Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her

Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her


Log-Analyse und Auswertung: Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.05.2014, 10:53   #1
Nachtvogel
 
Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her - Standard

Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her


Hi,

ich habe seit einigen Wochen das Problem, dass Antivir mir einen Bitcoin-Virus anzeigt. Dieser kommt bei jedem Neustart wieder.
Pfad : D:\Nachtvogel\AppData\Local\Temp\64\wincpu.exe

FRST-Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Nachtvogel (administrator) on NACHTVOGEL-PC on 27-05-2014 11:22:16
Running from C:\Users\Nachtvogel\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CyberLink) D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink Corp.) D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
(Logitech, Inc.) D:\Programme\Logitech\SetPoint\SetPoint.exe
(CyberLink) D:\Programme\CyberLink Blue-ray\Power2Go\CLMLSvc.exe
(CyberLink Corp.) D:\Programme\CyberLink Blue-ray\PowerDVD8\PDVD8Serv.exe
() D:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(CyberLink) D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2-ui.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Mozilla Corporation) D:\Programme\Firefox\firefox.exe
(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [242192 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [MDS_Menu] => D:\Programme\CyberLink Blue-ray\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => D:\Programme\CyberLink Blue-ray\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => D:\Programme\CyberLink Blue-ray\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => D:\Programme\CyberLink Blue-ray\PowerDVD8\PDVD8Serv.exe [91432 2009-07-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => D:\Programme\CyberLink Blue-ray\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2009-08-28] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => D:\Programme\CyberLink Blue-ray\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => D:\Programme\CyberLink Blue-ray\lgfw.exe [27760 2012-07-19] (Bitleader)
HKLM-x32\...\Run: [UpdatePSTShortCut] => D:\Programme\CyberLink Blue-ray\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2009-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544 2012-01-02] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => D:\Programme\Power DVD 12\PowerDVD12\PowerDVD12Agent.exe [371256 2012-01-12] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-08-29] ()
HKLM-x32\...\Run: [DivXMediaServer] => D:\Programme\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programme\Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2030750677-1802131579-802186434-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2030750677-1802131579-802186434-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Nachtvogel\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-2030750677-1802131579-802186434-1000\...\Run: [wm] => C:\Users\Nachtvogel\AppData\Local\Temp\wm.exe [5890048 2014-05-02] () <===== ATTENTION
HKU\S-1-5-21-2030750677-1802131579-802186434-1000\...\MountPoints2: {977326df-45fa-11e1-95c4-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-2030750677-1802131579-802186434-1000\...\MountPoints2: {b8ad4338-6ec4-11e2-987f-1c6f65902373} - F:\Autorun.exe
AppInit_DLLs-x32:  => "" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
ShortcutTarget: Logitech Desktop Messenger.lnk -> D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> D:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=DE&userid=013841a3-b93f-8979-ab53-df9f35dcb66b&searchtype=ds&q={searchTerms}&installDate=06/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=DE&userid=013841a3-b93f-8979-ab53-df9f35dcb66b&searchtype=hp&installDate=06/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFBA0331310DACC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=DE&userid=013841a3-b93f-8979-ab53-df9f35dcb66b&searchtype=ds&q={searchTerms}&installDate=06/11/2013
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=DE&userid=013841a3-b93f-8979-ab53-df9f35dcb66b&searchtype=ds&q={searchTerms}&installDate=06/11/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=DE&userid=013841a3-b93f-8979-ab53-df9f35dcb66b&searchtype=ds&q={searchTerms}&installDate=06/11/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=DE&userid=013841a3-b93f-8979-ab53-df9f35dcb66b&searchtype=ds&q={searchTerms}&installDate=06/11/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=DE&userid=013841a3-b93f-8979-ab53-df9f35dcb66b&searchtype=ds&q={searchTerms}&installDate=06/11/2013
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=152
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -  No File
Handler-x32: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nachtvogel\AppData\Roaming\Mozilla\Firefox\Profiles\2xi08m41.default
FF NewTab: about:blank
FF Homepage: hxxp://www.spox.com/de/index.html
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - D:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - D:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Nachtvogel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\Nachtvogel\AppData\Roaming\Mozilla\Firefox\Profiles\2xi08m41.default\user.js
FF Extension: Adblock Plus - C:\Users\Nachtvogel\AppData\Roaming\Mozilla\Firefox\Profiles\2xi08m41.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-23]
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CLHNServiceForPowerDVD12; D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)
S3 DAUpdaterSvc; D:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 Hamachi2Svc; D:\Programme\Hamachi\hamachi-2.exe [2228048 2014-05-13] (LogMeIn Inc.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-03] ()
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2009-07-02] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-01-23] ()
R1 ISODrive; D:\Programme\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 ntk_PowerDVD12; D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-08-27] (Samsung Electronics)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; D:\Programme\Power DVD 12\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-01-11] (CyberLink Corp.)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; D:\Programme\CyberLink Blue-ray\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-27 11:22 - 2014-05-27 11:23 - 00018509 _____ () C:\Users\Nachtvogel\Desktop\FRST.txt
2014-05-27 11:21 - 2014-05-27 11:21 - 00380416 _____ () C:\Users\Nachtvogel\Desktop\Gmer-19357.exe
2014-05-27 11:10 - 2014-05-27 11:22 - 00000000 ____D () C:\FRST
2014-05-27 11:08 - 2014-05-27 11:08 - 02066944 _____ (Farbar) C:\Users\Nachtvogel\Desktop\FRST64.exe
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Local\NVIDIA Corporation
2014-05-26 18:50 - 2014-04-30 20:27 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-26 18:50 - 2014-04-30 20:26 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-26 18:49 - 2014-05-26 18:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-26 18:49 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-26 18:47 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-26 18:47 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-05-26 18:47 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-26 18:47 - 2014-05-20 04:44 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-05-26 18:46 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-26 18:46 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-05-26 18:46 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-26 17:56 - 2014-05-26 18:11 - 333878864 _____ (NVIDIA Corporation) C:\Users\Nachtvogel\Downloads\337.88-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-05-25 16:49 - 2014-05-26 18:49 - 00000294 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-05-25 16:49 - 2014-05-25 16:49 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL
2014-05-25 16:48 - 2014-05-27 10:52 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder
2014-05-25 16:48 - 2014-05-26 10:58 - 00000302 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-05-25 16:48 - 2014-05-26 10:58 - 00000286 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-05-25 16:48 - 2014-05-25 16:48 - 00003062 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-05-25 16:48 - 2014-05-25 16:48 - 00003048 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-05-25 16:48 - 2014-05-25 16:48 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\dll-files.com
2014-05-25 16:48 - 2014-05-25 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-05-25 16:48 - 2014-05-25 16:48 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-05-25 16:48 - 2014-02-13 17:56 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2014-05-15 02:23 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 02:23 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 02:23 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 02:23 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 02:23 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 02:23 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:37 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 16:37 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 16:37 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 16:37 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 16:37 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 16:37 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 16:37 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 16:37 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 16:37 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 16:37 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 16:37 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 16:37 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 16:37 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 16:37 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 16:37 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 16:37 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 16:37 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 16:37 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 16:37 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 16:37 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 16:37 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 16:37 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 16:37 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 16:37 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 16:37 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 16:37 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 16:37 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 16:37 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 16:37 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 16:37 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 16:37 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 16:37 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 16:37 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 16:37 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 16:27 - 2014-05-14 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-06 08:36 - 2014-05-15 12:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 22:33 - 2014-04-18 17:33 - 03692032 _____ () C:\Users\Nachtvogel\Desktop\Wasteland 2 beta Build 39052 Trainer +6 MrAntiFun.EXE
2014-05-05 22:22 - 2014-05-05 22:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-04 22:25 - 2014-05-11 03:50 - 00021157 _____ () C:\Users\Nachtvogel\Desktop\Abschied.odt
2014-04-29 02:02 - 2014-05-26 18:50 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Local\NVIDIA
2014-04-28 13:38 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-28 13:38 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-28 13:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-28 13:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-28 13:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-28 13:38 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-28 13:38 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-28 13:38 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-28 13:37 - 2014-04-28 13:37 - 00000000 ____D () C:\Windows\erdnt
2014-04-28 00:28 - 2014-04-28 00:28 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\Curse Advertising
2014-04-28 00:25 - 2014-04-28 00:25 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\Curse
2014-04-28 00:24 - 2014-05-01 18:18 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Local\WM
2014-04-28 00:23 - 2014-04-28 00:24 - 00000000 ____D () C:\wm

==================== One Month Modified Files and Folders =======

2014-05-27 11:23 - 2014-05-27 11:22 - 00018509 _____ () C:\Users\Nachtvogel\Desktop\FRST.txt
2014-05-27 11:22 - 2014-05-27 11:10 - 00000000 ____D () C:\FRST
2014-05-27 11:21 - 2014-05-27 11:21 - 00380416 _____ () C:\Users\Nachtvogel\Desktop\Gmer-19357.exe
2014-05-27 11:11 - 2012-03-29 17:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 11:08 - 2014-05-27 11:08 - 02066944 _____ (Farbar) C:\Users\Nachtvogel\Desktop\FRST64.exe
2014-05-27 10:54 - 2009-07-14 06:45 - 00014608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 10:54 - 2009-07-14 06:45 - 00014608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 10:52 - 2014-05-25 16:48 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder
2014-05-27 10:51 - 2012-01-23 21:46 - 01108947 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 10:50 - 2013-11-14 15:34 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Local\LogMeIn Hamachi
2014-05-27 10:50 - 2012-01-23 22:08 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2014-05-27 10:46 - 2012-01-23 22:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-27 10:46 - 2012-01-23 22:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-05-27 10:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 10:46 - 2009-07-14 06:51 - 00123169 _____ () C:\Windows\setupact.log
2014-05-27 01:53 - 2012-03-01 22:35 - 00000000 ____D () C:\Users\Nachtvogel\Documents\My Games
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Local\NVIDIA Corporation
2014-05-26 18:50 - 2014-04-29 02:02 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Local\NVIDIA
2014-05-26 18:50 - 2012-01-23 22:27 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-26 18:50 - 2012-01-23 22:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-26 18:50 - 2012-01-23 22:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-26 18:49 - 2014-05-26 18:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-26 18:49 - 2014-05-25 16:49 - 00000294 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-05-26 18:49 - 2012-05-22 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-26 18:11 - 2014-05-26 17:56 - 333878864 _____ (NVIDIA Corporation) C:\Users\Nachtvogel\Downloads\337.88-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-05-26 10:58 - 2014-05-25 16:48 - 00000302 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-05-26 10:58 - 2014-05-25 16:48 - 00000286 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-05-25 16:49 - 2014-05-25 16:49 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL
2014-05-25 16:48 - 2014-05-25 16:48 - 00003062 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-05-25 16:48 - 2014-05-25 16:48 - 00003048 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-05-25 16:48 - 2014-05-25 16:48 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\dll-files.com
2014-05-25 16:48 - 2014-05-25 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-05-25 16:48 - 2014-05-25 16:48 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-05-24 19:27 - 2014-03-15 15:13 - 00022570 _____ () C:\Users\Nachtvogel\Desktop\Honvad Budapest Spielerentwicklung.ods
2014-05-20 04:44 - 2014-05-26 18:47 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-26 18:47 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-05-20 04:44 - 2014-05-26 18:47 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-05-26 18:47 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-05-20 04:44 - 2013-03-27 15:39 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2013-03-27 15:39 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2012-05-22 18:12 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-05-20 04:44 - 2012-05-22 18:12 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2012-01-23 22:27 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 04:44 - 2010-07-10 00:38 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2010-07-10 00:38 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 03:25 - 2010-07-09 17:17 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2010-07-09 17:17 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2010-07-09 17:17 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2010-07-09 17:17 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2010-07-09 17:17 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2010-07-09 17:17 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-26 18:49 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-19 23:41 - 2012-12-29 20:53 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\Skype
2014-05-15 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 12:09 - 2012-01-23 21:53 - 00000000 ___RD () C:\Users\Nachtvogel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:09 - 2012-01-23 21:53 - 00000000 ___RD () C:\Users\Nachtvogel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 12:06 - 2014-05-06 08:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 02:22 - 2013-08-15 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 02:21 - 2012-01-24 00:30 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 01:49 - 2012-05-22 18:13 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-14 16:27 - 2014-05-14 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-13 21:16 - 2012-03-29 17:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:16 - 2012-03-29 17:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 21:16 - 2012-01-24 22:43 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-11 03:50 - 2014-05-04 22:25 - 00021157 _____ () C:\Users\Nachtvogel\Desktop\Abschied.odt
2014-05-09 08:14 - 2014-05-14 16:37 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 16:37 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 23:56 - 2012-01-23 22:34 - 00000000 ____D () C:\ProgramData\DivX
2014-05-06 06:40 - 2014-05-15 02:23 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 02:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 02:23 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 02:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 02:23 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 02:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 22:22 - 2014-05-05 22:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-04 07:33 - 2012-01-23 22:12 - 00000341 _____ () C:\Windows\lgfwup.ini
2014-05-03 12:13 - 2014-02-17 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-05-01 18:18 - 2014-04-28 00:24 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Local\WM
2014-04-30 20:27 - 2014-05-26 18:50 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-30 20:26 - 2014-05-26 18:50 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-29 02:08 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-04-29 02:08 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-04-29 02:08 - 2009-07-14 07:13 - 00905710 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 02:01 - 2012-01-23 22:22 - 00355974 _____ () C:\Windows\PFRO.log
2014-04-28 13:37 - 2014-04-28 13:37 - 00000000 ____D () C:\Windows\erdnt
2014-04-28 00:28 - 2014-04-28 00:28 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\Curse Advertising
2014-04-28 00:25 - 2014-04-28 00:25 - 00000000 ____D () C:\Users\Nachtvogel\AppData\Roaming\Curse
2014-04-28 00:24 - 2014-04-28 00:23 - 00000000 ____D () C:\wm

Files to move or delete:
====================
C:\Users\Nachtvogel\AppData\Local\Temp\wm.exe


Some content of TEMP:
====================
C:\Users\Angmar\AppData\Local\Temp\AskSLib.dll
C:\Users\Angmar\AppData\Local\Temp\COMAP.EXE
C:\Users\Angmar\AppData\Local\Temp\DivXSetup.exe
C:\Users\Angmar\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Angmar\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Angmar\AppData\Local\Temp\Gw2.exe
C:\Users\Angmar\AppData\Local\Temp\i4jdel0.exe
C:\Users\Angmar\AppData\Local\Temp\Nexus%20Mod%20Manager-0.31.2.exe
C:\Users\Angmar\AppData\Local\Temp\uninstaller-2144.exe
C:\Users\Angmar\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Nachtvogel\AppData\Local\Temp\avgnt.exe
C:\Users\Nachtvogel\AppData\Local\Temp\DivXSetup.exe
C:\Users\Nachtvogel\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Nachtvogel\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\Nachtvogel\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Nachtvogel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Nachtvogel\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Nachtvogel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Nachtvogel\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Nachtvogel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Nachtvogel\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Nachtvogel\AppData\Local\Temp\nvStInst.exe
C:\Users\Nachtvogel\AppData\Local\Temp\rootsupd.exe
C:\Users\Nachtvogel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nachtvogel\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Nachtvogel\AppData\Local\Temp\uninst1.exe
C:\Users\Nachtvogel\AppData\Local\Temp\wm.exe
C:\Users\Nachtvogel\AppData\Local\Temp\_is2895.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 00:38

==================== End Of Log ============================
------

Addition-File:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Nachtvogel at 2014-05-27 11:23:30
Running from C:\Users\Nachtvogel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ActiveState ActivePython 2.7.5.6 (32-bit) (HKLM-x32\...\{4D22D7B3-AF9C-424C-B6AF-E88D2365A127}) (Version: 2.7.6 - ActiveState Software Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8900 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.2.8900 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ArtMoney SE v7.40 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.40 - System SoftLab)
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Baldur's Gate (HKLM-x32\...\Baldur's Gate) (Version:  - )
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\Steam App 257350) (Version:  - Beamdog)
Baldurs Gate(TM) II - Thron des Bhaal (TM) (HKLM-x32\...\{5B09F344-4406-11D5-96E8-0050BA84F5F7}) (Version:  - )
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BattlEye (A2Free) Uninstall (HKLM-x32\...\BattlEye A2 Free) (Version:  - )
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version:  - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.2806 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3102 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3102 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3224 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3224 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1312.54 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1312.54 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3228 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.3228 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1520 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.1.1520 - CyberLink Corp.) Hidden
DayZ Commander (HKLM-x32\...\{E913F678-7BAC-4C3D-A8ED-C19E13D3BAD0}) (Version: 0.9.80 - Dotjosh Studios)
DC Universe Online Live (HKCU\...\SOE-DC Universe Online Live PSG) (Version:  - Sony Online Entertainment)
DC Universe Online Live (HKCU\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.48.5 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Katy Perry Süße Welt (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Divinity II - Ego Draconis (HKLM-x32\...\Divinity II - Ego Draconis_is1) (Version:  - dtp)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05 - Electronic Arts, Inc.)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 1.2.1241.10 - Infernum Productions AG)
Drakensang (HKLM-x32\...\Drakensang_is1) (Version:  - dtp)
EA Installer (HKLM-x32\...\EA Installer.-183224887) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Easy Tune 6 B10.0521.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0521.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
erLT (x32 Version: 1.12.0117 - Logitech, Inc.) Hidden
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Fallout 2 (HKLM-x32\...\Fallout 2) (Version:  - )
Fallout 2 (HKLM-x32\...\Fallout 2_is1) (Version:  - GOG.com)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FMRTE 13.3.3.62 (HKLM\...\{13416834-B10B-4DD4-8213-C8D66A157D7E}_is1) (Version: 13.3.3.62 - Raul Bravo)
FO2 Restoration Project 2.3.2 (HKLM-x32\...\Fallout 2 Restoration Project_is1) (Version:  - killap)
Football Manager 2013 (HKLM-x32\...\Steam App 207890) (Version:  - Sports Interactive)
Football Manager 2013 Editor (HKLM-x32\...\Steam App 220600) (Version:  - Sports Interactive)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.5.114 - Foxit Corporation)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.3.0 - Electronic Arts)
Game of Thrones Version 1.4.2.0 (HKLM-x32\...\AGOT_is1) (Version: 1.4.2.0 - Cyanide)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
GUILD WARS (HKLM-x32\...\Guild Wars) (Version:  - )
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - )
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KhalInstallWrapper (Version: 4.60.122 - Logitech) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Logitech Desktop Messenger (HKLM-x32\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.56.102 - Logitech, Inc.)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4E70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
MegaTrainer eXperience V1.2.1.8 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy ds3 driver version 0.5.0002 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0002 - www.motioninjoy.com)
Mozilla Firefox 29.0.1 (x86 de) (HKCU\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Firefox 9.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 9.0.1 (x86 de)) (Version: 9.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.17.0 - NEC Electronics Corporation) Hidden
Neverwinter (HKLM-x32\...\Neverwinter) (Version:  - Cryptic Studios)
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.31.2 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PDF Blender (HKLM-x32\...\PDF Blender) (Version:  - )
Play withSIX (HKLM-x32\...\{8E634921-4547-4CA9-AF79-08B735431C12}) (Version: 1.00.0096 - SIX Networks)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - Square Enix)
Smart 6 B10.0422.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Wartung Samsung ML-2525W Series (HKLM-x32\...\Samsung ML-2525W Series) (Version:  - Samsung Electronics CO.,LTD)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
X-COM: Apocalypse (HKLM-x32\...\Steam App 7660) (Version:  - MicroProse Software, Inc)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - )

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08849517-777D-4C90-9D7A-A0BA24F0C82F} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {30C31C62-D27C-454C-8CCC-09BACE6D9320} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl
Task: {6058E528-5261-4521-B7DE-87EEE4BD3F03} - System32\Tasks\{89E67290-AA7B-4FAE-BD61-B155609C58A0} => D:\Spiele\Fallout2\fallout2.exe
Task: {7EB0470E-150E-4646-BB5A-C7E9A712A832} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {7F521955-1A20-4C0D-AC79-58B3EA43AD01} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {9627E88C-B5A6-4CEE-BEE3-9C039451F0DB} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1
Task: {A5507623-7E63-458B-BC65-CA1265D8D6A2} - System32\Tasks\{9BAA2407-91B0-44D4-A7D8-6AB61BC65566} => D:\Spiele\Fallout2\fallout2.exe
Task: {C6DD8C85-FF88-4238-8740-53D32DBD24E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {CCA52F8D-5FB8-4BBF-9FF7-F5F985776134} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {F3970FD4-3B86-4036-88E3-23438C34223F} - System32\Tasks\{0C0411B5-C616-4A73-B77C-340C6F53DD7D} => D:\Spiele\Age of Empires II\age2_x1\age2_x1.exe [2000-08-08] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

==================== Loaded Modules (whitelisted) =============

2011-06-22 09:48 - 2011-06-22 09:48 - 00034304 _____ () C:\Windows\System32\ssp6ml6.dll
2012-02-01 23:58 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-23 22:21 - 2009-06-17 17:13 - 00068136 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2012-01-23 22:18 - 2010-01-19 04:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2012-12-03 19:13 - 2012-12-03 19:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-01-23 22:08 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2012-01-23 23:40 - 2012-01-09 20:44 - 00193536 _____ () D:\Programme\WinRar\rarext64.dll
2012-01-23 21:57 - 2008-05-02 05:00 - 00077824 _____ () D:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
2013-08-07 15:17 - 2009-08-29 05:37 - 00614400 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-08-07 15:17 - 2009-07-17 00:24 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2013-03-27 15:55 - 2013-01-25 10:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-01-23 22:21 - 2009-05-04 18:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2012-01-23 21:59 - 2012-01-23 21:59 - 00064664 _____ () D:\Programme\Logitech\Desktop Messenger\8876480\8.1.1.87-8876480SL\Program\clntutil.dll
2009-06-03 21:59 - 2009-06-03 21:59 - 00619816 ____N () D:\Programme\CyberLink Blue-ray\Power2Go\CLMediaLibrary.dll
2009-06-03 21:59 - 2009-06-03 21:59 - 00013096 ____N () D:\Programme\CyberLink Blue-ray\Power2Go\CLMLSvcPS.dll
2012-07-18 23:55 - 2012-01-02 04:21 - 00374056 _____ () D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-10 04:47 - 2014-05-10 04:47 - 03839088 _____ () D:\Programme\Firefox\mozjs.dll
2014-05-13 21:16 - 2014-05-13 21:16 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/27/2014 01:53:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dosbox.exe, Version: 0.72.0.0, Zeitstempel: 0x46d1bcb8
Name des fehlerhaften Moduls: dosbox.exe, Version: 0.72.0.0, Zeitstempel: 0x46d1bcb8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000df0e2
ID des fehlerhaften Prozesses: 0x15a4
Startzeit der fehlerhaften Anwendung: 0xdosbox.exe0
Pfad der fehlerhaften Anwendung: dosbox.exe1
Pfad des fehlerhaften Moduls: dosbox.exe2
Berichtskennung: dosbox.exe3

Error: (05/26/2014 05:05:20 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (05/26/2014 05:04:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (05/26/2014 05:04:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (05/26/2014 05:02:27 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/24/2014 11:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fm.exe, Version: 13.3.3.31972, Zeitstempel: 0x514c8b4d
Name des fehlerhaften Moduls: fm.exe, Version: 13.3.3.31972, Zeitstempel: 0x514c8b4d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014dbcc0
ID des fehlerhaften Prozesses: 0x1170
Startzeit der fehlerhaften Anwendung: 0xfm.exe0
Pfad der fehlerhaften Anwendung: fm.exe1
Pfad des fehlerhaften Moduls: fm.exe2
Berichtskennung: fm.exe3

Error: (05/24/2014 10:15:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fm.exe, Version: 13.3.3.31972, Zeitstempel: 0x514c8b4d
Name des fehlerhaften Moduls: fm.exe, Version: 13.3.3.31972, Zeitstempel: 0x514c8b4d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014dbcc0
ID des fehlerhaften Prozesses: 0x9f0
Startzeit der fehlerhaften Anwendung: 0xfm.exe0
Pfad der fehlerhaften Anwendung: fm.exe1
Pfad des fehlerhaften Moduls: fm.exe2
Berichtskennung: fm.exe3

Error: (05/24/2014 01:50:38 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (05/24/2014 01:50:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (05/24/2014 01:50:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (05/27/2014 10:46:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/27/2014 10:46:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/27/2014 02:15:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/27/2014 02:15:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (05/27/2014 02:14:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/27/2014 02:14:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/27/2014 02:14:08 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎27.‎05.‎2014 um 02:12:35 unerwartet heruntergefahren.

Error: (05/26/2014 11:01:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/26/2014 11:01:04 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/26/2014 10:58:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (05/27/2014 01:53:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dosbox.exe0.72.0.046d1bcb8dosbox.exe0.72.0.046d1bcb8c0000005000df0e215a401cf7936c20c25eeD:\Programme\Steam\steamapps\common\XCom Apocalypse\dosbox.exeD:\Programme\Steam\steamapps\common\XCom Apocalypse\dosbox.exede1f297d-e530-11e3-a9f2-1c6f65902373

Error: (05/26/2014 05:05:20 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: d:\Spiele\fußball manager 2012\MsiCofire.dlld:\Spiele\fußball manager 2012\MsiCofire.dll2

Error: (05/26/2014 05:04:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestd:\Spiele\enemy territory - quake wars\lite server\serverlauncher.exe

Error: (05/26/2014 05:04:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestd:\Spiele\enemy territory - quake wars\serverlauncher.exe

Error: (05/26/2014 05:02:27 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/24/2014 11:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fm.exe13.3.3.31972514c8b4dfm.exe13.3.3.31972514c8b4dc0000005014dbcc0117001cf77911209a183D:\Programme\Steam\steamapps\common\Football Manager 2013\fm.exeD:\Programme\Steam\steamapps\common\Football Manager 2013\fm.exee66e0d66-e38a-11e3-98f2-1c6f65902373

Error: (05/24/2014 10:15:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fm.exe13.3.3.31972514c8b4dfm.exe13.3.3.31972514c8b4dc0000005014dbcc09f001cf776394ef1fdbD:\Programme\Steam\steamapps\common\Football Manager 2013\fm.exeD:\Programme\Steam\steamapps\common\Football Manager 2013\fm.exe215d2802-e380-11e3-98f2-1c6f65902373

Error: (05/24/2014 01:50:38 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: d:\Spiele\fußball manager 2012\MsiCofire.dlld:\Spiele\fußball manager 2012\MsiCofire.dll2

Error: (05/24/2014 01:50:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestd:\Spiele\enemy territory - quake wars\lite server\serverlauncher.exe

Error: (05/24/2014 01:50:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestd:\Spiele\enemy territory - quake wars\serverlauncher.exe


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8183.43 MB
Available physical RAM: 5963.16 MB
Total Pagefile: 16365.04 MB
Available Pagefile: 14048.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:76.07 GB) (Free:20.43 GB) NTFS
Drive d: () (Fixed) (Total:1786.84 GB) (Free:1217.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 82334871)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=76 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-280416485376) - (Type=07 NTFS)

==================== End Of Log ============================
------

Gmer-File:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-27 11:36:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Scsi\JRAID1Port0Path0Target0Lun0 SAMSUNG_ rev.A11Q 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\NACHTV~1\AppData\Local\Temp\axtyauoc.sys


---- User code sections - GMER 2.1 ----

.text    D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                 0000000075b61465 2 bytes [B6, 75]
.text    D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2016] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                            00000000719a1a22 2 bytes [9A, 71]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2016] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                            00000000719a1ad0 2 bytes [9A, 71]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2016] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                            00000000719a1b08 2 bytes [9A, 71]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2016] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                            00000000719a1bba 2 bytes [9A, 71]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2016] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                            00000000719a1bda 2 bytes [9A, 71]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                     0000000075b61465 2 bytes [B6, 75]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                    0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe[1220] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                   0000000075b61465 2 bytes [B6, 75]
.text    C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe[1220] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                  0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                  0000000075b61465 2 bytes [B6, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                 0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2
.text    D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3368] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                 0000000075b61465 2 bytes [B6, 75]
.text    D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3368] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2
.text    D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4084] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                         00000000763b8791 5 bytes JMP 000000016e221000
.text    D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                              0000000075b61465 2 bytes [B6, 75]
.text    D:\Programme\Power DVD 12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                             0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                               0000000075b61465 2 bytes [B6, 75]
.text    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                              0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2
.text    D:\Programme\Hamachi\hamachi-2-ui.exe[1556] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 69                                                                                                0000000075b61465 2 bytes [B6, 75]
.text    D:\Programme\Hamachi\hamachi-2-ui.exe[1556] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 155                                                                                               0000000075b614bb 2 bytes [B6, 75]
.text    ...                                                                                                                                                                                                * 2

---- Threads - GMER 2.1 ----

Thread   C:\Windows\SysWOW64\ntdll.dll [616:516]                                                                                                                                                            00000000010e53d3
Thread   C:\Windows\SysWOW64\ntdll.dll [616:4208]                                                                                                                                                           00000000741bb89c
Thread   C:\Windows\SysWOW64\ntdll.dll [616:4212]                                                                                                                                                           00000000741bbaf3
Thread   C:\Windows\SysWOW64\ntdll.dll [616:4216]                                                                                                                                                           00000000741bb3c2
Thread   C:\Windows\SysWOW64\ntdll.dll [616:4220]                                                                                                                                                           000000006f14786a
---- Processes - GMER 2.1 ----

Library  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63DFF175-5358-4FD9-88D8-ABFF97F3F453}\offreg.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [1788](2014-05-27 08:49:58)  000007fef1aa0000

---- EOF - GMER 2.1 ----
Danke schon mal im Voraus

MfG

Nachtvogel

 

Themen zu Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her
adobe, amplitude, antivir, antivirus, association, avira, defender, explorer, firefox, flash player, home, homepage, mozilla, newtab, problem, realtek, registry, rundll, scan, secur, security, services.exe, software, super, svchost.exe, system, temp, usb, vcredist, windows


« Interpol Trojaner auf Windows 7 64 bit Rechner, Abgesicherter Modus geht nicht | Windows 7: Avira wird blockiert »


Ähnliche Themen: Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her


  1. Proxy stellt sich immer auf 127.0.0.1:9880 nach hijack durch websearches
    Log-Analyse und Auswertung - 08.11.2014 (11)
  2. Virus lässt sich nur kurzzeitig entfernen! Gebläse ist nach dem Neustart wieder laut.
    Plagegeister aller Art und deren Bekämpfung - 22.05.2014 (20)
  3. Bitcoin Virus, wincpu.exe stellt sich immer wieder her : Benutzer/appdata/local/temp/64
    Plagegeister aller Art und deren Bekämpfung - 07.05.2014 (11)
  4. Hilfe ! Iminent kann nicht gelöscht werden und stellt sich immer wieder als Startseite ein
    Plagegeister aller Art und deren Bekämpfung - 28.10.2013 (11)
  5. Bitcoin Miner in svhost.exe erscheint nach Neustart wieder
    Plagegeister aller Art und deren Bekämpfung - 12.09.2013 (27)
  6. Viren erscheint nach Neustart immer wieder (setup.....)
    Plagegeister aller Art und deren Bekämpfung - 21.05.2011 (41)
  7. Virus bildet sich immer wieder neu! Was tun?
    Log-Analyse und Auswertung - 10.11.2010 (3)
  8. Virus Win 32: Kates-CX stellt sich nach Beseitigung sofort wieder her!
    Plagegeister aller Art und deren Bekämpfung - 30.09.2010 (23)
  9. Farbschema ? stellt sich nicht wieder zurück...
    Alles rund um Windows - 05.09.2010 (1)
  10. Virus der sich immer wieder installiert!
    Antiviren-, Firewall- und andere Schutzprogramme - 28.05.2010 (10)
  11. schlimmer virus, explorer öffnet sich immer wieder...
    Log-Analyse und Auswertung - 31.03.2010 (8)
  12. Immer wieder PC Neustart
    Log-Analyse und Auswertung - 13.08.2009 (16)
  13. [Hilfe]Tronajer kommt nach neustart immer wieder!
    Log-Analyse und Auswertung - 15.04.2009 (0)
  14. Bei mir kommt Bluescreen und danach Neustart immer wieder
    Alles rund um Windows - 02.02.2009 (3)
  15. Laptop stellt sich selbst aus und fährt wieder hoch
    Netzwerk und Hardware - 21.10.2008 (8)
  16. Virus stellt sich immer wieder her und verdopplet sich!!!
    Mülltonne - 12.09.2008 (0)
  17. immer wieder PC-Neustart, bin ratlos - bitte um Hilfe
    Alles rund um Windows - 13.11.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her - Hi, ich habe seit einigen Wochen das Problem, dass Antivir mir einen Bitcoin-Virus anzeigt. Dieser kommt bei jedem Neustart wieder. Pfad : D:\Nachtvogel\AppData\Local\Temp\64\wincpu.exe FRST-Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan - Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her...
Archiv
Du betrachtest: Bitcoin-Virus, wincpu.exe, stellt sich bei Neustart immer wieder neu her auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131