Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Nach start von Arma 3 100% CPU auslastung. (https://www.trojaner-board.de/158586-start-arma-3-100-cpu-auslastung.html)

araton7811 11.09.2014 17:32
Nach start von Arma 3 100% CPU auslastung.
 
Guten Tag

Sobald ich das Spiel Arma 3 starte und auf Multiplayer klicke steigt die CPU auslastung extrem auf 100% und ein Kollege sagte mir das dies Wahrscheinlich an einem Virus liegt ich führe soeben einen Scan mit Kaspersky und mit Malewarebyte durch sobald diese fertig ist werde ich die ergebnisse beider Programme hier Posten.

Mein System:
Grafikkarte: GTX 780ti
Prozessor: I7 4770k
Arbeitsspeicher: 8GB
Festplatten: 120 GB Samsung SSD / 2TB HDD

Ich möchte hier noch anhängen das dies nur eine vermutung auf einen Virus ist es kann natürlich auch durch etwas anderes ausgelöst werden.
(Ich habe auch das spiel 2 mal neuinstalliert)

LG

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 11.09.2014
Scan Time: 18:10:32
Logfile: Malewarebyte.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.11.05
Rootkit Database: v2014.09.10.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: araton7811

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 308563
Time Elapsed: 8 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 10
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [3a271dcfa4d7d75fd7d4840218eaac54],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [3a271dcfa4d7d75fd7d4840218eaac54],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [223fa745df9c94a282f86e50e0224ab6],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, , [223fa745df9c94a282f86e50e0224ab6],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, , [a0c15a9296e51b1b3351e01e23dfb34d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [f26f3bb11a615fd7b0d3bf3f29d9ef11],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [cb966b8115665fd727fd7ee4c53fc040],
PUP.Optional.Ciuvo.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\ciuvo.com, , [540de6063d3e56e08a2f020821e227d9],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [bda4b53714671521dadecd3d897a12ee],
PUP.Optional.Linkury.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, , [fc659e4e2556da5c480523ddb74c6799],

Registry Values: 5
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [1a47a9435c1f1b1bdf30f90442c0966a]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [f071ab4165164ee8a06fd32a57ab2bd5]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, tugs, , [f26f3bb11a615fd7b0d3bf3f29d9ef11]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [83de529accafd66000e3040261a219e7]
PUP.Optional.Linkury.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, YahooTR, , [fc659e4e2556da5c480523ddb74c6799]

Registry Data: 8
PUP.Optional.HelperBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFunAR0Nhsv7-fgisZMo,&q={searchTerms}, Good: (Google), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFunAR0Nhsv7-fgisZMo,&q={searchTerms}),,[f8691ece56252e08d8195f9010f45ea2]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}, Good: (Google), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}),,[6af78f5df5860234559fcc23c4408a76]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, WebSearches, Good: (Google), Bad: (WebSearches),,[352c40ac37440630148e4ea1e61e37c9]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Search,, Good: (Google), Bad: (Search,),,[90d1608c433825117085a14e9e669769]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}, Good: (Google), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}),,[bda4f6f69fdced4922d14ba426de6c94]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}, Good: (Google), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}),,[0061717b90eb91a538beda1552b2fc04]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}, Good: (Google), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}),,[3f224f9d364520166d8adf109d6746ba]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-5743557-287084541-2253973346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}, Good: (Google), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJoeSZ1-4-gqkCqvvsgD6z8JWametzZOiVcf-yviy5HmqBCDFL4ZFXrpo-ben0NHrPGryRDy1osyYhYkfwkfhOS0-FB7wlarK0N5J_B0ISH3FjXp5kZxUQ47k55aHbZJtpfeFF6Xaq1Q9evbFu4uB3Wv7kvgwnm8h4Q,&q={searchTerms}),,[abb67775592249ed3ab89b54f90ba55b]

Folders: 1
PUP.Optional.SupTab.A, C:\Users\araton7811\AppData\Roaming\SupTab, , [2a3716d6e794b1854669628ac83ac739],

Files: 8
PUP.Optional.OpenCandy, C:\Users\araton7811\Downloads\free-mouse-auto-clicker-3-4-1-72651-de-setup.exe, , [75ecf3f9ec8f3600c46c2cf35fa628d8],
PUP.Optional.SmartBar, C:\Windows\Installer\MSID7A9.tmp, , [7fe274783348f93d3f0f56d8738dd030],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI29A.tmp-\Smartbar.Installer.CustomActions.dll, , [273a727a79023ef8400e8f9f31cf7789],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI607C.tmp-\Smartbar.Installer.CustomActions.dll, , [a4bd6d7f5f1c2214262852dca0608f71],
PUP.Optional.Superfish.A, C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [5c05f5f792e9fc3a6cfb9383748fd52b],
PUP.Optional.Superfish.A, C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [a6bbc4281566aa8ca9be75a12ed5c13f],
PUP.Optional.Websteroids.A, C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage, , [99c88963572441f58462e739f01324dc],
PUP.Optional.Websteroids.A, C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal, , [b1b02ac2c9b22016f9ed7aa65fa4867a],

Physical Sectors: 0
(No malicious items detected)


(end)

sunjojo 11.09.2014 17:44
Hallo araton7811, :hallo:

mein Name ist Jonas und ich werde dir bei deiner Bereinigung helfen. Diese kann mit viel Arbeit für dich verbunden sein. Bevor wir anfangen können, lies bitte die Bereinigungsregeln und Hinweise:
Regeln zum Ablauf der Bereinigung
  • Arbeite die Anleitungen und Schritte sorgfältig und nacheinander ab.
  • Wenn du etwas nicht verstehst oder du dir unsicher bist, frage nach und schildere das Problem, so gut es geht. Handle nicht auf eigene Faust.
    • Die Ausführung diverser Bereinigungsprogramme (mit Scripts aus anderen Threads) können dein Betriebssystem zerschießen!
  • Die Bereinigung eines Rechners in verschiedenen Foren zur selben Zeit ist verboten (Crossposting).
  • Installiere oder deinstalliere keine zusätzlichen Programme, lösche keine Dateien und führe nicht selbstständig Systemupdates durch.
  • Die Symptome können verschwunden sein, jedoch bedeutet das Verschwinden von äußeren Merkmalen einer Infektion nicht, dass du wieder clean bist.
    • Ich werde dir ein eindeutiges Clean geben, solange arbeite bitte mit.
Hinweis
  • Die von uns benutzten Programme erstellen meist ein Ergebnisprotokoll (Logfile genannt). Bitte füge alle von mir in einem Schritt geforderten Logfiles in einer Antwort/einem Post ein.
Wenn du alles gelesen hast, kann es losgehen. Bitte speichere alle Programme auf dem Desktop und führe sie von dort aus. :)



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Poste folgende Logfiles in deiner nächsten Antwort:
  • FRST.txt und Addition.txt

araton7811 11.09.2014 17:50

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by araton7811 (administrator) on ARATON7811-PC on 11-09-2014 18:48:24
Running from C:\Users\araton7811\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Perfect Privacy) C:\Program Files (x86)\PP OpenVPN Manager\OpenVPNManagerService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-06] (Microsoft Corporation)
HKU\S-1-5-21-5743557-287084541-2253973346-1000\...\Run: [GoogleChromeAutoLaunch_FD504906B21755984804A7F2FD69055E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-08-30] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396459246&from=tugs&uid=SamsungXSSDX840XEVOX120GB_S1D5NSBF218454X&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396459246&from=tugs&uid=SamsungXSSDX840XEVOX120GB_S1D5NSBF218454X&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 16 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Hosts: 127.0.0.1 activation.cloud.techsmith.com

FireFox:
========
FF ProfilePath: C:\Users\araton7811\AppData\Roaming\Mozilla\Firefox\Profiles\ocu9qkcb.default
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-28]

Chrome:
=======
CHR HomePage: Default -> FA3749F09B77B23CF1BE675F6CA5BB184EE3C87E591C7F8E7B32FB95BEB09C40
CHR DefaultSearchKeyword: Default -> 520D3D739074072D006A9BCDF1A32029ED86B3E62258BE922B39FD1F39093AF8
CHR DefaultSearchURL: Default -> 35C9D9E8FE87CD92049D264A8B85E3DB2158008F422BE4A5C47C8E8C2FF17430
CHR Profile: C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-18]
CHR Extension: (Google Drive) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (Kaspersky Protection) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-06-29]
CHR Extension: (YouTube) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-18]
CHR Extension: (Google-Suche) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-18]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-08-08]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-08-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-06-27]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-08-08]
CHR Extension: (Virtual Keyboard) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-08-08]
CHR Extension: (Google Wallet) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-18]
CHR Extension: (Google Mail) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-18]
CHR Extension: (Anti-Banner) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-08-08]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-20] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 OpenVPNManager; C:\Program Files (x86)\PP OpenVPN Manager\OpenVPNManagerService.exe [17408 2014-04-12] (Perfect Privacy) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-04-09] (The OpenVPN Project)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-13] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-05-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-11] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 HWiNFO32; \??\C:\Users\ARATON~1\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 18:48 - 2014-09-11 18:48 - 00025141 _____ () C:\Users\araton7811\Downloads\FRST.txt
2014-09-11 18:48 - 2014-09-11 18:48 - 00000000 ____D () C:\FRST
2014-09-11 18:47 - 2014-09-11 18:48 - 02105856 _____ (Farbar) C:\Users\araton7811\Downloads\FRST64.exe
2014-09-11 18:30 - 2014-09-11 18:30 - 00010617 _____ () C:\Users\araton7811\Desktop\Malewarebyte.txt
2014-09-11 18:09 - 2014-09-11 18:09 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 18:09 - 2014-09-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 18:08 - 2014-09-11 18:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\araton7811\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-11 16:27 - 2014-09-11 16:27 - 03722655 _____ () C:\Users\araton7811\Downloads\PredatoreMapPack5.zip
2014-09-11 16:27 - 2014-09-11 16:27 - 00345633 _____ () C:\Users\araton7811\Downloads\TournamentBadlands.zip
2014-09-11 16:24 - 2014-09-11 16:24 - 17896267 _____ () C:\Users\araton7811\Downloads\cnchq_cnc3_mappack_nr2.rar
2014-09-11 12:46 - 2014-09-11 12:52 - 25740608 _____ () C:\Users\araton7811\Downloads\ModAPI.zip
2014-09-07 15:25 - 2014-09-07 15:25 - 00000202 _____ () C:\Users\araton7811\Desktop\Arma 3.url
2014-09-07 11:52 - 2014-09-07 11:52 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-06 12:24 - 2014-09-06 12:24 - 00426925 _____ () C:\Users\araton7811\Downloads\ASIO4ALL_2_11_Deutsch.exe
2014-09-06 11:47 - 2014-09-11 18:05 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Arma 3
2014-09-06 11:47 - 2014-09-06 12:11 - 00000000 ____D () C:\Users\araton7811\Documents\Arma 3
2014-09-06 11:47 - 2014-09-06 11:47 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-09-06 09:58 - 2014-09-06 09:58 - 00032109 _____ () C:\Users\araton7811\Downloads\Icons.zip
2014-09-06 09:57 - 2014-09-06 09:58 - 09221118 _____ () C:\Users\araton7811\Downloads\Nextel.zip
2014-09-06 09:55 - 2014-09-06 09:55 - 00700849 _____ () C:\Users\araton7811\Downloads\Dark_orbit_Icon_pack.rar
2014-09-06 09:54 - 2014-09-06 09:54 - 00094828 _____ () C:\Users\araton7811\Downloads\file.rar
2014-09-06 09:54 - 2014-09-06 09:54 - 00008469 _____ () C:\Users\araton7811\Downloads\WO_Ranks.rar
2014-09-06 09:52 - 2014-09-06 09:52 - 00683198 _____ () C:\Users\araton7811\Downloads\arma3v2.02 (1).ts3_style
2014-09-06 09:51 - 2014-09-06 09:51 - 00683198 _____ () C:\Users\araton7811\Downloads\arma3v2.02.ts3_style
2014-09-06 09:35 - 2014-09-06 09:35 - 02782320 _____ (Beepa Pty Ltd) C:\Users\araton7811\Downloads\setup.exe
2014-09-06 09:35 - 2014-09-06 09:35 - 00000572 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-09-06 09:35 - 2014-09-06 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-09-06 05:43 - 2014-09-06 05:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Wargaming.net
2014-09-06 04:24 - 2014-09-06 04:24 - 00000000 _____ () C:\Windows\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤
2014-09-06 03:33 - 2014-09-06 03:33 - 05965584 _____ (Wargaming.net ) C:\Users\araton7811\Downloads\WoT_internet_install_eu.exe
2014-09-06 03:33 - 2014-09-06 03:33 - 00000769 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\Games
2014-09-06 00:23 - 2014-09-06 00:23 - 00258439 _____ () C:\Users\araton7811\Downloads\HD_Minecraft_Icons.rar
2014-09-06 00:23 - 2014-09-06 00:23 - 00106853 _____ () C:\Users\araton7811\Downloads\CF_Rank_Icon_Pack_Download_(2).zip
2014-09-06 00:22 - 2014-09-06 00:22 - 00435598 _____ () C:\Users\araton7811\Downloads\Clean_Letters_-_Blue.zip
2014-09-05 23:24 - 2014-09-05 23:24 - 02991513 _____ () C:\Users\araton7811\Downloads\EP Logo.ai
2014-09-05 23:08 - 2014-09-05 23:08 - 00940880 _____ () C:\Users\araton7811\ts3_recording_14_09_05_23_8_6.wav
2014-09-05 19:56 - 2014-09-05 19:57 - 28064163 _____ () C:\Users\araton7811\Downloads\Minecraft Let%27s Play %5BMineTime Surf%5D.mp4
2014-09-05 19:54 - 2014-09-05 19:54 - 13105632 _____ () C:\Users\araton7811\Downloads\Junge beim McDrive ohne Auto.mp4
2014-09-05 19:53 - 2014-09-05 19:54 - 28295534 _____ () C:\Users\araton7811\Downloads\BF4 Aimbot %26 Autoshoot Hack.mp4
2014-09-05 19:53 - 2014-09-05 19:53 - 14951474 _____ () C:\Users\araton7811\Downloads\TeamSpeak Server kostenlos %28leihen%29.mp4
2014-09-05 17:47 - 2014-09-05 17:47 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-05 17:47 - 2014-09-05 17:47 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-05 17:46 - 2014-09-05 17:46 - 00244400 _____ () C:\Users\araton7811\Downloads\Firefox Setup Stub 32.0.exe
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-04 14:04 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-09-02 22:02 - 2014-09-02 22:02 - 00000040 _____ () C:\Users\araton7811\Documents\adadadadadadada.txt
2014-09-02 21:38 - 2014-09-06 09:40 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Zero Hour Data
2014-09-02 21:38 - 2014-09-02 21:38 - 00000788 _____ () C:\Users\Public\Desktop\Command and Conquer Generals and Zero Hour.lnk
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Data
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Generals and Zero Hour
2014-08-31 18:14 - 2014-08-31 18:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-31 00:56 - 2014-08-31 00:56 - 00000202 _____ () C:\Users\araton7811\Desktop\Contagion.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\State of Decay.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\Deponia.url
2014-08-28 05:51 - 2014-08-28 05:51 - 00004430 _____ () C:\Users\araton7811\Downloads\{1558361} Hello there David! Thank you for emailing Mineplex Customer Support.  Please provide me w.html
2014-08-28 04:40 - 2014-08-28 04:40 - 00016850 _____ () C:\Users\araton7811\Documents\applic.odt
2014-08-28 00:52 - 2014-08-28 00:52 - 00000000 ____D () C:\Users\araton7811\AppData\Local\fabi.me
2014-08-28 00:51 - 2014-08-28 00:51 - 00094899 _____ () C:\Users\araton7811\Downloads\SpeedAutoClicker.zip
2014-08-28 00:51 - 2014-08-28 00:51 - 00000132 _____ () C:\Windows\wininit.ini
2014-08-27 19:49 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 19:49 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 19:49 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 21:35 - 2014-08-26 21:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Tiberium Wars
2014-08-26 21:32 - 2014-08-26 23:03 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2014-08-24 18:35 - 2014-08-24 18:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Kanes Wrath
2014-08-24 18:34 - 2014-08-24 18:34 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2014-08-24 01:46 - 2014-08-24 01:46 - 00000765 _____ () C:\Users\Public\Desktop\Command and Conquer 3 Tiberium Wars and Kane's Wrath.lnk
2014-08-24 01:46 - 2014-08-24 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 3 Tiberium Wars and Kane's Wrath
2014-08-23 23:08 - 2014-08-23 23:08 - 00000000 ____D () C:\Users\araton7811\Documents\PVZ Garden Warfare
2014-08-23 17:00 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 17:00 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 17:00 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 17:00 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 17:00 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 17:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 17:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 17:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 17:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 16:47 - 2014-08-20 16:47 - 00000000 ____D () C:\Users\araton7811\Documents\Respawn
2014-08-20 09:43 - 2014-08-20 09:43 - 00000646 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-08-20 09:43 - 2014-08-20 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2014-08-19 02:31 - 2014-08-19 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odin4Story
2014-08-19 00:10 - 2014-09-11 18:33 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn Hamachi
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-18 03:04 - 2013-11-20 19:36 - 05132656 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2014-08-18 03:03 - 2014-08-18 03:03 - 00000360 _____ () C:\Windows\DXError.log
2014-08-18 03:03 - 2014-08-18 03:03 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-08-18 03:02 - 2014-08-18 03:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00001178 _____ () C:\Users\araton7811\Desktop\4Story.lnk
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Program Files (x86)\Zemi Interactive
2014-08-18 02:31 - 2014-08-18 02:31 - 00000181 _____ () C:\console.log
2014-08-17 21:58 - 2014-08-17 21:58 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\Program Files\Java
2014-08-17 17:44 - 2014-08-17 17:44 - 00000017 _____ () C:\Users\araton7811\Documents\server.txt
2014-08-17 17:42 - 2014-08-17 17:42 - 02346942 _____ () C:\Users\araton7811\Desktop\TechnicLauncher.exe
2014-08-17 03:02 - 2014-08-17 03:02 - 00000000 ____D () C:\Windows\symbols
2014-08-17 03:01 - 2014-08-17 03:01 - 00000000 ____D () C:\ProgramData\VS
2014-08-15 15:17 - 2014-09-11 18:33 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2014-08-15 05:14 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 05:14 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 05:14 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 05:14 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 05:14 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 05:14 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 05:14 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 05:14 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-14 17:14 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 17:14 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 17:14 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 17:14 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 17:14 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 17:14 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 17:14 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 17:14 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 17:14 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 17:14 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 17:14 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 17:14 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 17:14 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 17:14 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 17:14 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 17:14 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 17:14 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 17:14 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 17:14 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 17:14 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 17:14 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 17:14 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 17:14 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 17:14 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 17:14 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 17:14 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 17:14 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 17:14 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 17:14 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 17:14 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 17:14 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 17:14 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 17:14 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 17:14 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 17:14 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 17:14 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 17:14 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 17:14 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 17:14 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 17:14 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 17:14 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 17:14 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 17:14 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 17:14 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 17:14 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 17:14 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 17:14 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 17:14 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 17:14 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 17:14 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 17:14 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 17:14 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 17:14 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 17:14 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 17:14 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 17:14 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 17:14 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 17:14 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 17:14 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 17:14 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 17:14 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 17:14 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 17:14 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 17:14 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 17:14 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 17:14 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 17:14 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 17:14 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 17:14 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 17:14 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 17:13 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 17:13 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 17:13 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 17:13 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 23:13 - 2014-08-12 23:13 - 00000000 ____D () C:\Users\araton7811\Documents\Frameworker
2014-08-12 23:09 - 2014-08-12 23:09 - 00012623 _____ () C:\ProgramData\mptmqteo.hmi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 18:48 - 2014-09-11 18:48 - 00025141 _____ () C:\Users\araton7811\Downloads\FRST.txt
2014-09-11 18:48 - 2014-09-11 18:48 - 00000000 ____D () C:\FRST
2014-09-11 18:48 - 2014-09-11 18:47 - 02105856 _____ (Farbar) C:\Users\araton7811\Downloads\FRST64.exe
2014-09-11 18:41 - 2014-07-29 22:42 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\TS3Client
2014-09-11 18:40 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 18:40 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 18:39 - 2009-07-14 19:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-09-11 18:39 - 2009-07-14 19:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-09-11 18:39 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 18:37 - 2014-03-31 23:28 - 01173744 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 18:33 - 2014-08-19 00:10 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn Hamachi
2014-09-11 18:33 - 2014-08-15 15:17 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-11 18:33 - 2014-06-28 17:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-11 18:33 - 2014-03-31 23:53 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-11 18:33 - 2014-03-31 18:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-11 18:33 - 2014-03-31 18:05 - 01562574 _____ () C:\Windows\PFRO.log
2014-09-11 18:33 - 2014-03-31 18:05 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-11 18:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 18:33 - 2009-07-14 06:51 - 00111581 _____ () C:\Windows\setupact.log
2014-09-11 18:30 - 2014-09-11 18:30 - 00010617 _____ () C:\Users\araton7811\Desktop\Malewarebyte.txt
2014-09-11 18:26 - 2014-04-06 14:02 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Skype
2014-09-11 18:19 - 2014-03-31 23:53 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-11 18:11 - 2014-04-01 15:47 - 00007649 _____ () C:\Users\araton7811\AppData\Local\Resmon.ResmonCfg
2014-09-11 18:10 - 2014-04-02 21:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 18:09 - 2014-09-11 18:09 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 18:09 - 2014-09-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 18:09 - 2014-04-02 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 18:08 - 2014-09-11 18:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\araton7811\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-11 18:05 - 2014-09-06 11:47 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Arma 3
2014-09-11 18:05 - 2014-03-31 18:08 - 00000000 ____D () C:\Users\araton7811\AppData\Local\CrashDumps
2014-09-11 16:27 - 2014-09-11 16:27 - 03722655 _____ () C:\Users\araton7811\Downloads\PredatoreMapPack5.zip
2014-09-11 16:27 - 2014-09-11 16:27 - 00345633 _____ () C:\Users\araton7811\Downloads\TournamentBadlands.zip
2014-09-11 16:24 - 2014-09-11 16:24 - 17896267 _____ () C:\Users\araton7811\Downloads\cnchq_cnc3_mappack_nr2.rar
2014-09-11 16:19 - 2014-04-13 20:07 - 00000000 ____D () C:\ProgramData\Origin
2014-09-11 16:19 - 2014-04-13 20:06 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-11 12:52 - 2014-09-11 12:46 - 25740608 _____ () C:\Users\araton7811\Downloads\ModAPI.zip
2014-09-10 21:37 - 2014-04-01 16:05 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\.minecraft
2014-09-07 15:43 - 2014-05-26 22:08 - 00000000 ____D () C:\Users\araton7811\Documents\My Games
2014-09-07 15:42 - 2014-04-14 16:29 - 00305286 _____ () C:\Windows\DirectX.log
2014-09-07 15:25 - 2014-09-07 15:25 - 00000202 _____ () C:\Users\araton7811\Desktop\Arma 3.url
2014-09-07 15:19 - 2014-04-12 21:06 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-07 11:52 - 2014-09-07 11:52 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-07 11:52 - 2014-04-06 14:02 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-07 11:52 - 2014-04-06 14:02 - 00000000 ____D () C:\ProgramData\Skype
2014-09-07 11:52 - 2014-04-06 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-07 11:18 - 2014-03-31 23:53 - 00000000 ____D () C:\Program Files\Google
2014-09-07 11:18 - 2014-03-31 23:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-07 11:18 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-06 12:31 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-06 12:27 - 2014-03-31 23:53 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Google
2014-09-06 12:26 - 2014-04-13 20:07 - 00000000 ____D () C:\Users\araton7811\Desktop\Steam
2014-09-06 12:24 - 2014-09-06 12:24 - 00426925 _____ () C:\Users\araton7811\Downloads\ASIO4ALL_2_11_Deutsch.exe
2014-09-06 12:24 - 2014-05-27 19:12 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Equalify
2014-09-06 12:24 - 2014-03-31 19:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Spotify
2014-09-06 12:11 - 2014-09-06 11:47 - 00000000 ____D () C:\Users\araton7811\Documents\Arma 3
2014-09-06 11:47 - 2014-09-06 11:47 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-09-06 09:58 - 2014-09-06 09:58 - 00032109 _____ () C:\Users\araton7811\Downloads\Icons.zip
2014-09-06 09:58 - 2014-09-06 09:57 - 09221118 _____ () C:\Users\araton7811\Downloads\Nextel.zip
2014-09-06 09:55 - 2014-09-06 09:55 - 00700849 _____ () C:\Users\araton7811\Downloads\Dark_orbit_Icon_pack.rar
2014-09-06 09:54 - 2014-09-06 09:54 - 00094828 _____ () C:\Users\araton7811\Downloads\file.rar
2014-09-06 09:54 - 2014-09-06 09:54 - 00008469 _____ () C:\Users\araton7811\Downloads\WO_Ranks.rar
2014-09-06 09:52 - 2014-09-06 09:52 - 00683198 _____ () C:\Users\araton7811\Downloads\arma3v2.02 (1).ts3_style
2014-09-06 09:51 - 2014-09-06 09:51 - 00683198 _____ () C:\Users\araton7811\Downloads\arma3v2.02.ts3_style
2014-09-06 09:40 - 2014-09-02 21:38 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Zero Hour Data
2014-09-06 09:35 - 2014-09-06 09:35 - 02782320 _____ (Beepa Pty Ltd) C:\Users\araton7811\Downloads\setup.exe
2014-09-06 09:35 - 2014-09-06 09:35 - 00000572 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-09-06 09:35 - 2014-09-06 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-09-06 09:35 - 2014-04-01 16:02 - 00000000 ____D () C:\Fraps
2014-09-06 05:43 - 2014-09-06 05:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Wargaming.net
2014-09-06 04:24 - 2014-09-06 04:24 - 00000000 _____ () C:\Windows\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤
2014-09-06 03:36 - 2014-07-30 17:01 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\FileZilla
2014-09-06 03:33 - 2014-09-06 03:33 - 05965584 _____ (Wargaming.net ) C:\Users\araton7811\Downloads\WoT_internet_install_eu.exe
2014-09-06 03:33 - 2014-09-06 03:33 - 00000769 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\Games
2014-09-06 03:33 - 2014-06-18 20:25 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-09-06 01:00 - 2014-04-07 17:18 - 00000000 ____D () C:\Users\araton7811\AppData\Local\PMB Files
2014-09-06 00:23 - 2014-09-06 00:23 - 00258439 _____ () C:\Users\araton7811\Downloads\HD_Minecraft_Icons.rar
2014-09-06 00:23 - 2014-09-06 00:23 - 00106853 _____ () C:\Users\araton7811\Downloads\CF_Rank_Icon_Pack_Download_(2).zip
2014-09-06 00:22 - 2014-09-06 00:22 - 00435598 _____ () C:\Users\araton7811\Downloads\Clean_Letters_-_Blue.zip
2014-09-06 00:15 - 2014-04-07 17:18 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-05 23:24 - 2014-09-05 23:24 - 02991513 _____ () C:\Users\araton7811\Downloads\EP Logo.ai
2014-09-05 23:08 - 2014-09-05 23:08 - 00940880 _____ () C:\Users\araton7811\ts3_recording_14_09_05_23_8_6.wav
2014-09-05 23:08 - 2014-03-31 23:28 - 00000000 ____D () C:\Users\araton7811
2014-09-05 19:57 - 2014-09-05 19:56 - 28064163 _____ () C:\Users\araton7811\Downloads\Minecraft Let%27s Play %5BMineTime Surf%5D.mp4
2014-09-05 19:54 - 2014-09-05 19:54 - 13105632 _____ () C:\Users\araton7811\Downloads\Junge beim McDrive ohne Auto.mp4
2014-09-05 19:54 - 2014-09-05 19:53 - 28295534 _____ () C:\Users\araton7811\Downloads\BF4 Aimbot %26 Autoshoot Hack.mp4
2014-09-05 19:53 - 2014-09-05 19:53 - 14951474 _____ () C:\Users\araton7811\Downloads\TeamSpeak Server kostenlos %28leihen%29.mp4
2014-09-05 17:47 - 2014-09-05 17:47 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-05 17:47 - 2014-09-05 17:47 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-05 17:46 - 2014-09-05 17:46 - 00244400 _____ () C:\Users\araton7811\Downloads\Firefox Setup Stub 32.0.exe
2014-09-04 19:21 - 2014-06-18 21:02 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-02 22:02 - 2014-09-02 22:02 - 00000040 _____ () C:\Users\araton7811\Documents\adadadadadadada.txt
2014-09-02 21:38 - 2014-09-02 21:38 - 00000788 _____ () C:\Users\Public\Desktop\Command and Conquer Generals and Zero Hour.lnk
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Data
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Generals and Zero Hour
2014-08-31 18:14 - 2014-08-31 18:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-31 18:14 - 2014-03-31 18:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-31 00:56 - 2014-08-31 00:56 - 00000202 _____ () C:\Users\araton7811\Desktop\Contagion.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\State of Decay.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\Deponia.url
2014-08-28 20:38 - 2014-03-31 19:44 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Spotify
2014-08-28 07:46 - 2009-07-14 06:45 - 00295752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 05:51 - 2014-08-28 05:51 - 00004430 _____ () C:\Users\araton7811\Downloads\{1558361} Hello there David! Thank you for emailing Mineplex Customer Support.  Please provide me w.html
2014-08-28 04:40 - 2014-08-28 04:40 - 00016850 _____ () C:\Users\araton7811\Documents\applic.odt
2014-08-28 00:52 - 2014-08-28 00:52 - 00000000 ____D () C:\Users\araton7811\AppData\Local\fabi.me
2014-08-28 00:51 - 2014-08-28 00:51 - 00094899 _____ () C:\Users\araton7811\Downloads\SpeedAutoClicker.zip
2014-08-28 00:51 - 2014-08-28 00:51 - 00000132 _____ () C:\Windows\wininit.ini
2014-08-27 00:16 - 2014-03-31 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-26 23:03 - 2014-08-26 21:32 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2014-08-26 21:35 - 2014-08-26 21:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Tiberium Wars
2014-08-25 21:51 - 2014-05-13 07:54 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-08-24 21:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-24 18:35 - 2014-08-24 18:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Kanes Wrath
2014-08-24 18:34 - 2014-08-24 18:34 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2014-08-24 01:46 - 2014-08-24 01:46 - 00000765 _____ () C:\Users\Public\Desktop\Command and Conquer 3 Tiberium Wars and Kane's Wrath.lnk
2014-08-24 01:46 - 2014-08-24 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 3 Tiberium Wars and Kane's Wrath
2014-08-24 01:24 - 2014-06-26 15:51 - 00002991 _____ () C:\Users\araton7811\Documents\jbb.txt
2014-08-23 23:08 - 2014-08-23 23:08 - 00000000 ____D () C:\Users\araton7811\Documents\PVZ Garden Warfare
2014-08-23 04:07 - 2014-08-27 19:49 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 19:49 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 19:49 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 00:36 - 2014-06-28 00:17 - 00000899 _____ () C:\Users\araton7811\Desktop\Start Tor Browser - Verknüpfung.lnk
2014-08-21 00:22 - 2014-04-14 16:30 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-20 23:53 - 2014-04-14 16:30 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-20 16:47 - 2014-08-20 16:47 - 00000000 ____D () C:\Users\araton7811\Documents\Respawn
2014-08-20 09:43 - 2014-08-20 09:43 - 00000646 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-08-20 09:43 - 2014-08-20 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2014-08-20 02:02 - 2014-04-15 01:25 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-08-19 02:31 - 2014-08-19 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odin4Story
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-18 07:51 - 2014-07-30 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-18 07:51 - 2014-07-30 17:01 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-18 04:55 - 2014-07-30 16:35 - 00000000 ____D () C:\Users\araton7811\Documents\Visual Studio 2010
2014-08-18 03:03 - 2014-08-18 03:03 - 00000360 _____ () C:\Windows\DXError.log
2014-08-18 03:03 - 2014-08-18 03:03 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-08-18 03:03 - 2014-08-18 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00001178 _____ () C:\Users\araton7811\Desktop\4Story.lnk
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Program Files (x86)\Zemi Interactive
2014-08-18 02:31 - 2014-08-18 02:31 - 00000181 _____ () C:\console.log
2014-08-17 21:58 - 2014-08-17 21:58 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\Program Files\Java
2014-08-17 21:50 - 2014-06-20 22:39 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Deployment
2014-08-17 21:50 - 2014-06-20 22:39 - 00000000 ____D () C:\Ubisoft
2014-08-17 21:50 - 2014-05-27 06:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-17 21:49 - 2014-04-08 14:41 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-08-17 21:20 - 2014-06-06 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-17 17:53 - 2014-07-30 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2014-08-17 17:44 - 2014-08-17 17:44 - 00000017 _____ () C:\Users\araton7811\Documents\server.txt
2014-08-17 17:42 - 2014-08-17 17:42 - 02346942 _____ () C:\Users\araton7811\Desktop\TechnicLauncher.exe
2014-08-17 03:02 - 2014-08-17 03:02 - 00000000 ____D () C:\Windows\symbols
2014-08-17 03:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-17 03:01 - 2014-08-17 03:01 - 00000000 ____D () C:\ProgramData\VS
2014-08-15 15:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2014-08-15 05:14 - 2014-05-06 21:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 00:19 - 2014-06-18 20:08 - 00000000 ____D () C:\Users\araton7811\Documents\Camtasia Studio
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-13 02:17 - 2014-06-07 13:06 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-13 02:17 - 2014-04-14 16:30 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-12 23:13 - 2014-08-12 23:13 - 00000000 ____D () C:\Users\araton7811\Documents\Frameworker
2014-08-12 23:09 - 2014-08-12 23:09 - 00012623 _____ () C:\ProgramData\mptmqteo.hmi

Files to move or delete:
====================
C:\Users\araton7811\GTA V.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 13:17

==================== End Of Log ============================
--- --- ---
Error: (09/10/2014 06:50:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f6c

Startzeit: 01cfcd15cf46ffa0

Endzeit: 487

Anwendungspfad: E:\Steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID:

Error: (09/10/2014 06:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.28.127.8, Zeitstempel: 0x54058b85
Name des fehlerhaften Moduls: kernel32.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a85
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011398
ID des fehlerhaften Prozesses: 0x6b8
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3

Error: (09/10/2014 06:11:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e20

Startzeit: 01cfcd11a15c94bb

Endzeit: 157

Anwendungspfad: E:\Steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID:

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (09/07/2014 03:15:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b38

Startzeit: 01cfca9d904db273

Endzeit: 141

Anwendungspfad: E:\Steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID:


System errors:
=============
Error: (09/11/2014 00:08:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/10/2014 09:04:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/10/2014 01:09:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/09/2014 07:12:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/08/2014 09:24:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/07/2014 02:37:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/07/2014 11:18:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/06/2014 00:17:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/06/2014 11:03:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/05/2014 10:32:56 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (09/11/2014 06:05:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.28.127.854058b85kernel32.dll6.1.7601.1840953159a85c000000500011398f9001cfcdd9e33e5131E:\steam\steamapps\common\Arma 3\arma3.exeC:\Windows\syswow64\kernel32.dll83542a2e-39cd-11e4-ac20-d43d7ee1039c

Error: (09/11/2014 06:02:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.81c7401cfcdd9bc8863361E:\steam\steamapps\common\Arma 3\arma3.exe127eff8c-39cd-11e4-ac20-d43d7ee1039c

Error: (09/11/2014 05:58:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.81dcc01cfcdd9013bc881154E:\steam\steamapps\common\Arma 3\arma3.exe

Error: (09/10/2014 06:50:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.8f6c01cfcd15cf46ffa0487E:\Steam\steamapps\common\Arma 3\arma3.exe

Error: (09/10/2014 06:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.28.127.854058b85kernel32.dll6.1.7601.1840953159a85c0000005000113986b801cfcd14d7e5b926E:\Steam\steamapps\common\Arma 3\arma3.exeC:\Windows\syswow64\kernel32.dlle6b6d595-3908-11e4-8c6f-606c668f56f0

Error: (09/10/2014 06:11:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.8e2001cfcd11a15c94bb157E:\Steam\steamapps\common\Arma 3\arma3.exe

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (09/07/2014 03:15:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.81b3801cfca9d904db273141E:\Steam\steamapps\common\Arma 3\arma3.exe


CodeIntegrity Errors:
===================================
Date: 2014-09-09 21:44:16.476
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-09 21:44:16.475
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-09 21:44:16.474
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-09 21:44:16.469
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-09 21:44:16.468
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-09 21:44:16.467
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-07 13:17:54.932
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-07 13:17:54.932
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-07 13:17:54.932
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-07 13:17:54.932
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 26%
Total physical RAM: 8134.74 MB
Available physical RAM: 6008.37 MB
Total Pagefile: 16267.66 MB
Available Pagefile: 13681.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:8.26 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:1862.92 GB) (Free:1550.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: B01D4268)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: FAB941FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

sunjojo 11.09.2014 17:56
Die Addition.txt ist nicht vollständig, bitte nochmal vollständig posten! :)

araton7811 11.09.2014 18:02
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by araton7811 at 2014-09-11 18:48:41
Running from C:\Users\araton7811\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story (4STORY) (HKLM-x32\...\4Story) (Version: (4STORY) - ZEMI INTERACTIVE INC)
4Story DE 4.2.213 (HKLM-x32\...\4Story_DE_is1) (Version:  - )
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.8.000 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Camtasia Studio 8 (HKLM-x32\...\{19F81C0C-D0DB-453D-9C1C-AD26C4140E7E}) (Version: 8.4.0.1691 - TechSmith Corporation)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Daylight (HKLM-x32\...\Steam App 230840) (Version:  - Zombie Studios)
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Deponia (HKLM-x32\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Direct OC (HKLM-x32\...\{E39DE1F0-0A95-4AE8-B9D7-37C5AF360D35}_is1) (Version: 1.0.0.7 - MSI)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version:  - Ubisoft Montreal)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Horizon v2.7.9.3 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.9.3 - Daring Development Inc.)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.6.1.0536 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software Driver (Version: 15.06.1000.0167 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{B0CA78DB-745A-4857-A73F-9ACD95E62BD0}) (Version: 4.0.41.2072 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fad118b4-798f-4755-9e67-a622eec95b62}) (Version: 15.6.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50701 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.43 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
OpenVPN 2.3.3-I001  (HKLM\...\OpenVPN) (Version: 2.3.3-I001 - )
OpenVPN Manager 1.5.3.0 (HKLM-x32\...\OpenVPN Manager) (Version: 1.5.3.0 - Perfect-Privacy)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.591 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.591 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Sony Noise Reduction Plug-In 2.0e (HKLM-x32\...\{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}) (Version: 2.0.444 - Sony)
Sony Sound Forge 9.0 (HKLM-x32\...\{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}) (Version: 9.0.297 - Sony)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.6.3 - Electronic Arts)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-5743557-287084541-2253973346-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\araton7811\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-5743557-287084541-2253973346-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-5743557-287084541-2253973346-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-5743557-287084541-2253973346-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-5743557-287084541-2253973346-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

11-09-2014 10:13:15 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-06-18 20:11 - 00000868 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.cloud.techsmith.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {46337CCE-7EBB-44D2-80EC-F58CC7CCADCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-31] (Google Inc.)
Task: {62AC5675-66EC-46AA-9C83-D0D561C7A09C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-31] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-31 18:13 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-02-13 10:35 - 2013-02-13 10:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 10:35 - 2013-02-13 10:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-04-14 16:30 - 2014-08-13 02:17 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-05-07 11:43 - 2013-05-07 11:43 - 00503296 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-09 20:46 - 2011-05-09 20:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2014-03-31 23:52 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-03-31 18:14 - 2014-08-09 02:23 - 00699864 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-03-31 18:14 - 2014-08-09 02:23 - 00855512 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-06-20 09:48 - 2014-08-09 21:17 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-06-20 09:49 - 2014-08-09 21:17 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-06-26 08:38 - 2014-08-09 21:17 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-06-20 09:54 - 2014-08-09 21:17 - 00041928 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ts3g15.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-03-31 23:52 - 2012-10-31 15:00 - 00991232 ____N () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll
2014-09-04 19:21 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 19:21 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 19:21 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 19:21 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 19:21 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-03-31 23:53 - 2013-05-17 01:06 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Qualcomm Atheros Killer Network Manager.lnk => C:\Windows\pss\Qualcomm Atheros Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Zemi Interactive\4StoryUS\PrePatch.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_FD504906B21755984804A7F2FD69055E => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\araton7811\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\araton7811\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/11/2014 06:05:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.28.127.8, Zeitstempel: 0x54058b85
Name des fehlerhaften Moduls: kernel32.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a85
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011398
ID des fehlerhaften Prozesses: 0xf90
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3

Error: (09/11/2014 06:02:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c74

Startzeit: 01cfcdd9bc886336

Endzeit: 1

Anwendungspfad: E:\steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID: 127eff8c-39cd-11e4-ac20-d43d7ee1039c

Error: (09/11/2014 05:58:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1dcc

Startzeit: 01cfcdd9013bc881

Endzeit: 154

Anwendungspfad: E:\steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID:

Error: (09/10/2014 06:50:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f6c

Startzeit: 01cfcd15cf46ffa0

Endzeit: 487

Anwendungspfad: E:\Steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID:

Error: (09/10/2014 06:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: arma3.exe, Version: 1.28.127.8, Zeitstempel: 0x54058b85
Name des fehlerhaften Moduls: kernel32.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a85
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011398
ID des fehlerhaften Prozesses: 0x6b8
Startzeit der fehlerhaften Anwendung: 0xarma3.exe0
Pfad der fehlerhaften Anwendung: arma3.exe1
Pfad des fehlerhaften Moduls: arma3.exe2
Berichtskennung: arma3.exe3

Error: (09/10/2014 06:11:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e20

Startzeit: 01cfcd11a15c94bb

Endzeit: 157

Anwendungspfad: E:\Steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID:

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (09/07/2014 03:15:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm arma3.exe, Version 1.28.127.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b38

Startzeit: 01cfca9d904db273

Endzeit: 141

Anwendungspfad: E:\Steam\steamapps\common\Arma 3\arma3.exe

Berichts-ID:


System errors:
=============
Error: (09/11/2014 00:08:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/10/2014 09:04:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/10/2014 01:09:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/09/2014 07:12:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/08/2014 09:24:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/07/2014 02:37:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/07/2014 11:18:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/06/2014 00:17:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/06/2014 11:03:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/05/2014 10:32:56 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (09/11/2014 06:05:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.28.127.854058b85kernel32.dll6.1.7601.1840953159a85c000000500011398f9001cfcdd9e33e5131E:\steam\steamapps\common\Arma 3\arma3.exeC:\Windows\syswow64\kernel32.dll83542a2e-39cd-11e4-ac20-d43d7ee1039c

Error: (09/11/2014 06:02:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.81c7401cfcdd9bc8863361E:\steam\steamapps\common\Arma 3\arma3.exe127eff8c-39cd-11e4-ac20-d43d7ee1039c

Error: (09/11/2014 05:58:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.81dcc01cfcdd9013bc881154E:\steam\steamapps\common\Arma 3\arma3.exe

Error: (09/10/2014 06:50:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.8f6c01cfcd15cf46ffa0487E:\Steam\steamapps\common\Arma 3\arma3.exe

Error: (09/10/2014 06:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: arma3.exe1.28.127.854058b85kernel32.dll6.1.7601.1840953159a85c0000005000113986b801cfcd14d7e5b926E:\Steam\steamapps\common\Arma 3\arma3.exeC:\Windows\syswow64\kernel32.dlle6b6d595-3908-11e4-8c6f-606c668f56f0

Error: (09/10/2014 06:11:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.8e2001cfcd11a15c94bb157E:\Steam\steamapps\common\Arma 3\arma3.exe

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/09/2014 07:12:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (09/07/2014 03:15:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: arma3.exe1.28.127.81b3801cfca9d904db273141E:\Steam\steamapps\common\Arma 3\arma3.exe


CodeIntegrity Errors:
===================================
  Date: 2014-09-09 21:44:16.476
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-09 21:44:16.475
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-09 21:44:16.474
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-09 21:44:16.469
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-09 21:44:16.468
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-09 21:44:16.467
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-07 13:17:54.932
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-07 13:17:54.932
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-07 13:17:54.932
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-07 13:17:54.932
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 26%
Total physical RAM: 8134.74 MB
Available physical RAM: 6008.37 MB
Total Pagefile: 16267.66 MB
Available Pagefile: 13681.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:8.26 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:1862.92 GB) (Free:1550.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: B01D4268)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: FAB941FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

sunjojo 11.09.2014 18:18
Hi,

kannst du mir folgenden Eintrag erklären?
Code:
127.0.0.1 activation.cloud.techsmith.com
Ich kann erst mit der Bereinigung fortfahren, wenn sämtliche gecrackten Programme/illegalen Einträge entfernt wurden!

araton7811 11.09.2014 21:15
Ok ich benutze das Programm eh nicht wie entferne ich dies einfach TechSmith deinstallieren?

So deinstalliert.

Hilfst du mir noch oder nich mehr?

sunjojo 11.09.2014 21:32
Zitat:
Hilfst du mir noch oder nich mehr?
Ja, ich helfe dir noch. Ich habe aber auch ein Privatleben und kann deswegen nicht immer antworten. Du bekommst morgen eine richtige Antwort. Das ist hier alles freiwillig!

araton7811 11.09.2014 21:53
Weiß ich, ich meinte eig wegen dem cracked.

sunjojo 12.09.2014 16:11
Hi,

Zitat:
Weiß ich, ich meinte eig wegen dem cracked.
Du hast doch alle gecrackten Programme gelöscht und alle dazugehörigen Einträge gelöscht. Dann mache ich jetzt gerne weiter :). Nur wenn ich nochmal sowas finde, ist der Support beendet.

Wir entfernen erstmal die letzten Reste von Adware und kontrollieren nochmal, um Malware auszuschließen. Bitte poste noch das Logfile von Kaspersky.


Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396459246&from=tugs&uid=SamsungXSSDX840XEVOX120GB_S1D5NSBF218454X&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396459246&from=tugs&uid=SamsungXSSDX840XEVOX120GB_S1D5NSBF218454X&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
File: 2014-08-12 23:09 - 2014-08-12 23:09 - 00012623 _____ () C:\ProgramData\mptmqteo.hmi

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

Schritt 2
Öffne Google Chrome.
  • Klicke auf das Chrome-Menü http://www.trojaner-board.de/picture...&pictureid=489 (rechts im Browser).
  • Wähle nun "Einstellungen" in dem Menü aus.
  • Scrolle nach unten und klicke "Erweiterte Einstellungen anzeigen" an.
  • Nun werden dir weitere Optionen angezeigt. Wähle http://www.trojaner-board.de/picture...&pictureid=490 aus (letzter Punkt der Einstellungsmöglichkeiten).
  • Ein Fenster wird geöffnet, in welchem du "Zurücksetzen" auswählst.
  • Jetzt werden deine aktuellen Browsereinstellungen zurückgesetzt (Startseite, Suchseite, ...), Erweiterungen und Designs deaktiviert.

Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Besteht das Problem mit Arma 3 weiterhin? Wenn du Arma 3 gestartet hast, kannst du dann noch was anderes machen (z.B.: ein anderes Tool ausführen), oder ist der Computer völlig ausgelastet?



Poste folgende Logfiles in deiner nächsten Antwort:
  • Fixlog.txt
  • log.txt
  • FRST.txt

araton7811 12.09.2014 16:29
Hat jetzt eig nichts mit dem Virus Problem zu tun aber seit heute morgen kommt diese Meldung: "Die Laufzeitumgebung Microsoft .Net Framework 4.0 ist nicht installiert" seit dem diese Meldung kommt kann ich so oft ich will auf ein Programm mit der Maus klicken es öffnet sich einfach nicht wenn ich Programe mit der Tastatur öffne geht das Problemlos. Das Problem ist nur wenn ich etwas runterlade und dan installier muss ich im normalfall ein kleines feld anklicken das ich die AGB akzeptiere dies funktioniert aber auch nicht. Hast du da eine Idee?

sunjojo 12.09.2014 17:31
Hast du mal probiert, das .Net Framework zu installieren? Wenn es schon installiert ist, dann probiere mal folgendes Tool: Microsoft.NET Framework Reparaturtool ist verfügbar. Das Tool kann auch über die Kommandozeilge gestartet werden (Befehl: NetFxRepairTool.exe/q).

Wurden deine Probleme damit behoben?

araton7811 12.09.2014 17:54
http://www11.pic-upload.de/thumb/12....al77ha9gwz.jpg Dieses "I have read and accept the lincense terms kann ich nicht annehmen da ich die maus ja nich nutzen kann.

sunjojo 12.09.2014 17:57
Aber das du die Maus nicht nutzen kann, hat doch nichts mit dem .NET Fehler zu tun. Hast du mal eine andere Maus an deinem Rechner ausprobiert?

araton7811 13.09.2014 19:49
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by araton7811 at 2014-09-13 14:20:59 Run:1
Running from C:\Users\araton7811\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396459246&from=tugs&uid=SamsungXSSDX840XEVOX120GB_S1D5NSBF218454X&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396459246&from=tugs&uid=SamsungXSSDX840XEVOX120GB_S1D5NSBF218454X&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
File: 2014-08-12 23:09 - 2014-08-12 23:09 - 00012623 _____ () C:\ProgramData\mptmqteo.hmi
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.

========================= File: 2014-08-12 23:09 - 2014-08-12 23:09 - 00012623 _____ () C:\ProgramData\mptmqteo.hmi ========================

"2014-08-12 23:09 - 2014-08-12 23:09 - 00012623 _____ () C:\ProgramData\mptmqteo.hmi" not found.
====== End Of File: ======


==== End of Fixlog ====

eset Scann dauert noch und noch ne Frage so wie bekomme ich dieses TermTutor weg?
öffnet permanent Werbung. Das mit dem anklicken geht jetzt wieder.

http://www11.pic-upload.de/thumb/13....64ax5r9ioy.png

Bei Este kommt der angegebene Pfad ist nicht vorhanden. Aber der Scan wurde durchgeführt.


FRST Logfile:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by araton7811 (administrator) on ARATON7811-PC on 13-09-2014 17:28:37
Running from C:\Users\araton7811\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-06] (Microsoft Corporation)
HKU\S-1-5-21-5743557-287084541-2253973346-1000\...\MountPoints2: {fd02c448-b91a-11e3-b049-806e6f6e6963} - F:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\araton7811\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll No File
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 16 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Hosts: 127.0.0.1 activation.cloud.techsmith.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\araton7811\AppData\Roaming\Mozilla\Firefox\Profiles\ocu9qkcb.default
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\araton7811\AppData\Roaming\Mozilla\Firefox\Profiles\ocu9qkcb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-13]
FF Extension: Term Tutor - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF36DABF2-4757-4860-9B8D-6D7DFAA9B7AA&SSPV="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-13]
CHR Extension: (Google Docs) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-13]
CHR Extension: (Google Drive) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-13]
CHR Extension: (YouTube) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-13]
CHR Extension: (Adblock Plus) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-13]
CHR Extension: (Google Search) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-13]
CHR Extension: (Google Sheets) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-13]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-09-13]
CHR Extension: (Google Wallet) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-13]
CHR Extension: (Gmail) - C:\Users\araton7811\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-13]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-20] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-13] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-05-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-13] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 HWiNFO32; \??\C:\Users\ARATON~1\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 17:28 - 2014-09-13 17:28 - 02105856 _____ (Farbar) C:\Users\araton7811\Downloads\FRST64.exe
2014-09-13 17:28 - 2014-09-13 17:28 - 00024875 _____ () C:\Users\araton7811\Downloads\FRST.txt
2014-09-13 15:44 - 2014-09-13 15:44 - 00002243 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-13 15:44 - 2014-09-13 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-13 15:28 - 2014-09-13 15:28 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 15:28 - 2014-09-13 15:28 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-13 15:28 - 2014-09-13 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 14:46 - 2014-09-13 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 14:46 - 2014-09-13 15:22 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-13 14:46 - 2014-09-13 14:46 - 00000975 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-09-13 14:46 - 2014-09-13 14:46 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-09-13 14:46 - 2014-09-13 14:46 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-13 14:46 - 2014-09-13 14:46 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-09-13 14:28 - 2014-09-13 14:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-13 14:17 - 2014-09-13 15:21 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Solvusoft
2014-09-13 14:17 - 2012-10-15 17:02 - 00019888 _____ (solvusoft) C:\Windows\system32\roboot64.exe
2014-09-12 16:14 - 2014-09-12 16:16 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-09-12 16:14 - 2014-09-12 16:16 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-12 04:03 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 04:03 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 04:03 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 04:03 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 04:03 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 04:03 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 04:03 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 04:03 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 04:03 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 04:03 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 04:03 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 04:03 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 04:03 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 04:03 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 04:03 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 04:03 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 04:03 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 04:03 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 04:03 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 04:03 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 04:03 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 04:03 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 04:03 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 04:03 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 04:03 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 04:03 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 04:03 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 04:03 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 04:03 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 04:03 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 04:03 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 04:03 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 04:03 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 04:03 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 04:03 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 04:03 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 04:03 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 04:03 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 04:03 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 04:03 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 04:03 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 04:03 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 04:03 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 04:03 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 04:03 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 04:03 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 04:03 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 04:03 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 04:03 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 04:03 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 04:03 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 04:03 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 04:03 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 04:03 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 04:03 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 04:03 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 04:03 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 04:03 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 00:04 - 2014-09-12 00:05 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Arma 3 Launcher
2014-09-12 00:04 - 2014-09-12 00:04 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Bohemia_Interactive
2014-09-11 19:36 - 2014-09-11 19:36 - 00000202 _____ () C:\Users\araton7811\Desktop\Arma 3.url
2014-09-11 18:48 - 2014-09-13 17:28 - 00000000 ____D () C:\FRST
2014-09-11 18:09 - 2014-09-11 18:09 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 18:09 - 2014-09-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 12:14 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 12:14 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 12:14 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 12:14 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 12:14 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 12:14 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 12:14 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 12:14 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 12:14 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 12:14 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 12:14 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-07 11:52 - 2014-09-07 11:52 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-06 11:47 - 2014-09-13 15:09 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Arma 3
2014-09-06 11:47 - 2014-09-06 12:11 - 00000000 ____D () C:\Users\araton7811\Documents\Arma 3
2014-09-06 11:47 - 2014-09-06 11:47 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-09-06 09:35 - 2014-09-06 09:35 - 00000572 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-09-06 09:35 - 2014-09-06 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-09-06 05:43 - 2014-09-06 05:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Wargaming.net
2014-09-06 04:24 - 2014-09-06 04:24 - 00000000 _____ () C:\Windows\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤
2014-09-06 03:33 - 2014-09-06 03:33 - 00000769 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\Games
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-04 14:04 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-09-02 22:02 - 2014-09-02 22:02 - 00000040 _____ () C:\Users\araton7811\Documents\adadadadadadada.txt
2014-09-02 21:38 - 2014-09-06 09:40 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Zero Hour Data
2014-09-02 21:38 - 2014-09-02 21:38 - 00000788 _____ () C:\Users\Public\Desktop\Command and Conquer Generals and Zero Hour.lnk
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Data
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Generals and Zero Hour
2014-08-31 18:14 - 2014-08-31 18:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-31 00:56 - 2014-08-31 00:56 - 00000202 _____ () C:\Users\araton7811\Desktop\Contagion.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\State of Decay.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\Deponia.url
2014-08-28 04:40 - 2014-08-28 04:40 - 00016850 _____ () C:\Users\araton7811\Documents\applic.odt
2014-08-28 00:52 - 2014-08-28 00:52 - 00000000 ____D () C:\Users\araton7811\AppData\Local\fabi.me
2014-08-28 00:51 - 2014-08-28 00:51 - 00000132 _____ () C:\Windows\wininit.ini
2014-08-27 19:49 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 19:49 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 19:49 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 21:35 - 2014-08-26 21:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Tiberium Wars
2014-08-26 21:32 - 2014-08-26 23:03 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2014-08-24 18:35 - 2014-08-24 18:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Kanes Wrath
2014-08-24 18:34 - 2014-08-24 18:34 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2014-08-24 01:46 - 2014-08-24 01:46 - 00000765 _____ () C:\Users\Public\Desktop\Command and Conquer 3 Tiberium Wars and Kane's Wrath.lnk
2014-08-24 01:46 - 2014-08-24 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 3 Tiberium Wars and Kane's Wrath
2014-08-23 23:08 - 2014-08-23 23:08 - 00000000 ____D () C:\Users\araton7811\Documents\PVZ Garden Warfare
2014-08-23 17:00 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 17:00 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 17:00 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 17:00 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 17:00 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 17:00 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 17:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 17:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 17:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 17:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 16:47 - 2014-08-20 16:47 - 00000000 ____D () C:\Users\araton7811\Documents\Respawn
2014-08-20 09:43 - 2014-08-20 09:43 - 00000646 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-08-20 09:43 - 2014-08-20 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2014-08-19 02:31 - 2014-08-19 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odin4Story
2014-08-19 00:10 - 2014-09-13 15:24 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn Hamachi
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-18 03:04 - 2013-11-20 19:36 - 05132656 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2014-08-18 03:03 - 2014-08-18 03:03 - 00000360 _____ () C:\Windows\DXError.log
2014-08-18 03:03 - 2014-08-18 03:03 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-08-18 03:02 - 2014-08-18 03:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Program Files (x86)\Zemi Interactive
2014-08-18 02:31 - 2014-08-18 02:31 - 00000181 _____ () C:\console.log
2014-08-17 21:58 - 2014-08-17 21:58 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\Program Files\Java
2014-08-17 17:44 - 2014-08-17 17:44 - 00000017 _____ () C:\Users\araton7811\Documents\server.txt
2014-08-17 17:42 - 2014-08-17 17:42 - 02346942 _____ () C:\Users\araton7811\Desktop\TechnicLauncher.exe
2014-08-17 03:02 - 2014-08-17 03:02 - 00000000 ____D () C:\Windows\symbols
2014-08-17 03:01 - 2014-08-17 03:01 - 00000000 ____D () C:\ProgramData\VS
2014-08-15 15:17 - 2014-09-13 15:24 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2014-08-15 05:14 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 05:14 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 05:14 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 05:14 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 05:14 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 05:14 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 05:14 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 05:14 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-14 17:14 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 17:14 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 17:14 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 17:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 17:14 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 17:14 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 17:14 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 17:14 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 17:14 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 17:14 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 17:14 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 17:14 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 17:14 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 17:14 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 17:14 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 17:14 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 17:13 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 17:13 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 17:28 - 2014-09-13 17:28 - 02105856 _____ (Farbar) C:\Users\araton7811\Downloads\FRST64.exe
2014-09-13 17:28 - 2014-09-13 17:28 - 00024875 _____ () C:\Users\araton7811\Downloads\FRST.txt
2014-09-13 17:28 - 2014-09-11 18:48 - 00000000 ____D () C:\FRST
2014-09-13 17:19 - 2014-07-29 22:42 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\TS3Client
2014-09-13 17:19 - 2014-03-31 23:53 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 17:19 - 2014-03-31 23:53 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 16:59 - 2014-06-28 17:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-13 15:44 - 2014-09-13 15:44 - 00002243 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-13 15:44 - 2014-09-13 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-13 15:44 - 2014-03-31 23:53 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Google
2014-09-13 15:43 - 2014-03-31 23:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-13 15:32 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-13 15:32 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-13 15:30 - 2009-07-14 19:58 - 00699462 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 15:30 - 2009-07-14 19:58 - 00149602 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 15:30 - 2009-07-14 07:13 - 01620812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 15:28 - 2014-09-13 15:28 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 15:28 - 2014-09-13 15:28 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-13 15:28 - 2014-09-13 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 15:28 - 2014-09-13 14:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 15:28 - 2014-03-31 23:28 - 01578820 _____ () C:\Windows\WindowsUpdate.log
2014-09-13 15:26 - 2014-04-13 20:07 - 00000000 ____D () C:\Users\araton7811\Desktop\Steam
2014-09-13 15:24 - 2014-08-19 00:10 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn Hamachi
2014-09-13 15:24 - 2014-08-15 15:17 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-13 15:24 - 2014-03-31 18:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-13 15:24 - 2014-03-31 18:05 - 01571172 _____ () C:\Windows\PFRO.log
2014-09-13 15:24 - 2014-03-31 18:05 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-13 15:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-13 15:24 - 2009-07-14 06:51 - 00003729 _____ () C:\Windows\setupact.log
2014-09-13 15:23 - 2014-06-18 20:23 - 00000000 ____D () C:\Windows\pss
2014-09-13 15:22 - 2014-09-13 14:46 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-13 15:21 - 2014-09-13 14:17 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Solvusoft
2014-09-13 15:20 - 2014-07-26 18:32 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Winamp
2014-09-13 15:16 - 2014-03-31 23:34 - 01566044 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 15:09 - 2014-09-06 11:47 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Arma 3
2014-09-13 14:46 - 2014-09-13 14:46 - 00000975 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-09-13 14:46 - 2014-09-13 14:46 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-09-13 14:46 - 2014-09-13 14:46 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-13 14:46 - 2014-09-13 14:46 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-09-13 14:28 - 2014-09-13 14:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-12 18:38 - 2014-06-24 22:06 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\DropboxMaster
2014-09-12 18:38 - 2014-06-24 22:06 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Dropbox
2014-09-12 18:00 - 2014-03-31 23:30 - 00058016 _____ () C:\Users\araton7811\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-12 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-12 17:05 - 2014-03-31 23:56 - 00000000 ___HD () C:\SuperChargerProfile
2014-09-12 17:05 - 2014-03-31 23:47 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-09-12 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-12 16:16 - 2014-09-12 16:14 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-09-12 16:16 - 2014-09-12 16:14 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-12 16:14 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 16:06 - 2014-03-31 23:28 - 00000000 ____D () C:\Users\araton7811
2014-09-12 15:46 - 2014-03-31 18:08 - 00000000 ____D () C:\Users\araton7811\AppData\Local\CrashDumps
2014-09-12 04:03 - 2014-05-06 21:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 03:57 - 2009-07-14 06:45 - 00267816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-12 03:33 - 2014-04-01 16:05 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\.minecraft
2014-09-12 02:43 - 2014-07-30 16:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-09-12 02:40 - 2014-04-15 01:25 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-09-12 02:38 - 2014-07-29 20:32 - 00000000 ____D () C:\Program Files (x86)\PP OpenVPN Manager
2014-09-12 02:31 - 2014-04-01 15:47 - 00007649 _____ () C:\Users\araton7811\AppData\Local\Resmon.ResmonCfg
2014-09-12 00:12 - 2014-03-31 19:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Spotify
2014-09-12 00:05 - 2014-09-12 00:04 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Arma 3 Launcher
2014-09-12 00:04 - 2014-09-12 00:04 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Bohemia_Interactive
2014-09-11 23:34 - 2014-03-31 19:44 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Spotify
2014-09-11 23:02 - 2014-04-06 14:02 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Skype
2014-09-11 22:54 - 2014-04-13 20:07 - 00000000 ____D () C:\ProgramData\Origin
2014-09-11 20:55 - 2014-04-13 20:06 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-11 19:36 - 2014-09-11 19:36 - 00000202 _____ () C:\Users\araton7811\Desktop\Arma 3.url
2014-09-11 18:10 - 2014-04-02 21:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 18:09 - 2014-09-11 18:09 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 18:09 - 2014-09-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 18:09 - 2014-04-02 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-07 15:43 - 2014-05-26 22:08 - 00000000 ____D () C:\Users\araton7811\Documents\My Games
2014-09-07 15:42 - 2014-04-14 16:29 - 00305286 _____ () C:\Windows\DirectX.log
2014-09-07 15:19 - 2014-04-12 21:06 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-07 11:52 - 2014-09-07 11:52 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-07 11:52 - 2014-04-06 14:02 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-07 11:52 - 2014-04-06 14:02 - 00000000 ____D () C:\ProgramData\Skype
2014-09-07 11:52 - 2014-04-06 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-07 11:18 - 2014-03-31 23:53 - 00000000 ____D () C:\Program Files\Google
2014-09-07 11:18 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-06 12:31 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-06 12:24 - 2014-05-27 19:12 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Equalify
2014-09-06 12:11 - 2014-09-06 11:47 - 00000000 ____D () C:\Users\araton7811\Documents\Arma 3
2014-09-06 11:47 - 2014-09-06 11:47 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-09-06 09:40 - 2014-09-02 21:38 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Zero Hour Data
2014-09-06 09:35 - 2014-09-06 09:35 - 00000572 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-09-06 09:35 - 2014-09-06 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-09-06 09:35 - 2014-04-01 16:02 - 00000000 ____D () C:\Fraps
2014-09-06 05:43 - 2014-09-06 05:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Wargaming.net
2014-09-06 04:24 - 2014-09-06 04:24 - 00000000 _____ () C:\Windows\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤
2014-09-06 03:36 - 2014-07-30 17:01 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\FileZilla
2014-09-06 03:33 - 2014-09-06 03:33 - 00000769 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-09-06 03:33 - 2014-09-06 03:33 - 00000000 ____D () C:\Games
2014-09-06 03:33 - 2014-06-18 20:25 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-09-06 01:00 - 2014-04-07 17:18 - 00000000 ____D () C:\Users\araton7811\AppData\Local\PMB Files
2014-09-06 00:15 - 2014-04-07 17:18 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Mozilla
2014-09-05 17:47 - 2014-09-05 17:47 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-05 04:10 - 2014-09-11 12:14 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 12:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 14:04 - 2014-09-04 14:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-02 22:02 - 2014-09-02 22:02 - 00000040 _____ () C:\Users\araton7811\Documents\adadadadadadada.txt
2014-09-02 21:38 - 2014-09-02 21:38 - 00000788 _____ () C:\Users\Public\Desktop\Command and Conquer Generals and Zero Hour.lnk
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer Generals Data
2014-09-02 21:38 - 2014-09-02 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Generals and Zero Hour
2014-08-31 18:14 - 2014-08-31 18:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-31 18:14 - 2014-03-31 18:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-31 00:56 - 2014-08-31 00:56 - 00000202 _____ () C:\Users\araton7811\Desktop\Contagion.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\State of Decay.url
2014-08-31 00:41 - 2014-08-31 00:41 - 00000202 _____ () C:\Users\araton7811\Desktop\Deponia.url
2014-08-28 04:40 - 2014-08-28 04:40 - 00016850 _____ () C:\Users\araton7811\Documents\applic.odt
2014-08-28 00:52 - 2014-08-28 00:52 - 00000000 ____D () C:\Users\araton7811\AppData\Local\fabi.me
2014-08-28 00:51 - 2014-08-28 00:51 - 00000132 _____ () C:\Windows\wininit.ini
2014-08-27 00:16 - 2014-03-31 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-26 23:03 - 2014-08-26 21:32 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2014-08-26 21:35 - 2014-08-26 21:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Tiberium Wars
2014-08-24 18:35 - 2014-08-24 18:35 - 00000000 ____D () C:\Users\araton7811\Documents\Command and Conquer 3 Kanes Wrath
2014-08-24 18:34 - 2014-08-24 18:34 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2014-08-24 01:46 - 2014-08-24 01:46 - 00000765 _____ () C:\Users\Public\Desktop\Command and Conquer 3 Tiberium Wars and Kane's Wrath.lnk
2014-08-24 01:46 - 2014-08-24 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 3 Tiberium Wars and Kane's Wrath
2014-08-24 01:24 - 2014-06-26 15:51 - 00002991 _____ () C:\Users\araton7811\Documents\jbb.txt
2014-08-23 23:08 - 2014-08-23 23:08 - 00000000 ____D () C:\Users\araton7811\Documents\PVZ Garden Warfare
2014-08-23 04:07 - 2014-08-27 19:49 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 19:49 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 19:49 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 00:36 - 2014-06-28 00:17 - 00000899 _____ () C:\Users\araton7811\Desktop\Start Tor Browser - Verknüpfung.lnk
2014-08-21 00:22 - 2014-04-14 16:30 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-20 23:53 - 2014-04-14 16:30 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-20 16:47 - 2014-08-20 16:47 - 00000000 ____D () C:\Users\araton7811\Documents\Respawn
2014-08-20 09:43 - 2014-08-20 09:43 - 00000646 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-08-20 09:43 - 2014-08-20 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2014-08-19 20:05 - 2014-09-12 04:03 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-12 04:03 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 02:31 - 2014-08-19 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odin4Story
2014-08-19 01:01 - 2014-09-12 04:03 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-12 04:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-12 04:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-12 04:03 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-12 04:03 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-12 04:03 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-12 04:03 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-12 04:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-12 04:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-12 04:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\Users\araton7811\AppData\Local\LogMeIn
2014-08-19 00:10 - 2014-08-19 00:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-19 00:08 - 2014-09-12 04:03 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-12 04:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-12 04:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-12 04:03 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-12 04:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-12 04:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-12 04:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-12 04:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-12 04:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-12 04:03 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-12 04:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-12 04:03 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-12 04:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-12 04:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-12 04:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-12 04:03 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-12 04:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-12 04:03 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-12 04:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-12 04:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-12 04:03 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-12 04:03 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-12 04:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-12 04:03 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-12 04:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-12 04:03 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-12 04:03 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-12 04:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-12 04:03 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-12 04:03 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-12 04:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-12 04:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-12 04:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-12 04:03 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-12 04:03 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-12 04:03 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-12 04:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-12 04:03 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-12 04:03 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-12 04:03 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-12 04:03 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-12 04:03 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-12 04:03 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-12 04:03 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-18 07:51 - 2014-07-30 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-18 07:51 - 2014-07-30 17:01 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-18 04:55 - 2014-07-30 16:35 - 00000000 ____D () C:\Users\araton7811\Documents\Visual Studio 2010
2014-08-18 03:03 - 2014-08-18 03:03 - 00000360 _____ () C:\Windows\DXError.log
2014-08-18 03:03 - 2014-08-18 03:03 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-08-18 03:03 - 2014-08-18 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4Story
2014-08-18 03:02 - 2014-08-18 03:02 - 00000000 ____D () C:\Program Files (x86)\Zemi Interactive
2014-08-18 02:31 - 2014-08-18 02:31 - 00000181 _____ () C:\console.log
2014-08-17 21:58 - 2014-08-17 21:58 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-17 21:58 - 2014-08-17 21:58 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 21:58 - 2014-08-17 21:58 - 00000000 ____D () C:\Program Files\Java
2014-08-17 21:50 - 2014-06-20 22:39 - 00000000 ____D () C:\Users\araton7811\AppData\Local\Deployment
2014-08-17 21:50 - 2014-05-27 06:43 - 00000000 ____D () C:\Users\araton7811\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-17 21:49 - 2014-04-08 14:41 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-08-17 21:20 - 2014-06-06 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-17 17:44 - 2014-08-17 17:44 - 00000017 _____ () C:\Users\araton7811\Documents\server.txt
2014-08-17 17:42 - 2014-08-17 17:42 - 02346942 _____ () C:\Users\araton7811\Desktop\TechnicLauncher.exe
2014-08-17 03:02 - 2014-08-17 03:02 - 00000000 ____D () C:\Windows\symbols
2014-08-17 03:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-17 03:01 - 2014-08-17 03:01 - 00000000 ____D () C:\ProgramData\VS
2014-08-15 15:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2014-08-15 05:17 - 2014-08-15 05:17 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2014-08-15 00:19 - 2014-06-18 20:08 - 00000000 ____D () C:\Users\araton7811\Documents\Camtasia Studio
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-14 21:21 - 2014-08-14 21:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\araton7811\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqn0epz.dll
C:\Users\araton7811\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\araton7811\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 13:17

==================== End Of Log ============================
--- --- ---


ESTE LOG:

C:\$Recycle.Bin\S-1-5-21-5743557-287084541-2253973346-1000\$R1GTJCI.exe Variante von Win32/InstallCore.QL evtl. unerwünschte Anwendung
C:\$Recycle.Bin\S-1-5-21-5743557-287084541-2253973346-1000\$R9TBP3M.exe Variante von Win32/Systweak evtl. unerwünschte Anwendung
C:\$Recycle.Bin\S-1-5-21-5743557-287084541-2253973346-1000\$R6DQNBH\TermTutorClientIE.dll Variante von Win32/AdWare.Vitruvian.D Anwendung
C:\Program Files\TermTutor\IE\TermTutorClientIE.dll Variante von Win64/Adware.Vitruvian.B Anwendung
C:\Program Files (x86)\TermTutor\Service\ttsvc.exe Variante von Win32/AdWare.Vitruvian.D Anwendung
C:\Users\araton7811\AppData\Roaming\0F1L1I1P0H1L1E1E1F\Winamp Packages\uninstaller.exe Win32/InstallCore.PC evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI29A.tmp-\Smartbar.Resources.LanguageSettings.resources.dll Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI29A.tmp-\spbl.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI29A.tmp-\sppsm.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI29A.tmp-\spusm.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI29A.tmp-\srbs.dll Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI29A.tmp-\srbu.dll Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI29A.tmp-\srptc.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI607C.tmp-\Smartbar.Resources.LanguageSettings.resources.dll Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI607C.tmp-\spbl.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI607C.tmp-\sppsm.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI607C.tmp-\spusm.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI607C.tmp-\srbs.dll Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI607C.tmp-\srbu.dll Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI607C.tmp-\srptc.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
E:\Users\Araton7811\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 Win32/AdWare.1ClickDownload.AT Anwendung
E:\Users\Araton7811\AppData\Local\Temp\OCS\ocs_v71a.exe Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung
E:\Users\Araton7811\Downloads\Jack_Ryan__Shadow_Recruit.exe Win32/AdWare.1ClickDownload.AT Anwendung
E:\Users\Araton7811\Downloads\Virtual Audio Cable - CHIP-Downloader.exe Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:43 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131