![]() |
Log-Analyse und Auswertung: Windows 7: Yahoo schickt Spam Mails an KontakteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
| ![]() Windows 7: Yahoo schickt Spam Mails an Kontakte Schönen guten Morgen, ich habe gestern von mehreren Bekannten die Rückmeldung bekommen, dass in meinem Namen von meiner Yahoo Emailadresse Spam Mails verschickt wurden. Ich habe mich dann informiert, wie bei vielen anderen ist es auch bei mir so, dass die Spam Mails von einer .com Adresse kamen, während meine richtige Adresse auf .de endet. Die Emails selber konnte ich nicht finden, weder im Spam-, noch im Gesendt-Ordner. Ich gehe mittlerweile davon aus, dass das Problem bei Yahoo liegt und nicht bei mir, gleichzeitig möchte ich natürlich aber auch kein Riskio eingehen und meinen Computer einmal auf Malware checken. Nicht, dass da doch irgendwas auf meinem Pc rumlungert. Der "Avira Free Antivirus" Check lief über Nacht, hat allerdings nichts gefunden. Ich hoffe, da bin ich in diesem Forum an der richtigen Stelle. Hier sind die gewünschten Log Dateien: defogger disable Code:
ATTFilter defogger_disable by jpshortstuff ( Log created at 10:07 on 17/06/2014 (Max) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014 Ran by Max (administrator) on OLIVE on 17-06-2014 10:09:27 Running from C:\Users\Max\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) D:\Steam\Steam.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-04] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKU\S-1-5-21-2192115406-1684612754-3875215466-1000\...\Run: [Steam] => D:\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation) HKU\S-1-5-21-2192115406-1684612754-3875215466-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-07-30] () HKU\S-1-5-21-2192115406-1684612754-3875215466-1000\...\Run: [Facebook Update] => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.) HKU\S-1-5-21-2192115406-1684612754-3875215466-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-2192115406-1684612754-3875215466-1000\...\Run: [Google Update] => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-25] (Google Inc.) HKU\S-1-5-21-2192115406-1684612754-3875215466-1000\...\MountPoints2: {7c542891-b606-11e0-a6b1-806e6f6e6963} - F:\pushinst.exe HKU\S-1-5-21-2192115406-1684612754-3875215466-1000\...\MountPoints2: {d86c4198-8778-11e1-93f2-001a4f49a0af} - F:\LaunchU3.exe -a Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.youtube.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB839DAD17288CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\coqo611c.default FF Homepage: about:home FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\Max\\AppData\\Local\\Temp\\proxtube.pac" FF NetworkProxy: "ftp", "" FF NetworkProxy: "ftp_port", 3128 FF NetworkProxy: "http", "" FF NetworkProxy: "http_port", 3128 FF NetworkProxy: "no_proxies_on", "localhost,, stealthy.co" FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "" FF NetworkProxy: "socks_port", 3128 FF NetworkProxy: "ssl", "" FF NetworkProxy: "ssl_port", 3128 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Max\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Max\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Max\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Max\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Max\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Max\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF Extension: ProxTube - Unblock YouTube - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\coqo611c.default\Extensions\ich@maltegoetz.de [2012-09-11] FF Extension: Stealthy - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\coqo611c.default\Extensions\stealthyextension@gmail.com.xpi [2013-03-07] FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\coqo611c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-24] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-29] FF Extension: Java Link Helper - C:\Users\Max\AppData\Roaming\13001.033 [2012-08-01] FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Max\AppData\Roaming\13001.033 FF Extension: Java Link Helper - C:\Users\Max\AppData\Roaming\13001.033 [2012-08-01] Chrome: ======= CHR HomePage: hxxp://home.sweetim.com/?st=11&barid={8539F7C3-9060-11E1-A9E1-082E5F09CA93} CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-25] CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-25] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-05] CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-25] CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-25] CHR Extension: (BonanzaDeals) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj [2014-04-25] CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-25] CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-25] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-04] (Avira Operations GmbH & Co. KG) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed] S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-10-19] (BitRaider, LLC) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-15] () ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin) S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-10-19] (BitRaider) S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-17 10:09 - 2014-06-17 10:10 - 00015386 _____ () C:\Users\Max\Downloads\FRST.txt 2014-06-17 10:09 - 2014-06-17 10:09 - 00000000 ____D () C:\FRST 2014-06-17 10:08 - 2014-06-17 10:08 - 02081280 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe 2014-06-17 10:07 - 2014-06-17 10:07 - 00000468 _____ () C:\Users\Max\Desktop\defogger_disable.log 2014-06-17 10:07 - 2014-06-17 10:07 - 00000000 _____ () C:\Users\Max\defogger_reenable 2014-06-17 10:05 - 2014-06-17 10:05 - 00050477 _____ () C:\Users\Max\Desktop\Defogger.exe 2014-06-15 16:05 - 2014-06-15 16:21 - 00000000 ____D () C:\Users\Max\Documents\BFH.Beta 2014-06-15 16:02 - 2014-06-15 16:02 - 00001139 _____ () C:\Users\Public\Desktop\Battlefield Hardline Beta.lnk 2014-06-15 16:02 - 2014-06-15 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta 2014-06-11 22:40 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 22:40 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 22:40 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 22:40 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 22:40 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 22:40 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 22:40 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 22:40 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 22:40 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 22:40 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 22:40 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 22:40 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 22:40 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 22:40 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 22:40 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 22:40 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 22:40 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 22:40 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 22:40 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 22:40 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 22:40 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 22:40 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 22:40 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 22:40 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 22:40 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 22:40 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 22:40 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 22:40 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 22:40 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 22:40 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 22:40 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 22:40 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 22:40 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 22:40 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 22:40 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 22:40 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 22:40 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 22:40 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 22:40 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 22:40 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 22:40 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 22:40 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 22:40 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 22:40 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 22:40 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 22:40 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 22:40 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 22:40 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 22:40 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 22:40 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 22:40 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 22:40 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 22:40 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 22:40 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 22:40 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 22:40 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 22:40 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 22:40 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 22:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 22:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 22:40 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 22:40 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 22:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 22:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 22:40 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-06-10 13:27 - 2014-06-10 13:27 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-06-10 13:27 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-06-10 13:25 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-06-10 13:25 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-06-10 13:25 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-06-10 13:18 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-06-10 13:18 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-06-10 13:18 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-06-10 13:18 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-06-05 15:38 - 2014-06-05 15:38 - 00000201 _____ () C:\Users\Max\Desktop\Sniper Elite V2.url 2014-06-02 14:28 - 2014-06-02 14:29 - 00000000 ____D () C:\Users\Max\Documents\Battlefield 3 2014-06-02 14:28 - 2014-06-02 14:28 - 00000000 ____D () C:\Users\Max\AppData\Local\ESN 2014-06-02 14:28 - 2014-06-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-06-02 14:27 - 2014-06-02 14:27 - 02247960 _____ () C:\Users\Max\Downloads\battlelog-web-plugins_2.4.0_141.exe 2014-06-02 13:59 - 2014-06-02 13:59 - 00001174 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk 2014-06-02 13:59 - 2014-06-02 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 2014-06-02 12:37 - 2014-06-02 12:37 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-02 12:35 - 2014-06-02 12:35 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-02 12:35 - 2014-06-02 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-30 18:15 - 2014-06-02 21:41 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-30 18:15 - 2014-05-30 18:15 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype 2014-05-30 18:15 - 2014-05-30 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-29 17:43 - 2014-05-29 17:43 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-05-29 17:43 - 2014-05-29 17:43 - 00000000 ____D () C:\ProgramData\EA Core 2014-05-29 16:40 - 2014-05-29 16:40 - 00001279 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk 2014-05-29 16:40 - 2014-05-29 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies 2014-05-29 16:35 - 2014-06-15 15:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-05-29 16:30 - 2014-05-29 17:43 - 00000000 ____D () C:\Users\Max\AppData\Local\Origin 2014-05-29 16:29 - 2014-05-29 16:29 - 00000983 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-05-29 16:29 - 2014-05-29 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-05-29 16:28 - 2014-05-29 16:29 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Max\Downloads\OriginThinSetup.exe 2014-05-29 16:26 - 2014-05-29 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-29 13:01 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-29 13:01 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-29 13:01 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-29 13:01 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-29 13:01 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-29 13:01 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-29 13:01 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-29 13:01 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-29 13:01 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-29 13:01 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-29 13:01 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-29 13:01 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-29 13:01 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-29 13:01 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-29 13:01 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-29 13:01 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-29 13:01 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-29 13:01 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-29 13:01 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-29 13:01 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-29 13:01 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-29 13:01 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-29 13:01 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-29 13:01 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-29 13:01 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-29 13:01 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-29 13:01 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-29 13:01 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-29 13:01 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-29 13:01 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-29 13:01 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-29 13:01 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-29 12:56 - 2014-02-15 23:11 - 00000426 _____ () C:\AVScanner.ini ==================== One Month Modified Files and Folders ======= 2014-06-17 10:10 - 2014-06-17 10:09 - 00015386 _____ () C:\Users\Max\Downloads\FRST.txt 2014-06-17 10:10 - 2011-07-23 17:53 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp 2014-06-17 10:09 - 2014-06-17 10:09 - 00000000 ____D () C:\FRST 2014-06-17 10:08 - 2014-06-17 10:08 - 02081280 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe 2014-06-17 10:07 - 2014-06-17 10:07 - 00000468 _____ () C:\Users\Max\Desktop\defogger_disable.log 2014-06-17 10:07 - 2014-06-17 10:07 - 00000000 _____ () C:\Users\Max\defogger_reenable 2014-06-17 10:07 - 2011-07-23 17:53 - 00000000 ____D () C:\Users\Max 2014-06-17 10:05 - 2014-06-17 10:05 - 00050477 _____ () C:\Users\Max\Desktop\Defogger.exe 2014-06-17 10:02 - 2011-07-30 18:13 - 00000000 ____D () C:\Users\Max\AppData\Local\PMB Files 2014-06-17 09:58 - 2014-04-25 09:59 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-17 09:52 - 2009-07-14 06:45 - 00019040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-17 09:52 - 2009-07-14 06:45 - 00019040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-17 09:50 - 2011-07-23 23:41 - 01865315 _____ () C:\Windows\WindowsUpdate.log 2014-06-17 09:43 - 2014-04-25 09:59 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-17 09:43 - 2011-07-23 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-17 09:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-17 09:43 - 2009-07-14 06:51 - 00177383 _____ () C:\Windows\setupact.log 2014-06-17 05:43 - 2013-04-20 16:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-17 05:11 - 2014-04-25 10:01 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000UA.job 2014-06-17 03:34 - 2012-05-12 00:24 - 00001130 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000UA.job 2014-06-16 15:34 - 2012-05-12 00:24 - 00001108 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000Core.job 2014-06-16 14:01 - 2011-07-24 18:34 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{39C20479-0256-4D7F-9B1F-36FB7D49ACD5} 2014-06-16 01:06 - 2012-12-27 02:24 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client 2014-06-15 19:11 - 2014-04-25 10:01 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000Core.job 2014-06-15 16:50 - 2012-05-04 15:25 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-06-15 16:50 - 2012-04-16 18:00 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-06-15 16:50 - 2012-04-16 18:00 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-06-15 16:21 - 2014-06-15 16:05 - 00000000 ____D () C:\Users\Max\Documents\BFH.Beta 2014-06-15 16:04 - 2013-06-02 17:09 - 00000000 ____D () C:\ProgramData\Origin 2014-06-15 16:02 - 2014-06-15 16:02 - 00001139 _____ () C:\Users\Public\Desktop\Battlefield Hardline Beta.lnk 2014-06-15 16:02 - 2014-06-15 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta 2014-06-15 16:02 - 2012-04-16 18:00 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-06-15 16:02 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-15 16:01 - 2011-07-23 19:01 - 00553829 _____ () C:\Windows\DirectX.log 2014-06-15 15:17 - 2014-05-29 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-06-15 12:42 - 2013-06-02 17:09 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-06-14 02:14 - 2011-09-02 21:32 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype 2014-06-13 16:54 - 2014-01-27 01:37 - 00000000 ____D () C:\Users\Max\AppData\Local\DayZ 2014-06-13 09:00 - 2014-04-25 09:59 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 21:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 00:10 - 2013-08-15 18:13 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 00:09 - 2011-07-23 18:20 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-10 20:26 - 2011-07-24 09:37 - 00696848 _____ () C:\Windows\system32\perfh007.dat 2014-06-10 20:26 - 2011-07-24 09:37 - 00148144 _____ () C:\Windows\system32\perfc007.dat 2014-06-10 20:26 - 2009-07-14 07:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-10 13:27 - 2014-06-10 13:27 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-06-10 13:27 - 2012-06-18 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-06-10 13:27 - 2011-07-23 18:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-10 13:18 - 2014-02-16 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA Corporation 2014-06-10 13:18 - 2011-07-23 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-06-10 13:18 - 2011-07-23 18:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-10 09:12 - 2011-07-23 18:49 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Mozilla 2014-06-05 15:38 - 2014-06-05 15:38 - 00000201 _____ () C:\Users\Max\Desktop\Sniper Elite V2.url 2014-06-02 21:42 - 2011-09-02 21:32 - 00000000 ____D () C:\ProgramData\Skype 2014-06-02 21:41 - 2014-05-30 18:15 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-06-02 14:29 - 2014-06-02 14:28 - 00000000 ____D () C:\Users\Max\Documents\Battlefield 3 2014-06-02 14:28 - 2014-06-02 14:28 - 00000000 ____D () C:\Users\Max\AppData\Local\ESN 2014-06-02 14:28 - 2014-06-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-06-02 14:28 - 2012-05-04 15:25 - 00000000 ____D () C:\Users\Max\AppData\Local\PunkBuster 2014-06-02 14:27 - 2014-06-02 14:27 - 02247960 _____ () C:\Users\Max\Downloads\battlelog-web-plugins_2.4.0_141.exe 2014-06-02 13:59 - 2014-06-02 13:59 - 00001174 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk 2014-06-02 13:59 - 2014-06-02 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 2014-06-02 12:37 - 2014-06-02 12:37 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-02 12:35 - 2014-06-02 12:35 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-02 12:35 - 2014-06-02 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-02 12:35 - 2012-10-28 22:43 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-02 12:35 - 2012-10-28 22:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-02 12:35 - 2012-10-28 22:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-02 12:35 - 2011-07-23 19:03 - 00000000 ____D () C:\Program Files (x86)\Java 2014-05-31 17:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-05-30 18:15 - 2014-05-30 18:15 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype 2014-05-30 18:15 - 2014-05-30 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-30 12:21 - 2014-06-11 22:40 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-11 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-11 22:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-11 22:40 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-11 22:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-11 22:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-11 22:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-11 22:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-11 22:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-11 22:40 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-11 22:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-11 22:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-11 22:40 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-11 22:40 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-11 22:40 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-11 22:40 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-11 22:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-11 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-11 22:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-11 22:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-11 22:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-11 22:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-11 22:40 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-11 22:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-11 22:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-11 22:40 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-11 22:40 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-11 22:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-11 22:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-11 22:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-11 22:40 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-11 22:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-11 22:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-11 22:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-11 22:40 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-11 22:40 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-11 22:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-11 22:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-11 22:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-11 22:40 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-11 22:40 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-11 22:40 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-11 22:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-11 22:40 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-11 22:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-11 22:40 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-11 22:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-11 22:40 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-11 22:40 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-11 22:40 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-11 22:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-11 22:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-30 01:07 - 2014-06-10 13:18 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-05-30 01:07 - 2014-06-10 13:18 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-05-30 01:07 - 2014-02-16 01:41 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-05-30 01:07 - 2014-02-16 01:41 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-05-29 17:43 - 2014-05-29 17:43 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-05-29 17:43 - 2014-05-29 17:43 - 00000000 ____D () C:\ProgramData\EA Core 2014-05-29 17:43 - 2014-05-29 16:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Origin 2014-05-29 17:43 - 2012-11-03 20:29 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-05-29 16:40 - 2014-05-29 16:40 - 00001279 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk 2014-05-29 16:40 - 2014-05-29 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies 2014-05-29 16:35 - 2013-06-02 17:09 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Origin 2014-05-29 16:33 - 2012-07-13 20:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-29 16:33 - 2011-08-12 18:05 - 00039108 _____ () C:\Windows\PFRO.log 2014-05-29 16:29 - 2014-05-29 16:29 - 00000983 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-05-29 16:29 - 2014-05-29 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-05-29 16:29 - 2014-05-29 16:28 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Max\Downloads\OriginThinSetup.exe 2014-05-29 16:26 - 2014-05-29 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-29 14:43 - 2013-04-20 16:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-29 14:43 - 2012-06-26 13:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-29 14:43 - 2011-07-23 19:16 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-29 13:13 - 2011-07-23 17:53 - 00000000 ___RD () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-29 13:13 - 2011-07-23 17:53 - 00000000 ___RD () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-29 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-29 12:56 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-29 12:55 - 2014-02-16 01:40 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA 2014-05-29 12:53 - 2014-04-25 09:59 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-29 12:53 - 2014-04-25 09:59 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-29 12:52 - 2011-07-24 20:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-20 04:44 - 2014-06-10 13:25 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-05-20 04:44 - 2014-06-10 13:25 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-05-20 04:44 - 2014-06-10 13:25 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-05-20 04:44 - 2013-02-26 00:32 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-05-20 04:44 - 2013-02-26 00:32 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-05-20 04:44 - 2013-02-26 00:32 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-05-20 04:44 - 2013-02-26 00:32 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-05-20 04:44 - 2013-02-26 00:32 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-05-20 04:44 - 2013-02-26 00:32 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-05-20 04:44 - 2011-05-21 06:01 - 00026069 _____ () C:\Windows\system32\nvinfo.pb 2014-05-20 03:25 - 2011-07-23 18:12 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-05-20 03:25 - 2011-07-23 18:12 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-05-20 03:25 - 2011-07-23 18:12 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-05-20 03:25 - 2011-07-23 18:12 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-05-20 03:25 - 2011-07-23 18:12 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-05-20 03:25 - 2011-07-23 18:12 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-05-20 01:10 - 2014-06-10 13:27 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe Some content of TEMP: ==================== C:\Users\Max\AppData\Local\Temp\AskSLib.dll C:\Users\Max\AppData\Local\Temp\AutoRun.exe C:\Users\Max\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Max\AppData\Local\Temp\avgnt.exe C:\Users\Max\AppData\Local\Temp\EAD2692.exe C:\Users\Max\AppData\Local\Temp\EAD2931.exe C:\Users\Max\AppData\Local\Temp\EAD32E2.exe C:\Users\Max\AppData\Local\Temp\EAD4FA5.exe C:\Users\Max\AppData\Local\Temp\EAD61FC.exe C:\Users\Max\AppData\Local\Temp\EAD625A.exe C:\Users\Max\AppData\Local\Temp\EAD692D.exe C:\Users\Max\AppData\Local\Temp\EAD694C.exe C:\Users\Max\AppData\Local\Temp\EAD6AA4.exe C:\Users\Max\AppData\Local\Temp\EAD703F.exe C:\Users\Max\AppData\Local\Temp\EAD7399.exe C:\Users\Max\AppData\Local\Temp\EAD7406.exe C:\Users\Max\AppData\Local\Temp\EAD7407.exe C:\Users\Max\AppData\Local\Temp\EAD7416.exe C:\Users\Max\AppData\Local\Temp\EAD74C1.exe C:\Users\Max\AppData\Local\Temp\EAD7628.exe C:\Users\Max\AppData\Local\Temp\EAD7629.exe C:\Users\Max\AppData\Local\Temp\EAD785A.exe C:\Users\Max\AppData\Local\Temp\EAD78A8.exe C:\Users\Max\AppData\Local\Temp\EAD7992.exe C:\Users\Max\AppData\Local\Temp\EAD7993.exe C:\Users\Max\AppData\Local\Temp\EAD79FF.exe C:\Users\Max\AppData\Local\Temp\EAD7A3D.exe C:\Users\Max\AppData\Local\Temp\EAD7ABA.exe C:\Users\Max\AppData\Local\Temp\EAD7AF9.exe C:\Users\Max\AppData\Local\Temp\EAD7B37.exe C:\Users\Max\AppData\Local\Temp\EAD7D49.exe C:\Users\Max\AppData\Local\Temp\EAD7D69.exe C:\Users\Max\AppData\Local\Temp\EAD7D97.exe C:\Users\Max\AppData\Local\Temp\EAD7DB7.exe C:\Users\Max\AppData\Local\Temp\EAD7EA1.exe C:\Users\Max\AppData\Local\Temp\EAD7F0E.exe C:\Users\Max\AppData\Local\Temp\EAD7FF8.exe C:\Users\Max\AppData\Local\Temp\EAD8036.exe C:\Users\Max\AppData\Local\Temp\EAD8084.exe C:\Users\Max\AppData\Local\Temp\EAD80C3.exe C:\Users\Max\AppData\Local\Temp\EAD816E.exe C:\Users\Max\AppData\Local\Temp\EAD81CC.exe C:\Users\Max\AppData\Local\Temp\EAD81FB.exe C:\Users\Max\AppData\Local\Temp\EAD8361.exe C:\Users\Max\AppData\Local\Temp\EAD8390.exe C:\Users\Max\AppData\Local\Temp\EAD83CF.exe C:\Users\Max\AppData\Local\Temp\EAD845B.exe C:\Users\Max\AppData\Local\Temp\EAD8574.exe C:\Users\Max\AppData\Local\Temp\EAD8593.exe C:\Users\Max\AppData\Local\Temp\EAD85A3.exe C:\Users\Max\AppData\Local\Temp\EAD8767.exe C:\Users\Max\AppData\Local\Temp\EAD892B.exe C:\Users\Max\AppData\Local\Temp\EAD8AF0.exe C:\Users\Max\AppData\Local\Temp\EAD8B9B.exe C:\Users\Max\AppData\Local\Temp\EAD8C18.exe C:\Users\Max\AppData\Local\Temp\EAD8D12.exe C:\Users\Max\AppData\Local\Temp\EAD8D6F.exe C:\Users\Max\AppData\Local\Temp\EAD8D7F.exe C:\Users\Max\AppData\Local\Temp\EAD8E2B.exe C:\Users\Max\AppData\Local\Temp\EAD8E2C.exe C:\Users\Max\AppData\Local\Temp\EAD8E98.exe C:\Users\Max\AppData\Local\Temp\EAD8F43.exe C:\Users\Max\AppData\Local\Temp\EAD901E.exe C:\Users\Max\AppData\Local\Temp\EAD904.exe C:\Users\Max\AppData\Local\Temp\EAD9194.exe C:\Users\Max\AppData\Local\Temp\EAD9471.exe C:\Users\Max\AppData\Local\Temp\EAD94BF.exe C:\Users\Max\AppData\Local\Temp\EAD9684.exe C:\Users\Max\AppData\Local\Temp\EAD96D2.exe C:\Users\Max\AppData\Local\Temp\EAD9877.exe C:\Users\Max\AppData\Local\Temp\EAD9887.exe C:\Users\Max\AppData\Local\Temp\EAD9BE1.exe C:\Users\Max\AppData\Local\Temp\EAD9C7D.exe C:\Users\Max\AppData\Local\Temp\EAD9CEA.exe C:\Users\Max\AppData\Local\Temp\EAD9D28.exe C:\Users\Max\AppData\Local\Temp\EAD9D29.exe C:\Users\Max\AppData\Local\Temp\EADA053.exe C:\Users\Max\AppData\Local\Temp\EADA18B.exe C:\Users\Max\AppData\Local\Temp\EADA295.exe C:\Users\Max\AppData\Local\Temp\EADA2A4.exe C:\Users\Max\AppData\Local\Temp\EADA331.exe C:\Users\Max\AppData\Local\Temp\EADA350.exe C:\Users\Max\AppData\Local\Temp\EADA42A.exe C:\Users\Max\AppData\Local\Temp\EADA61D.exe C:\Users\Max\AppData\Local\Temp\EADA65C.exe C:\Users\Max\AppData\Local\Temp\EADA86E.exe C:\Users\Max\AppData\Local\Temp\EADA9F4.exe C:\Users\Max\AppData\Local\Temp\EADAB6B.exe C:\Users\Max\AppData\Local\Temp\EADAB6C.exe C:\Users\Max\AppData\Local\Temp\EADAD1F.exe C:\Users\Max\AppData\Local\Temp\EADAD20.exe C:\Users\Max\AppData\Local\Temp\EADAD21.exe C:\Users\Max\AppData\Local\Temp\EADAE86.exe C:\Users\Max\AppData\Local\Temp\EADAE96.exe C:\Users\Max\AppData\Local\Temp\EADAEC5.exe C:\Users\Max\AppData\Local\Temp\EADAFED.exe C:\Users\Max\AppData\Local\Temp\EADB04B.exe C:\Users\Max\AppData\Local\Temp\EADB144.exe C:\Users\Max\AppData\Local\Temp\EADB3C4.exe C:\Users\Max\AppData\Local\Temp\EADB3D3.exe C:\Users\Max\AppData\Local\Temp\EADB78B.exe C:\Users\Max\AppData\Local\Temp\EADB79B.exe C:\Users\Max\AppData\Local\Temp\EADB7D9.exe C:\Users\Max\AppData\Local\Temp\EADB875.exe C:\Users\Max\AppData\Local\Temp\EADBAC6.exe C:\Users\Max\AppData\Local\Temp\EADBB71.exe C:\Users\Max\AppData\Local\Temp\EADBC7B.exe C:\Users\Max\AppData\Local\Temp\EADBC8A.exe C:\Users\Max\AppData\Local\Temp\EADBD93.exe C:\Users\Max\AppData\Local\Temp\EADBDC2.exe C:\Users\Max\AppData\Local\Temp\EADC2F0.exe C:\Users\Max\AppData\Local\Temp\EADC531.exe C:\Users\Max\AppData\Local\Temp\EADC5DD.exe C:\Users\Max\AppData\Local\Temp\EADC5DE.exe C:\Users\Max\AppData\Local\Temp\EADC715.exe C:\Users\Max\AppData\Local\Temp\EADC7FF.exe C:\Users\Max\AppData\Local\Temp\EADC966.exe C:\Users\Max\AppData\Local\Temp\EADCB59.exe C:\Users\Max\AppData\Local\Temp\EADCEE2.exe C:\Users\Max\AppData\Local\Temp\EADCF5F.exe C:\Users\Max\AppData\Local\Temp\EADCFEB.exe C:\Users\Max\AppData\Local\Temp\EADD641.exe C:\Users\Max\AppData\Local\Temp\EADD7B8.exe C:\Users\Max\AppData\Local\Temp\EADDF94.exe C:\Users\Max\AppData\Local\Temp\EADE021.exe C:\Users\Max\AppData\Local\Temp\EADE06F.exe C:\Users\Max\AppData\Local\Temp\EADE35B.exe C:\Users\Max\AppData\Local\Temp\EADE38A.exe C:\Users\Max\AppData\Local\Temp\EADE4D2.exe C:\Users\Max\AppData\Local\Temp\EADE54F.exe C:\Users\Max\AppData\Local\Temp\EADE761.exe C:\Users\Max\AppData\Local\Temp\EADE9E1.exe C:\Users\Max\AppData\Local\Temp\EADEA9C.exe C:\Users\Max\AppData\Local\Temp\EADF4AA.exe C:\Users\Max\AppData\Local\Temp\EADFB7D.exe C:\Users\Max\AppData\Local\Temp\EAInstall.dll C:\Users\Max\AppData\Local\Temp\eauninstall.exe C:\Users\Max\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe C:\Users\Max\AppData\Local\Temp\Gw2.exe C:\Users\Max\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe C:\Users\Max\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Max\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe C:\Users\Max\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe C:\Users\Max\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe C:\Users\Max\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\Max\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Max\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Max\AppData\Local\Temp\nvStInst.exe C:\Users\Max\AppData\Local\Temp\SkypeSetup.exe C:\Users\Max\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Max\AppData\Local\Temp\UninstallEADM.dll C:\Users\Max\AppData\Local\Temp\_is2E90.exe C:\Users\Max\AppData\Local\Temp\_is50EF.exe C:\Users\Max\AppData\Local\Temp\_is5439.exe C:\Users\Max\AppData\Local\Temp\_is6180.exe C:\Users\Max\AppData\Local\Temp\_is9CFB.exe C:\Users\Max\AppData\Local\Temp\_isA0D3.exe C:\Users\Max\AppData\Local\Temp\_isB839.exe C:\Users\Max\AppData\Local\Temp\_isBB45.exe C:\Users\Max\AppData\Local\Temp\_isC0FF.exe C:\Users\Max\AppData\Local\Temp\_isD2AB.exe C:\Users\Max\AppData\Local\Temp\_isD7AA.exe C:\Users\Max\AppData\Local\Temp\_isDB14.exe C:\Users\Max\AppData\Local\Temp\_isF6BE.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-09 13:37 ==================== End Of Log ============================ Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014 Ran by Max at 2014-06-17 10:10:34 Running from C:\Users\Max\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== "Ascension to the Throne" (Nur entfernen) (HKLM-x32\...\{65A9FFB6-E734-424C-BDFE-DF20B36808D3}_is1) (Version: - Frogster Interactive Pictures AG) 3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.2 - Futuremark Corporation) Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.) Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft) Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin) Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios Ltd.) Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games) Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: - Electronic Arts) Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: - BitRaider, LLC) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: - Apple Inc.) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland) Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts) Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: - AMD) Facebook Video Calling (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: - Futuremark Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: - Google) Google Update Helper (x32 Version: - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: - Apple Inc.) Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: - Oracle, Inc.) Hidden Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle) Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios) Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team) Last.fm Scrobbler 2.1.35 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Malwarebytes Anti-Malware Version (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: - Microsoft Corporation) Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft) Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment) Origin (HKLM-x32\...\Origin) (Version: - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: - Pando Networks Inc.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: - Electronic Arts, Inc.) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: - Apple Inc.) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - YAGER) Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA) Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: - Valve Corporation) Steel Storm: Burning Retribution (HKLM-x32\...\Steam App 96200) (Version: - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: - UBISOFT) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) War Inc. Battlezone (HKLM-x32\...\Steam App 107900) (Version: - ) Warhammer® 40,000®: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic) Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinZip 16.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}) (Version: 16.0.9715 - WinZip Computing, S.L. ) ==================== Restore Points ========================= 10-06-2014 11:18:35 DirectX wurde installiert 11-06-2014 22:07:24 Windows Update 15-06-2014 14:00:31 DirectX wurde installiert 17-06-2014 07:49:01 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {033EF999-96F6-4AD0-91CA-CC41A2DE29C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000UA => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-25] (Google Inc.) Task: {05C246AB-D3BF-4311-A0AE-4D6683CEFAF6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation) Task: {07DF57A2-620A-45AC-BF73-F47B801AFF3A} - System32\Tasks\{9429791C-E5EA-4DF8-BC14-31E6F231AE8D} => Firefox.exe hxxp://ui.skype.com/ui/0/ Task: {0D5C6CA1-4542-4D81-AB68-685B0021177C} - System32\Tasks\{8BDC22E7-7214-4907-8A1B-9BB69239722E} => C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\lotrbfme2.exe Task: {2E896B63-7E4E-4C6A-B6F1-975373C9D54D} - System32\Tasks\{C8E0CF07-F7A2-437A-B200-726DC576FD03} => C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\lotrbfme2ep1.exe Task: {2EAE1D2E-53B6-4314-AF84-2BD273B45DB9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000Core => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.) Task: {3663B116-C97C-4ACF-A7A0-04FCB4DD5E60} - System32\Tasks\{C1FE3921-E1F4-434B-A251-AA3B8568A402} => Firefox.exe hxxp://ui.skype.com/ui/0/ Task: {37B8B2D6-269E-4CF8-B7AD-AA3D9FC3D772} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-25] (Google Inc.) Task: {3A904B02-78AF-4E88-BA95-B8765844BE54} - System32\Tasks\{93B4C569-F3C1-44F0-A809-4851FA8D98B2} => C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\lotrbfme2.exe Task: {4F0AEAF3-52EA-42CA-972A-5F46952BBD0C} - System32\Tasks\{20A9E70A-90C1-4F96-8E47-435AE7DF0701} => C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\lotrbfme2.exe Task: {52D19B6D-6327-4D28-8474-75D3E8D6E877} - System32\Tasks\{8F5B5715-3382-4EE6-B674-703990FC1276} => Firefox.exe hxxp://ui.skype.com/ui/0/ Task: {53889AF0-6888-4A72-BF5A-86C165D5FFAB} - System32\Tasks\{D534575F-B12D-4FFE-AF82-B558492FE652} => C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\lotrbfme2ep1.exe Task: {5C8C57ED-6C99-4BE9-A749-C9182629D0B7} - System32\Tasks\{B7160BDF-C5B0-40A7-8502-8F0135227E0E} => C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\lotrbfme2.exe Task: {70B77EC1-3F90-4ACA-A31C-A300A1601DF8} - System32\Tasks\{9011ECCF-EEBF-491C-87B1-969AF412C3CE} => E:\S3\S3.EXE Task: {75068FFB-188F-4C2D-9085-079DED006D9D} - System32\Tasks\{6355164F-3A65-4FB5-B201-A035587C17BE} => E:\S3\S3.EXE Task: {7DDE5113-D683-42A3-BD37-EF610EC005D1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000UA => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.) Task: {A4DBBFD3-ED08-495E-AFCA-1430F1398659} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-29] (Adobe Systems Incorporated) Task: {C9E3DB5D-DE78-4723-85F1-3301CDA0F1A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-25] (Google Inc.) Task: {D1AAAD39-7953-451B-A62C-061B5E87D8B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000Core => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-25] (Google Inc.) Task: {DC02AB55-BB51-46E5-96DD-099F4AD0EB3C} - System32\Tasks\{76E82061-AC63-4C89-921E-39761E1FC601} => C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\lotrbfme2ep1.exe Task: {DDE670F7-F324-4D98-8140-5963531F44F8} - System32\Tasks\{FBF6343D-4041-476A-BE9D-7696CEA7DB82} => C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\lotrbfme2ep1.exe Task: {E3D25E7D-4AEA-4C30-A314-502E713E967B} - System32\Tasks\{D6932D6F-5320-41F0-89CD-C4EC764B4C5F} => E:\S3\S3.EXE Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000Core.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000UA.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000Core.job => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2192115406-1684612754-3875215466-1000UA.job => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-06-18 13:47 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-04-16 18:00 - 2014-06-15 16:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-05-29 13:13 - 2014-04-30 02:08 - 01135104 _____ () D:\Steam\libavcodec-55.dll 2014-04-23 07:31 - 2014-04-30 02:08 - 00471552 _____ () D:\Steam\libavutil-53.dll 2014-05-29 13:13 - 2014-04-30 02:08 - 00404992 _____ () D:\Steam\libavformat-55.dll 2014-01-08 11:27 - 2014-04-30 02:08 - 00340992 _____ () D:\Steam\libavresample-1.dll 2013-03-25 14:23 - 2014-05-17 03:36 - 00756224 _____ () D:\Steam\SDL2.dll 2014-05-29 13:13 - 2014-05-29 19:37 - 02139840 _____ () D:\Steam\video.dll 2014-05-29 13:13 - 2014-04-29 02:37 - 00519168 _____ () D:\Steam\libswscale-2.dll 2011-07-23 19:39 - 2014-05-29 19:36 - 01116864 _____ () D:\Steam\bin\chromehtml.DLL 2011-07-23 19:39 - 2014-05-02 01:35 - 20628160 _____ () D:\Steam\bin\libcef.dll 2012-03-16 00:22 - 2013-06-15 01:49 - 01100800 _____ () D:\Steam\bin\avcodec-53.dll 2012-03-16 00:22 - 2013-06-15 01:49 - 00124416 _____ () D:\Steam\bin\avutil-51.dll 2012-03-16 00:22 - 2013-06-15 01:49 - 00192000 _____ () D:\Steam\bin\avformat-53.dll 2011-01-17 16:19 - 2012-04-09 10:50 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2014-05-29 16:26 - 2014-05-29 16:26 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Max\Desktop\Total War: ROME II.lnk ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/17/2014 10:02:04 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/16/2014 02:15:17 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/16/2014 10:00:15 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/15/2014 09:45:03 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/15/2014 01:01:16 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/14/2014 00:31:07 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/13/2014 05:04:25 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/13/2014 00:20:25 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/13/2014 00:14:43 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm bf3.exe, Version kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b18 Startzeit: 01cf868a11d3eec6 Endzeit: 509 Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe Berichts-ID: Error: (06/12/2014 05:18:35 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 System errors: ============= Error: (06/15/2014 06:05:38 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BABSI", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{72574C97-1C87-405D-BD52-918FAE9024FB}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (06/12/2014 01:10:23 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error: (06/12/2014 01:10:23 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error: (06/12/2014 01:10:22 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error: (06/11/2014 09:06:57 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BABSI", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{72574C97-1C87-405D-BD52-918FAE9024FB}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (06/07/2014 08:51:26 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BABSI", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{72574C97-1C87-405D-BD52-918FAE9024FB}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (06/04/2014 04:49:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SSDP-Suche" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (06/04/2014 04:49:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SSDP-Suche erreicht. Error: (06/02/2014 09:42:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht. Error: (05/31/2014 11:17:11 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse registriert werden. Der Computer mit IP-Adresse hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Microsoft Office Sessions: ========================= Error: (06/17/2014 10:02:04 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/16/2014 02:15:17 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/16/2014 10:00:15 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/15/2014 09:45:03 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/15/2014 01:01:16 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/14/2014 00:31:07 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/13/2014 05:04:25 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/13/2014 00:20:25 AM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 Error: (06/13/2014 00:14:43 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: bf3.exe1.6.0.0b1801cf868a11d3eec6509C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe Error: (06/12/2014 05:18:35 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Pando_WinPando-1 ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8191.18 MB Available physical RAM: 5997.43 MB Total Pagefile: 16380.54 MB Available Pagefile: 14113.16 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:736.2 GB) (Free:444.48 GB) NTFS Drive d: () (Fixed) (Total:195.21 GB) (Free:86.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00FC8A20) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=736 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Gmer: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-06-17 10:22:55 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD103SJ rev.1AJ10001 931,51GB Running: Gmer-19357.exe; Driver: C:\Users\Max\AppData\Local\Temp\uxldapob.sys ---- User code sections - GMER 2.1 ---- .text C:\Windows\SysWOW64\PnkBstrA.exe[2164] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000070501a22 2 bytes [50, 70] .text C:\Windows\SysWOW64\PnkBstrA.exe[2164] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000070501ad0 2 bytes [50, 70] .text C:\Windows\SysWOW64\PnkBstrA.exe[2164] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000070501b08 2 bytes [50, 70] .text C:\Windows\SysWOW64\PnkBstrA.exe[2164] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000070501bba 2 bytes [50, 70] .text C:\Windows\SysWOW64\PnkBstrA.exe[2164] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000070501bda 2 bytes [50, 70] .text C:\Windows\SysWOW64\PnkBstrA.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076901465 2 bytes [90, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769014bb 2 bytes [90, 76] .text ... * 2 .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076901465 2 bytes [90, 76] .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769014bb 2 bytes [90, 76] .text ... * 2 .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076901465 2 bytes [90, 76] .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769014bb 2 bytes [90, 76] .text ... * 2 .text C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe[3520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076901465 2 bytes [90, 76] .text C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe[3520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769014bb 2 bytes [90, 76] .text ... * 2 ---- EOF - GMER 2.1 ---- Vielen Dank bereits im Vorraus für die Aufmerksamkeit. ![]() |
![]() | #2 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: Yahoo schickt Spam Mails an Kontakte Hi,
__________________rechner ist sauber ![]()
__________________ |
![]() | #3 |
| ![]() Windows 7: Yahoo schickt Spam Mails an Kontakte Hey,
__________________vielen Dank für die schnelle Antwort! Ist ja schon einmal sehr beruhigend, also liegt der Fehler bei Yahoo? Hoffe man verzeiht mir die weitere Frage, das war alles was ich tun kann mit dem Problem? Also, selbstverständlich Passwörter ändern (oder muss nicht einmal das, theoretisch?), aber abgesehen davon? Irgendetwas meiden oder als Schutz installieren? Bzw, oder lieber eine neue Email Adresse anlegen? Geändert von EdKenway (17.06.2014 um 10:10 Uhr) |
![]() | #4 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: Yahoo schickt Spam Mails an Kontakte ich würde sie ändern zu dem Account. Und dann würde ich Yahoo selbst mal kontaktieren, bist ja mittlerweile der 30te hier im Forum mit dem problem.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #5 |
| ![]() Windows 7: Yahoo schickt Spam Mails an Kontakte Okay, tausend Dank für die schnelle und sorgfältige Hilfe! |
![]() | #6 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: Yahoo schickt Spam Mails an Kontakte Gern Geschehen ![]()
__________________ --> Windows 7: Yahoo schickt Spam Mails an Kontakte |
![]() |
Themen zu Windows 7: Yahoo schickt Spam Mails an Kontakte |
.com, antivirus, association, avira, bonjour, computer, desktop, entfernen, error, firefox, flash player, google, homepage, malware, mozilla, problem, programm, registry, robot, scan, secur, security, software, svchost.exe, system, usb, windows |