2014 00:32:11 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (06/03/2014 00:32:10 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (06/02/2014 10:27:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/02/2014 10:27:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/02/2014 10:27:49 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Microsoft Office Sessions:
=========================
Error: (06/03/2014 04:44:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_deu.exe
Error: (06/03/2014 04:41:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {9aed2fca-641f-48f1-ba62-2c7d8c8f77cb}
Error: (06/03/2014 04:27:08 PM) (Source: MsiInstaller) (EventID: 11721) (User: STANS-PC)
Description: Produkt: Camtasia Studio 7 -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: TSC_RemoveMediaLibrary, Pfad: C:\Program Files (x86)\TechSmith\Camtasia Studio 7\, Befehl: C:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe /uninstallliball (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (06/03/2014 04:26:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {6f8fc7cc-b871-4ef5-b71c-44633623d157}
Error: (06/03/2014 04:21:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 04:20:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 04:18:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 04:17:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {815de467-b22d-46ac-8b9e-00785a8fd16a}
Error: (06/03/2014 00:43:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {f87a7b15-75ec-445a-a579-cdf599157119}
Error: (06/02/2014 08:59:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
CodeIntegrity Errors:
===================================
Date: 2014-06-02 08:16:22.662
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-02 08:16:22.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 8174.75 MB
Available physical RAM: 5400.8 MB
Total Pagefile: 16347.67 MB
Available Pagefile: 12600.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:186.31 GB) (Free:40.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: FD86FD86)
Partition 1: (Active) - (Size=186 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
