| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Seid kurzer Zeit aufdringliche BrowserwerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.06.2014, 14:26
| #1 |
 |  Seid kurzer Zeit aufdringliche Browserwerbung Guten Tag, seid kurzer Zeit erscheint in meinem Browser (Google Chrome) den ich ausschließlich benutze sehr viel Werbung, auf Seiten, auf denen vorher nie Werbung erschienen ist. Die Werbung zeigt sich in folgenden Aspekten: Wörter werden blau ( als Links ) hinterlegt, von den Seiten kommen shopping pop-ups und ähnliches und auf jeder Seite, selbst in diesem Moment tauchen mitten auf der Seite werbungen von : Ads by OnlineBrowserAdvertising, auf. Manchmal öffnen sich auch einfach neue Tabs. Ausserdem installiert sich das Cookie Savea on scheinbar jedes mal von selbst, da ich es immer lösche! Wiegesagt habe ich mit diesem Problem erst seid kurzem zu kämpfen und es schränkt mich sehr ein. Vielen Dank für eure Hilfe im vorraus Mfg Walwin |
|
21.06.2014, 14:28
| #2 |
| /// Malwareteam   | Seid kurzer Zeit aufdringliche Browserwerbung Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
21.06.2014, 19:26
| #3 |
| | Seid kurzer Zeit aufdringliche Browserwerbung FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Julian (administrator) on JULIAN-PC on 21-06-2014 20:23:23
Running from C:\Users\Julian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamSpeak Systems GmbH) C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bohemia Interactive) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [40576 2013-08-29] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-14] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-12] (Razer Inc.)
HKLM-x32\...\Run: [YourFile DownloaderInstaller Starter] => "C:\Users\Julian\AppData\Local\Temp\install728248.exe" -startup
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Spotify] => C:\Users\Julian\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-21] (Electronic Arts)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\MountPoints2: {9ff9faa4-bf22-11e3-b4bb-448a5b254d66} - G:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hitech-gamer.com/
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage:
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad [2014-06-08]
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (avast! Online Security) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad\2.14 [2014-06-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-14] (AVAST Software)
R3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-14] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-21] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-14] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-14] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 GPU-Z; \??\C:\Users\Julian\AppData\Local\Temp\GPU-Z.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-21 20:23 - 2014-06-21 20:23 - 00017613 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-21 20:23 - 2014-06-21 20:23 - 00000000 ____D () C:\FRST
2014-06-21 20:22 - 2014-06-21 20:23 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-21 15:43 - 2014-06-21 15:44 - 00017551 _____ () C:\Windows\DirectX.log
2014-06-21 15:12 - 2014-06-21 15:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 15:12 - 2014-06-21 15:12 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-21 15:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-21 15:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-21 15:11 - 2014-06-21 15:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 15:08 - 2014-06-21 15:08 - 00000626 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-06-21 15:05 - 2014-06-21 15:05 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-21 15:03 - 2014-06-21 15:18 - 00001524 _____ () C:\Windows\PFRO.log
2014-06-21 15:03 - 2014-06-21 15:18 - 00000560 _____ () C:\Windows\setupact.log
2014-06-21 15:03 - 2014-06-21 15:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-21 15:01 - 2014-06-21 15:09 - 00000000 ____D () C:\AdwCleaner
2014-06-21 15:01 - 2014-06-21 15:01 - 01333465 _____ () C:\Users\Julian\Downloads\adwcleaner_3.212.exe
2014-06-21 15:01 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-21 14:28 - 2014-06-21 14:28 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-20 21:34 - 2014-06-20 21:34 - 00001480 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-06-20 19:23 - 2014-06-21 14:38 - 00000000 ____D () C:\Users\Julian\AppData\Local\Ubisoft Game Launcher
2014-06-20 19:23 - 2014-06-20 19:23 - 00001211 _____ () C:\Users\Julian\Desktop\Uplay.lnk
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-20 18:55 - 2014-06-20 19:00 - 63548256 _____ (Ubisoft) C:\Users\Julian\Downloads\UplayInstaller.exe
2014-06-15 00:01 - 2014-06-15 00:01 - 00000718 _____ () C:\Users\Julian\Downloads\Download
2014-06-15 00:01 - 2014-06-15 00:01 - 00000628 _____ () C:\Users\Julian\Downloads\Download (1)
2014-06-11 19:55 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 19:55 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 19:55 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 19:55 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 19:55 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 19:55 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 19:55 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 19:55 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 19:55 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 19:55 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 19:55 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 19:55 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 19:55 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 19:55 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 19:55 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 19:55 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 19:55 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 19:55 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 19:55 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 19:55 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 19:55 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 19:55 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 19:55 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 19:55 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 19:55 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 19:55 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 19:55 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 19:55 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 19:55 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 19:55 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 19:55 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 19:55 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 19:55 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 19:55 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 19:55 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 19:55 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 19:55 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 19:55 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 19:55 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 19:55 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 19:55 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 19:55 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 19:55 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 19:55 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 19:55 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 19:55 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 19:55 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 19:55 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 19:55 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 19:55 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 19:55 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 19:55 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 19:55 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 19:55 - 2014-04-25 04:27 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 19:55 - 2014-04-25 03:58 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 19:55 - 2014-04-05 04:37 - 01897408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 19:55 - 2014-04-05 04:37 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-11 19:55 - 2014-04-05 04:37 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 19:55 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 19:55 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 19:55 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 19:55 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 19:55 - 2014-03-26 04:39 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 19:55 - 2014-03-26 04:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 19:55 - 2014-03-26 04:13 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 19:55 - 2014-03-26 04:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 19:54 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 16:36 - 2014-06-10 18:04 - 35550986 _____ () C:\Users\Julian\Desktop\PPv14_[www.unknowncheats.me]_.zip
2014-06-10 16:35 - 2014-06-10 16:35 - 17895055 _____ () C:\Users\Julian\Downloads\PPv14_[www.unknowncheats.me]_.zip
2014-06-08 17:13 - 2014-06-08 17:13 - 00002218 _____ () C:\Users\Julian\Desktop\Google Earth.lnk
2014-06-08 14:12 - 2014-06-08 14:13 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-08 14:11 - 2014-06-08 14:11 - 07648470 _____ () C:\Users\Julian\Downloads\npp.6.6.4.Installer.exe
2014-06-08 14:09 - 2014-06-08 14:09 - 01527092 _____ () C:\Users\Julian\Downloads\HoxHud-P1-Self-installer.exe
2014-06-08 14:02 - 2014-06-21 15:03 - 00000000 ____D () C:\ProgramData\Savea on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\suave on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Program Files (x86)\suave on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Program Files (x86)\Savea on
2014-06-08 14:01 - 2014-06-21 14:53 - 00000000 ____D () C:\ProgramData\683c649fcfc2e2a5
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Julian\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-07 21:06 - 2014-06-07 21:07 - 00000000 ____D () C:\Users\Julian\AppData\Local\SniperV2
2014-05-30 00:50 - 2014-05-30 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-30 00:49 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-30 00:48 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-30 00:48 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-29 02:13 - 2014-05-29 02:14 - 00011776 ___SH () C:\Users\Julian\Thumbs.db
2014-05-28 20:37 - 2014-05-28 20:37 - 00000000 ____D () C:\Users\Julian\Documents\Paradox Interactive
2014-05-28 18:27 - 2014-05-28 18:29 - 90396104 _____ (The GIMP Team ) C:\Users\Julian\Downloads\gimp-2.8.10-setup.exe
2014-05-27 17:18 - 2014-06-19 16:57 - 00000000 ____D () C:\Users\Julian\Desktop\Soundboard sounds
2014-05-27 17:05 - 2014-05-27 17:05 - 00331560 _____ () C:\Users\Julian\Downloads\soundboard-0.9.9.9k-win64.ts3_plugin
2014-05-26 20:40 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-26 20:40 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-25 11:54 - 2014-05-25 11:54 - 00000000 ____D () C:\Users\Julian\AppData\Local\Chromium
2014-05-24 10:49 - 2014-05-24 11:04 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-05-24 10:48 - 2014-05-24 10:49 - 00000000 ____D () C:\Users\Julian\AppData\Local\Overwolf
==================== One Month Modified Files and Folders =======
2014-06-21 20:23 - 2014-06-21 20:23 - 00017613 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-21 20:23 - 2014-06-21 20:23 - 00000000 ____D () C:\FRST
2014-06-21 20:23 - 2014-06-21 20:22 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-21 19:42 - 2014-04-08 10:54 - 02016547 _____ () C:\Windows\WindowsUpdate.log
2014-06-21 19:41 - 2014-04-08 11:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-21 19:37 - 2014-04-14 17:27 - 00000000 ____D () C:\Users\Julian\AppData\Local\Arma 3
2014-06-21 19:37 - 2014-04-14 15:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-21 19:34 - 2014-04-14 15:03 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TS3Client
2014-06-21 19:27 - 2014-04-14 14:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-21 15:44 - 2014-06-21 15:43 - 00017551 _____ () C:\Windows\DirectX.log
2014-06-21 15:44 - 2014-04-16 08:57 - 00282512 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-21 15:44 - 2014-04-16 08:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-21 15:28 - 2014-05-12 15:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-21 15:28 - 2014-05-12 15:10 - 00000000 ____D () C:\ProgramData\Origin
2014-06-21 15:27 - 2014-04-14 15:06 - 00001873 _____ () C:\Users\Julian\Desktop\TS ID's.txt
2014-06-21 15:25 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 15:25 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 15:24 - 2010-11-21 08:50 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-06-21 15:24 - 2010-11-21 08:50 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-06-21 15:24 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-21 15:18 - 2014-06-21 15:03 - 00001524 _____ () C:\Windows\PFRO.log
2014-06-21 15:18 - 2014-06-21 15:03 - 00000560 _____ () C:\Windows\setupact.log
2014-06-21 15:18 - 2014-05-05 15:49 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Skype
2014-06-21 15:18 - 2014-04-14 18:31 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Spotify
2014-06-21 15:18 - 2014-04-14 14:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 15:18 - 2014-04-08 11:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-21 15:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-21 15:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-06-21 15:13 - 2014-06-21 15:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 15:12 - 2014-06-21 15:12 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-21 15:11 - 2014-06-21 15:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 15:09 - 2014-06-21 15:01 - 00000000 ____D () C:\AdwCleaner
2014-06-21 15:08 - 2014-06-21 15:08 - 00000626 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-06-21 15:05 - 2014-06-21 15:05 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-21 15:03 - 2014-06-21 15:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-21 15:03 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\Savea on
2014-06-21 15:01 - 2014-06-21 15:01 - 01333465 _____ () C:\Users\Julian\Downloads\adwcleaner_3.212.exe
2014-06-21 14:53 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\683c649fcfc2e2a5
2014-06-21 14:38 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Local\Ubisoft Game Launcher
2014-06-21 14:28 - 2014-06-21 14:28 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-21 14:28 - 2014-05-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-20 21:38 - 2014-05-06 19:00 - 00000000 ____D () C:\Users\Julian\Desktop\Screenshots
2014-06-20 21:34 - 2014-06-20 21:34 - 00001480 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-06-20 21:34 - 2014-04-14 18:34 - 00000000 ____D () C:\Users\Julian\.gimp-2.8
2014-06-20 19:23 - 2014-06-20 19:23 - 00001211 _____ () C:\Users\Julian\Desktop\Uplay.lnk
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-20 19:00 - 2014-06-20 18:55 - 63548256 _____ (Ubisoft) C:\Users\Julian\Downloads\UplayInstaller.exe
2014-06-19 16:57 - 2014-05-27 17:18 - 00000000 ____D () C:\Users\Julian\Desktop\Soundboard sounds
2014-06-18 17:16 - 2014-04-14 18:31 - 00000000 ____D () C:\Users\Julian\AppData\Local\Spotify
2014-06-15 12:11 - 2014-04-14 18:43 - 00000000 ____D () C:\Users\Julian\Desktop\Stuff
2014-06-15 00:01 - 2014-06-15 00:01 - 00000718 _____ () C:\Users\Julian\Downloads\Download
2014-06-15 00:01 - 2014-06-15 00:01 - 00000628 _____ () C:\Users\Julian\Downloads\Download (1)
2014-06-14 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 22:52 - 2014-04-18 10:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 22:51 - 2014-05-06 21:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 22:51 - 2014-04-18 10:37 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 18:04 - 2014-06-10 16:36 - 35550986 _____ () C:\Users\Julian\Desktop\PPv14_[www.unknowncheats.me]_.zip
2014-06-10 16:35 - 2014-06-10 16:35 - 17895055 _____ () C:\Users\Julian\Downloads\PPv14_[www.unknowncheats.me]_.zip
2014-06-09 13:51 - 2014-04-14 14:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-08 17:13 - 2014-06-08 17:13 - 00002218 _____ () C:\Users\Julian\Desktop\Google Earth.lnk
2014-06-08 14:13 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-08 14:11 - 2014-06-08 14:11 - 07648470 _____ () C:\Users\Julian\Downloads\npp.6.6.4.Installer.exe
2014-06-08 14:09 - 2014-06-08 14:09 - 01527092 _____ () C:\Users\Julian\Downloads\HoxHud-P1-Self-installer.exe
2014-06-08 14:02 - 2014-06-08 14:02 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\suave on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Program Files (x86)\suave on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Program Files (x86)\Savea on
2014-06-08 14:02 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-08 14:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Julian\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-08 14:01 - 2014-04-14 14:58 - 00000000 ____D () C:\Users\Julian\AppData\Local\Google
2014-06-08 11:13 - 2014-06-11 19:55 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 19:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 21:07 - 2014-06-07 21:06 - 00000000 ____D () C:\Users\Julian\AppData\Local\SniperV2
2014-05-30 13:47 - 2014-05-04 15:23 - 00000846 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-05-30 13:47 - 2014-04-14 18:45 - 00002016 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-30 13:47 - 2014-04-14 18:34 - 00000932 _____ () C:\Users\Julian\Desktop\GIMP 2.lnk
2014-05-30 12:21 - 2014-06-11 19:55 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 19:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 19:55 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 19:55 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 19:55 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 19:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 19:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 19:55 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 19:55 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 19:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 19:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 19:55 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 19:55 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 19:55 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 19:55 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 19:55 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 19:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 19:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 19:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 19:55 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 19:55 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 19:55 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 19:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 19:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 19:55 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 19:55 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 19:55 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 19:55 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 19:55 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 19:55 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 19:55 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 19:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 19:55 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 19:55 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 19:55 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 19:55 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 19:55 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 19:55 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 19:55 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 19:55 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 19:55 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 19:55 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 19:55 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 19:55 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 19:55 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 19:55 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 19:55 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 19:55 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 19:55 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 19:55 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 00:50 - 2014-05-30 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-30 00:50 - 2014-04-08 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-30 00:50 - 2014-04-08 11:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-29 02:14 - 2014-05-29 02:13 - 00011776 ___SH () C:\Users\Julian\Thumbs.db
2014-05-29 02:13 - 2014-04-08 10:54 - 00000000 ____D () C:\Users\Julian
2014-05-28 20:37 - 2014-05-28 20:37 - 00000000 ____D () C:\Users\Julian\Documents\Paradox Interactive
2014-05-28 18:29 - 2014-05-28 18:27 - 90396104 _____ (The GIMP Team ) C:\Users\Julian\Downloads\gimp-2.8.10-setup.exe
2014-05-27 17:05 - 2014-05-27 17:05 - 00331560 _____ () C:\Users\Julian\Downloads\soundboard-0.9.9.9k-win64.ts3_plugin
2014-05-26 20:41 - 2014-04-08 11:22 - 00000000 ____D () C:\Users\Julian\AppData\Local\NVIDIA Corporation
2014-05-26 20:41 - 2014-04-08 11:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-25 11:54 - 2014-05-25 11:54 - 00000000 ____D () C:\Users\Julian\AppData\Local\Chromium
2014-05-25 10:32 - 2014-04-16 08:57 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-24 11:04 - 2014-05-24 10:49 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-05-24 10:49 - 2014-05-24 10:48 - 00000000 ____D () C:\Users\Julian\AppData\Local\Overwolf
2014-05-23 22:29 - 2014-04-14 14:59 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 02:29
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Julian at 2014-06-21 20:23:41
Running from C:\Users\Julian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.23 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Anglo Zulu war (HKLM-x32\...\{A7DEE6EE-6B52-490B-8716-885BFD85DE6D}_is1) (Version: 1.0.0 - Author)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 5.10 beta 2 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
==================== Restore Points =========================
07-06-2014 19:04:40 DirectX wurde installiert
10-06-2014 14:11:10 Windows Update
11-06-2014 20:51:03 Windows Update
17-06-2014 17:15:45 Windows Update
21-06-2014 13:43:32 DirectX wurde installiert
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {2BFCB3A3-E584-4D78-97F1-3144ADC0C29E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A0EACBB1-F919-4D16-9F22-70C8C415279B} - System32\Tasks\{4FDFC0F8-685D-46BA-BF68-6B585CE6CFDA} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.73.104.456/de/abandoninstall?page=tsProgressBar
Task: {A6249436-8769-4ED0-A0AB-B87C1D1FB37D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {DA8E84A7-78B2-42A9-8474-CF2D901203BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F02CDB9F-FF01-44A1-B040-6CFE54720208} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-14] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-08 11:19 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-04-08 11:11 - 2013-07-31 03:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-08 11:16 - 2012-11-01 11:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-04-08 11:16 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-01-22 15:15 - 2014-01-22 15:15 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00102344 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00108488 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00563656 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-05-27 17:06 - 2014-05-27 17:06 - 00325120 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\plugins\soundboard.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00577480 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-04-16 08:57 - 2014-06-21 15:44 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-14 17:39 - 2014-04-14 17:39 - 00049152 _____ () C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
2014-04-08 11:16 - 2012-10-31 15:00 - 00991232 ____N () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll
2014-04-14 18:43 - 2014-04-14 18:43 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-05-12 15:39 - 2014-06-21 14:41 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-05-22 14:45 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 03:45 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-22 14:45 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-04-14 15:19 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-14 15:19 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 14:45 - 2014-05-29 19:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-22 14:45 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-04-14 15:19 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-04-14 15:19 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-04-14 15:19 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-04-14 15:19 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-04-14 15:19 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-04-14 15:19 - 2014-05-29 19:36 - 00359104 _____ () C:\Program Files (x86)\Steam\steam.dll
2014-04-14 17:39 - 2014-04-14 17:39 - 00606080 _____ () C:\Users\Julian\AppData\Local\Arma 3\BattlEye\BEClient.dll
2014-05-23 22:29 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 22:29 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 22:29 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 22:29 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 22:29 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-23 22:29 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/21/2014 03:20:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/21/2014 03:20:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (06/21/2014 03:20:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 16251.93 MB
Available physical RAM: 10855.88 MB
Total Pagefile: 24250.12 MB
Available Pagefile: 14396.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:447.03 GB) (Free:197.78 GB) NTFS
Drive d: (Daten) (Fixed) (Total:929.56 GB) (Free:929.4 GB) NTFS
Drive e: (HI-TECH Treiber) (Fixed) (Total:1.95 GB) (Free:0.38 GB) NTFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:930.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447 GB) (Disk ID: BC6D3FC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 7777F9A2)
Partition 1: (Not Active) - (Size=930 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 5AA1FE0E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Frst und Addition Ich weiß auch schon das es an dem Cookie/Erweiterung Save on liegt, nur jedes mal wenn ich es lösche ist es weg, sobald ich aber google chrome kommt es wieder uns installiert sich sozusagen von alleine Geändert von Walwin (21.06.2014 um 20:13 Uhr) |
|
22.06.2014, 13:31
| #4 |
| /// Malwareteam | Seid kurzer Zeit aufdringliche Browserwerbung Hi Schritt 1: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2: Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3: Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Schritt 4: Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 5: ESET Online Scanner
Schritt 6: erstelle ein neues FRST Logfile und poste es hier. |
|
22.06.2014, 21:00
| #5 |
| | Seid kurzer Zeit aufdringliche Browserwerbung Aw: Adwcleaner Code:
ATTFilter # AdwCleaner v3.212 - Bericht erstellt am 22/06/2014 um 21:02:39
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Julian - JULIAN-PC
# Gestartet von : C:\Users\Julian\Downloads\adwcleaner_3.212.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Google Chrome v35.0.1916.114
[ Datei : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2364 octets] - [21/06/2014 15:01:25]
AdwCleaner[R1].txt - [928 octets] - [21/06/2014 15:09:00]
AdwCleaner[R2].txt - [987 octets] - [21/06/2014 21:16:44]
AdwCleaner[R3].txt - [1107 octets] - [22/06/2014 21:02:17]
AdwCleaner[S0].txt - [2358 octets] - [21/06/2014 15:02:31]
AdwCleaner[S1].txt - [1047 octets] - [21/06/2014 21:17:21]
AdwCleaner[S2].txt - [1029 octets] - [22/06/2014 21:02:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1089 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Julian on 22.06.2014 at 21:05:11,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.06.2014 at 21:08:12,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Aw: Mbam Code:
ATTFilter Suchlauf-Zeit: 21:22:08
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.06.21.04
Rootkit Datenbank: v2014.06.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Ich
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 286302
Verstrichene Zeit: 2 Min, 50 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 0
(No malicious items detected)
Physische Sektoren: 0
(No malicious items detected)
(end)
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=97e599a115adba41bb3f906c742e9021
# engine=18828
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-22 07:51:55
# local_time=2014-06-22 09:51:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 5972890 5972907 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 1975 155096565 0 0
# scanned=179156
# found=7
# cleaned=0
# scan_time=956
sh=A506AEDE7D055BAA580C7657DBAFD498EF0B2E58 ft=1 fh=c71c00117d7abedf vn="Variante von Win32/AdWare.MultiPlug.Y Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\YoutubeAdblocker\XCeGQIh.exe.vir"
sh=A777E448AEDC62DC09412897E7F63A1615F14CA8 ft=1 fh=094e27113fa97e49 vn="möglicherweise Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\PD2APIDLL1.dll"
sh=A506AEDE7D055BAA580C7657DBAFD498EF0B2E58 ft=1 fh=c71c00117d7abedf vn="Variante von Win32/AdWare.MultiPlug.Y Anwendung" ac=I fn="C:\ProgramData\suave on\LMot.exe"
sh=A506AEDE7D055BAA580C7657DBAFD498EF0B2E58 ft=1 fh=c71c00117d7abedf vn="Variante von Win32/AdWare.MultiPlug.Y Anwendung" ac=I fn="C:\Users\All Users\suave on\LMot.exe"
sh=CDC7A56FC6ACBDB00F0870CA7D992C25FD77D872 ft=1 fh=28aadbf642b7b012 vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
sh=44FCE8C81A93751DB887771237299ABAF9F253B2 ft=1 fh=098ea2b9676aa2ee vn="möglicherweise Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Julian\Downloads\HoxHud-P1-Self-installer.exe"
sh=2F3FAFAC28D2A0191B524704ED6B8B0E533B3630 ft=1 fh=17a186c0e2f206d3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Julian\Downloads\spsetup126.exe"
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Julian (administrator) on JULIAN-PC on 22-06-2014 21:58:08
Running from C:\Users\Julian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [40576 2013-08-29] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-14] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-12] (Razer Inc.)
HKLM-x32\...\Run: [YourFile DownloaderInstaller Starter] => "C:\Users\Julian\AppData\Local\Temp\install728248.exe" -startup
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Spotify] => C:\Users\Julian\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-21] (Electronic Arts)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\MountPoints2: {9ff9faa4-bf22-11e3-b4bb-448a5b254d66} - G:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hitech-gamer.com/
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage:
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad [2014-06-08]
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (avast! Online Security) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad\2.14 [2014-06-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-14] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-14] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-21] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-14] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-14] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 GPU-Z; \??\C:\Users\Julian\AppData\Local\Temp\GPU-Z.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-22 21:30 - 2014-06-22 21:30 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-22 21:29 - 2014-06-22 21:29 - 02347384 _____ (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_deu.exe
2014-06-22 21:18 - 2014-06-22 21:19 - 00448512 _____ (OldTimer Tools) C:\Users\Julian\Downloads\TFC.exe
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio.htm
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio (1).htm
2014-06-22 11:14 - 2014-06-22 11:14 - 00000654 _____ () C:\Users\Julian\Downloads\Download (2)
2014-06-21 20:23 - 2014-06-22 21:58 - 00015769 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-21 20:23 - 2014-06-22 21:58 - 00000000 ____D () C:\FRST
2014-06-21 20:23 - 2014-06-21 20:23 - 00020755 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-21 20:22 - 2014-06-21 20:23 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-21 15:12 - 2014-06-22 21:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 15:12 - 2014-06-21 15:12 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-21 15:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-21 15:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-21 15:11 - 2014-06-21 15:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-21 15:01 - 2014-06-22 21:02 - 00000000 ____D () C:\AdwCleaner
2014-06-21 15:01 - 2014-06-21 15:01 - 01333465 _____ () C:\Users\Julian\Downloads\adwcleaner_3.212.exe
2014-06-21 15:01 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-21 14:28 - 2014-06-21 14:28 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-20 21:34 - 2014-06-20 21:34 - 00001480 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-06-20 19:23 - 2014-06-21 21:38 - 00000000 ____D () C:\Users\Julian\AppData\Local\Ubisoft Game Launcher
2014-06-20 19:23 - 2014-06-20 19:23 - 00001211 _____ () C:\Users\Julian\Desktop\Uplay.lnk
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-20 18:55 - 2014-06-20 19:00 - 63548256 _____ (Ubisoft) C:\Users\Julian\Downloads\UplayInstaller.exe
2014-06-15 00:01 - 2014-06-15 00:01 - 00000718 _____ () C:\Users\Julian\Downloads\Download
2014-06-15 00:01 - 2014-06-15 00:01 - 00000628 _____ () C:\Users\Julian\Downloads\Download (1)
2014-06-11 19:55 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 19:55 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 19:55 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 19:55 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 19:55 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 19:55 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 19:55 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 19:55 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 19:55 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 19:55 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 19:55 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 19:55 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 19:55 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 19:55 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 19:55 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 19:55 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 19:55 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 19:55 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 19:55 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 19:55 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 19:55 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 19:55 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 19:55 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 19:55 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 19:55 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 19:55 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 19:55 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 19:55 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 19:55 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 19:55 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 19:55 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 19:55 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 19:55 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 19:55 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 19:55 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 19:55 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 19:55 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 19:55 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 19:55 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 19:55 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 19:55 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 19:55 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 19:55 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 19:55 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 19:55 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 19:55 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 19:55 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 19:55 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 19:55 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 19:55 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 19:55 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 19:55 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 19:55 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 19:55 - 2014-04-25 04:27 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 19:55 - 2014-04-25 03:58 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 19:55 - 2014-04-05 04:37 - 01897408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 19:55 - 2014-04-05 04:37 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-11 19:55 - 2014-04-05 04:37 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 19:55 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 19:55 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 19:55 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 19:55 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 19:55 - 2014-03-26 04:39 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 19:55 - 2014-03-26 04:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 19:55 - 2014-03-26 04:13 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 19:55 - 2014-03-26 04:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 19:54 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 16:36 - 2014-06-10 18:04 - 35550986 _____ () C:\Users\Julian\Desktop\PPv14_[www.unknowncheats.me]_.zip
2014-06-10 16:35 - 2014-06-10 16:35 - 17895055 _____ () C:\Users\Julian\Downloads\PPv14_[www.unknowncheats.me]_.zip
2014-06-08 17:13 - 2014-06-08 17:13 - 00002218 _____ () C:\Users\Julian\Desktop\Google Earth.lnk
2014-06-08 14:12 - 2014-06-08 14:13 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-08 14:11 - 2014-06-08 14:11 - 07648470 _____ () C:\Users\Julian\Downloads\npp.6.6.4.Installer.exe
2014-06-08 14:09 - 2014-06-08 14:09 - 01527092 _____ () C:\Users\Julian\Downloads\HoxHud-P1-Self-installer.exe
2014-06-08 14:02 - 2014-06-21 15:03 - 00000000 ____D () C:\ProgramData\Savea on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\suave on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Program Files (x86)\suave on
2014-06-08 14:01 - 2014-06-21 14:53 - 00000000 ____D () C:\ProgramData\683c649fcfc2e2a5
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Julian\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-07 21:06 - 2014-06-07 21:07 - 00000000 ____D () C:\Users\Julian\AppData\Local\SniperV2
2014-05-30 00:50 - 2014-05-30 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-30 00:49 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-30 00:48 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-30 00:48 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-29 02:13 - 2014-05-29 02:14 - 00011776 ___SH () C:\Users\Julian\Thumbs.db
2014-05-28 20:37 - 2014-05-28 20:37 - 00000000 ____D () C:\Users\Julian\Documents\Paradox Interactive
2014-05-28 18:27 - 2014-05-28 18:29 - 90396104 _____ (The GIMP Team ) C:\Users\Julian\Downloads\gimp-2.8.10-setup.exe
2014-05-27 17:18 - 2014-06-19 16:57 - 00000000 ____D () C:\Users\Julian\Desktop\Soundboard sounds
2014-05-27 17:05 - 2014-05-27 17:05 - 00331560 _____ () C:\Users\Julian\Downloads\soundboard-0.9.9.9k-win64.ts3_plugin
2014-05-26 20:40 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-26 20:40 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-25 11:54 - 2014-05-25 11:54 - 00000000 ____D () C:\Users\Julian\AppData\Local\Chromium
2014-05-24 10:49 - 2014-05-24 11:04 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-05-24 10:48 - 2014-05-24 10:49 - 00000000 ____D () C:\Users\Julian\AppData\Local\Overwolf
==================== One Month Modified Files and Folders =======
2014-06-22 21:58 - 2014-06-21 20:23 - 00015769 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-22 21:58 - 2014-06-21 20:23 - 00000000 ____D () C:\FRST
2014-06-22 21:57 - 2014-04-14 15:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-22 21:41 - 2014-04-08 11:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-22 21:30 - 2014-06-22 21:30 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-22 21:29 - 2014-06-22 21:29 - 02347384 _____ (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_deu.exe
2014-06-22 21:27 - 2014-04-14 18:43 - 00000000 ____D () C:\Users\Julian\Desktop\Stuff
2014-06-22 21:27 - 2014-04-14 14:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-22 21:27 - 2014-04-14 14:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-22 21:21 - 2014-06-21 15:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 21:19 - 2014-06-22 21:18 - 00448512 _____ (OldTimer Tools) C:\Users\Julian\Downloads\TFC.exe
2014-06-22 21:10 - 2010-11-21 08:50 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-06-22 21:10 - 2010-11-21 08:50 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-06-22 21:10 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 21:10 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 21:10 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 21:06 - 2014-04-08 10:54 - 02053578 ____N () C:\Windows\WindowsUpdate.log
2014-06-22 21:03 - 2014-05-12 15:10 - 00000000 ____D () C:\ProgramData\Origin
2014-06-22 21:03 - 2014-05-05 15:49 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Skype
2014-06-22 21:03 - 2014-04-14 18:31 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Spotify
2014-06-22 21:03 - 2014-04-08 11:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-22 21:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 21:02 - 2014-06-21 15:01 - 00000000 ____D () C:\AdwCleaner
2014-06-22 21:01 - 2014-04-14 15:03 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TS3Client
2014-06-22 20:01 - 2014-04-14 17:27 - 00000000 ____D () C:\Users\Julian\AppData\Local\Arma 3
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio.htm
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio (1).htm
2014-06-22 11:14 - 2014-06-22 11:14 - 00000654 _____ () C:\Users\Julian\Downloads\Download (2)
2014-06-21 21:38 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Local\Ubisoft Game Launcher
2014-06-21 21:23 - 2014-04-16 08:58 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-21 21:23 - 2014-04-16 08:58 - 00000000 ____D () C:\Users\Julian\AppData\Local\PunkBuster
2014-06-21 21:23 - 2014-04-16 08:57 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-21 21:22 - 2014-05-06 15:27 - 00000000 ____D () C:\Users\Julian\Documents\My Games
2014-06-21 21:18 - 2014-05-12 15:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-21 21:08 - 2014-05-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-21 20:23 - 2014-06-21 20:23 - 00020755 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-21 20:23 - 2014-06-21 20:22 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-21 15:44 - 2014-04-16 08:57 - 00282512 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-21 15:44 - 2014-04-16 08:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-21 15:27 - 2014-04-14 15:06 - 00001873 _____ () C:\Users\Julian\Desktop\TS ID's.txt
2014-06-21 15:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-06-21 15:12 - 2014-06-21 15:12 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-21 15:11 - 2014-06-21 15:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-21 15:03 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\Savea on
2014-06-21 15:01 - 2014-06-21 15:01 - 01333465 _____ () C:\Users\Julian\Downloads\adwcleaner_3.212.exe
2014-06-21 14:53 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\683c649fcfc2e2a5
2014-06-21 14:28 - 2014-06-21 14:28 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-20 21:38 - 2014-05-06 19:00 - 00000000 ____D () C:\Users\Julian\Desktop\Screenshots
2014-06-20 21:34 - 2014-06-20 21:34 - 00001480 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-06-20 21:34 - 2014-04-14 18:34 - 00000000 ____D () C:\Users\Julian\.gimp-2.8
2014-06-20 19:23 - 2014-06-20 19:23 - 00001211 _____ () C:\Users\Julian\Desktop\Uplay.lnk
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-20 19:00 - 2014-06-20 18:55 - 63548256 _____ (Ubisoft) C:\Users\Julian\Downloads\UplayInstaller.exe
2014-06-19 16:57 - 2014-05-27 17:18 - 00000000 ____D () C:\Users\Julian\Desktop\Soundboard sounds
2014-06-18 17:16 - 2014-04-14 18:31 - 00000000 ____D () C:\Users\Julian\AppData\Local\Spotify
2014-06-15 00:01 - 2014-06-15 00:01 - 00000718 _____ () C:\Users\Julian\Downloads\Download
2014-06-15 00:01 - 2014-06-15 00:01 - 00000628 _____ () C:\Users\Julian\Downloads\Download (1)
2014-06-14 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 22:52 - 2014-04-18 10:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 22:51 - 2014-05-06 21:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 22:51 - 2014-04-18 10:37 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 18:04 - 2014-06-10 16:36 - 35550986 _____ () C:\Users\Julian\Desktop\PPv14_[www.unknowncheats.me]_.zip
2014-06-10 16:35 - 2014-06-10 16:35 - 17895055 _____ () C:\Users\Julian\Downloads\PPv14_[www.unknowncheats.me]_.zip
2014-06-09 13:51 - 2014-04-14 14:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-08 17:13 - 2014-06-08 17:13 - 00002218 _____ () C:\Users\Julian\Desktop\Google Earth.lnk
2014-06-08 14:13 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-08 14:11 - 2014-06-08 14:11 - 07648470 _____ () C:\Users\Julian\Downloads\npp.6.6.4.Installer.exe
2014-06-08 14:09 - 2014-06-08 14:09 - 01527092 _____ () C:\Users\Julian\Downloads\HoxHud-P1-Self-installer.exe
2014-06-08 14:02 - 2014-06-08 14:02 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\suave on
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Program Files (x86)\suave on
2014-06-08 14:02 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-08 14:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Julian\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-08 14:01 - 2014-04-14 14:58 - 00000000 ____D () C:\Users\Julian\AppData\Local\Google
2014-06-08 11:13 - 2014-06-11 19:55 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 19:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 21:07 - 2014-06-07 21:06 - 00000000 ____D () C:\Users\Julian\AppData\Local\SniperV2
2014-05-30 13:47 - 2014-05-04 15:23 - 00000846 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-05-30 13:47 - 2014-04-14 18:45 - 00002016 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-30 13:47 - 2014-04-14 18:34 - 00000932 _____ () C:\Users\Julian\Desktop\GIMP 2.lnk
2014-05-30 12:21 - 2014-06-11 19:55 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 19:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 19:55 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 19:55 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 19:55 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 19:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 19:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 19:55 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 19:55 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 19:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 19:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 19:55 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 19:55 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 19:55 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 19:55 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 19:55 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 19:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 19:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 19:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 19:55 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 19:55 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 19:55 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 19:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 19:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 19:55 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 19:55 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 19:55 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 19:55 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 19:55 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 19:55 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 19:55 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 19:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 19:55 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 19:55 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 19:55 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 19:55 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 19:55 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 19:55 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 19:55 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 19:55 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 19:55 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 19:55 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 19:55 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 19:55 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 19:55 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 19:55 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 19:55 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 19:55 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 19:55 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 19:55 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 00:50 - 2014-05-30 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-30 00:50 - 2014-04-08 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-30 00:50 - 2014-04-08 11:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-29 02:14 - 2014-05-29 02:13 - 00011776 ___SH () C:\Users\Julian\Thumbs.db
2014-05-29 02:13 - 2014-04-08 10:54 - 00000000 ____D () C:\Users\Julian
2014-05-28 20:37 - 2014-05-28 20:37 - 00000000 ____D () C:\Users\Julian\Documents\Paradox Interactive
2014-05-28 18:29 - 2014-05-28 18:27 - 90396104 _____ (The GIMP Team ) C:\Users\Julian\Downloads\gimp-2.8.10-setup.exe
2014-05-27 17:05 - 2014-05-27 17:05 - 00331560 _____ () C:\Users\Julian\Downloads\soundboard-0.9.9.9k-win64.ts3_plugin
2014-05-26 20:41 - 2014-04-08 11:22 - 00000000 ____D () C:\Users\Julian\AppData\Local\NVIDIA Corporation
2014-05-26 20:41 - 2014-04-08 11:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-25 11:54 - 2014-05-25 11:54 - 00000000 ____D () C:\Users\Julian\AppData\Local\Chromium
2014-05-24 11:04 - 2014-05-24 10:49 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-05-24 10:49 - 2014-05-24 10:48 - 00000000 ____D () C:\Users\Julian\AppData\Local\Overwolf
2014-05-23 22:29 - 2014-04-14 14:59 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-22 15:18
==================== End Of Log ============================
--- --- --- --- --- --- 2 von den Sachen die ESET gefunden hat sind Hacks von mir selbst :3 aber an denen lag es nicht. |
|
22.06.2014, 21:31
| #6 |
| /// Malwareteam | Seid kurzer Zeit aufdringliche Browserwerbung Hi tritt das Problem nur bei Chrome auf? So viel ich weiss legt Chrome online ein Backup der Addons an die es synchronisiert.
__________________ --> Seid kurzer Zeit aufdringliche Browserwerbung |
|
22.06.2014, 21:34
| #7 |
| /// Malwareteam | Seid kurzer Zeit aufdringliche Browserwerbung mach das mal: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
|
|
23.06.2014, 02:06
| #8 |
| | Seid kurzer Zeit aufdringliche Browserwerbung Aw: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014
Ran by Julian at 2014-06-23 02:55:51 Run:1
Running from C:\Users\Julian\Downloads\FRST-OlderVersion
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
The system needed a reboot.
==== End of Fixlog ====
|
|
23.06.2014, 11:43
| #9 |
| /// Malwareteam | Seid kurzer Zeit aufdringliche Browserwerbung Hat das etwas am Verhalten des Systems geändert? Lösche bitte die Funde von ESET manuell. Sollte es hier Probleme geben melde dich kurz bitte poste ein frisches FRST Logfile |
|
23.06.2014, 14:51
| #10 |
| | Seid kurzer Zeit aufdringliche Browserwerbung Hi, nein Savea on installiert sich weiterhin von selbst und alles andere auch. Wiegesagt wenn ich den Cookie vor dem Benutzen des Browsers lösche läuft alles perfekt. Nur wenn ich es nicht mache kommt der ganze kram. Wie kann ich die Funde denn nochmal einsehen, also nicht nur diese Codes sondern was er halt gefunden hat. |
|
24.06.2014, 14:20
| #11 |
| /// Malwareteam | Seid kurzer Zeit aufdringliche Browserwerbung Hi gut dann versuchen wir das hier einmal: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HomePage:
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad [2014-06-08]
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad\2.14 [2014-06-08]
"C:\ProgramData\Savea on"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
|
|
25.06.2014, 10:30
| #12 |
| | Seid kurzer Zeit aufdringliche BrowserwerbungCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014
Ran by Julian at 2014-06-25 11:29:40 Run:2
Running from C:\Users\Julian\Downloads\FRST-OlderVersion
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HomePage:
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad [2014-06-08]
CHR Extension: (Savea on) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad\2.14 [2014-06-08]
"C:\ProgramData\Savea on"
*****************
C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad => Moved successfully.
C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\admopakeijfgfmpbmefempljhlehhcad\2.14 directory not found.
C:\ProgramData\Savea on => Moved successfully.
==== End of Fixlog ====
Eben als ich den Browser geöffnet habe war Savea on nicht mehr installiert  |
|
25.06.2014, 13:09
| #13 |
| /// Malwareteam | Seid kurzer Zeit aufdringliche Browserwerbung Gibt es dann von deiner Seite aus noch Probleme die wir betrachten sollen? Zum Abschluss dieses Themas benötige ich noch ein neues FRST Logfile. Wenn das Sauber ist räumen wir noch auf und sichern das System ab. |
|
26.06.2014, 13:49
| #14 |
| | Seid kurzer Zeit aufdringliche Browserwerbung FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Julian (administrator) on JULIAN-PC on 26-06-2014 14:46:48
Running from C:\Users\Julian\Downloads\FRST-OlderVersion
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(TeamSpeak Systems GmbH) C:\Users\Julian\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [40576 2013-08-29] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-14] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-12] (Razer Inc.)
HKLM-x32\...\Run: [YourFile DownloaderInstaller Starter] => "C:\Users\Julian\AppData\Local\Temp\install728248.exe" -startup
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Spotify] => C:\Users\Julian\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-21] (Electronic Arts)
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3784981120-1613560211-1229774700-1000\...\MountPoints2: {9ff9faa4-bf22-11e3-b4bb-448a5b254d66} - G:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hitech-gamer.com/
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (avast! Online Security) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-14]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-14] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-14] () [File not signed]
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-21] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-14] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-14] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 GPU-Z; \??\C:\Users\Julian\AppData\Local\Temp\GPU-Z.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-25 11:27 - 2014-06-25 11:27 - 00000628 _____ () C:\Users\Julian\Downloads\Download (3)
2014-06-24 16:55 - 2014-06-24 16:55 - 00453232 _____ () C:\Users\Julian\Downloads\CBA_A3_RC1.zip
2014-06-24 16:18 - 2014-06-24 16:29 - 814840305 _____ () C:\Users\Julian\Downloads\@SpeedOfSound_RC1.rar
2014-06-23 21:01 - 2013-05-25 11:57 - 00000000 ____D () C:\Users\Julian\Desktop\@VTS_Weaponresting
2014-06-23 20:58 - 2014-06-23 20:58 - 00071419 _____ () C:\Users\Julian\Downloads\@VTS_Weaponresting_v05.7z
2014-06-23 10:59 - 2014-06-26 14:45 - 00001120 _____ () C:\Windows\setupact.log
2014-06-23 10:59 - 2014-06-23 10:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-23 02:52 - 2014-06-26 14:46 - 00000000 ____D () C:\Users\Julian\Downloads\FRST-OlderVersion
2014-06-22 21:29 - 2014-06-22 21:29 - 02347384 _____ (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_deu.exe
2014-06-22 21:18 - 2014-06-22 21:19 - 00448512 _____ (OldTimer Tools) C:\Users\Julian\Downloads\TFC.exe
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio.htm
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio (1).htm
2014-06-22 11:14 - 2014-06-22 11:14 - 00000654 _____ () C:\Users\Julian\Downloads\Download (2)
2014-06-21 20:23 - 2014-06-26 14:46 - 00000000 ____D () C:\FRST
2014-06-21 20:23 - 2014-06-22 21:58 - 00051692 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-21 20:23 - 2014-06-21 20:23 - 00020755 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-21 15:12 - 2014-06-22 21:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 15:12 - 2014-06-21 15:12 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-21 15:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-21 15:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-21 15:11 - 2014-06-21 15:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-21 15:01 - 2014-06-22 21:02 - 00000000 ____D () C:\AdwCleaner
2014-06-21 15:01 - 2014-06-21 15:01 - 01333465 _____ () C:\Users\Julian\Downloads\adwcleaner_3.212.exe
2014-06-21 15:01 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-21 14:28 - 2014-06-21 14:28 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-20 21:34 - 2014-06-20 21:34 - 00001480 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-06-20 19:23 - 2014-06-21 21:38 - 00000000 ____D () C:\Users\Julian\AppData\Local\Ubisoft Game Launcher
2014-06-20 19:23 - 2014-06-20 19:23 - 00001211 _____ () C:\Users\Julian\Desktop\Uplay.lnk
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-20 18:55 - 2014-06-20 19:00 - 63548256 _____ (Ubisoft) C:\Users\Julian\Downloads\UplayInstaller.exe
2014-06-15 00:01 - 2014-06-15 00:01 - 00000718 _____ () C:\Users\Julian\Downloads\Download
2014-06-15 00:01 - 2014-06-15 00:01 - 00000628 _____ () C:\Users\Julian\Downloads\Download (1)
2014-06-11 19:55 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 19:55 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 19:55 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 19:55 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 19:55 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 19:55 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 19:55 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 19:55 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 19:55 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 19:55 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 19:55 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 19:55 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 19:55 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 19:55 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 19:55 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 19:55 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 19:55 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 19:55 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 19:55 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 19:55 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 19:55 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 19:55 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 19:55 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 19:55 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 19:55 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 19:55 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 19:55 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 19:55 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 19:55 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 19:55 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 19:55 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 19:55 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 19:55 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 19:55 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 19:55 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 19:55 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 19:55 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 19:55 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 19:55 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 19:55 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 19:55 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 19:55 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 19:55 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 19:55 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 19:55 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 19:55 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 19:55 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 19:55 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 19:55 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 19:55 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 19:55 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 19:55 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 19:55 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 19:55 - 2014-04-25 04:27 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 19:55 - 2014-04-25 03:58 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 19:55 - 2014-04-05 04:37 - 01897408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 19:55 - 2014-04-05 04:37 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-11 19:55 - 2014-04-05 04:37 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 19:55 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 19:55 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 19:55 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 19:55 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 19:55 - 2014-03-26 04:39 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 19:55 - 2014-03-26 04:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 19:55 - 2014-03-26 04:13 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 19:55 - 2014-03-26 04:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 19:54 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 16:36 - 2014-06-10 18:04 - 35550986 _____ () C:\Users\Julian\Desktop\PPv14_[www.unknowncheats.me]_.zip
2014-06-10 16:35 - 2014-06-10 16:35 - 17895055 _____ () C:\Users\Julian\Downloads\PPv14_[www.unknowncheats.me]_.zip
2014-06-08 17:13 - 2014-06-08 17:13 - 00002218 _____ () C:\Users\Julian\Desktop\Google Earth.lnk
2014-06-08 14:12 - 2014-06-08 14:13 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-08 14:11 - 2014-06-08 14:11 - 07648470 _____ () C:\Users\Julian\Downloads\npp.6.6.4.Installer.exe
2014-06-08 14:09 - 2014-06-08 14:09 - 01527092 _____ () C:\Users\Julian\Downloads\HoxHud-P1-Self-installer.exe
2014-06-08 14:02 - 2014-06-23 03:03 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\suave on
2014-06-08 14:01 - 2014-06-21 14:53 - 00000000 ____D () C:\ProgramData\683c649fcfc2e2a5
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Julian\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-07 21:06 - 2014-06-07 21:07 - 00000000 ____D () C:\Users\Julian\AppData\Local\SniperV2
2014-05-30 00:50 - 2014-05-30 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-30 00:49 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-30 00:48 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-30 00:48 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-30 00:48 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-29 02:13 - 2014-05-29 02:14 - 00011776 ___SH () C:\Users\Julian\Thumbs.db
2014-05-28 20:37 - 2014-05-28 20:37 - 00000000 ____D () C:\Users\Julian\Documents\Paradox Interactive
2014-05-28 18:27 - 2014-05-28 18:29 - 90396104 _____ (The GIMP Team ) C:\Users\Julian\Downloads\gimp-2.8.10-setup.exe
2014-05-27 17:18 - 2014-06-25 19:04 - 00000000 ____D () C:\Users\Julian\Desktop\Soundboard sounds
2014-05-27 17:05 - 2014-05-27 17:05 - 00331560 _____ () C:\Users\Julian\Downloads\soundboard-0.9.9.9k-win64.ts3_plugin
==================== One Month Modified Files and Folders =======
2014-06-26 14:46 - 2014-06-23 02:52 - 00000000 ____D () C:\Users\Julian\Downloads\FRST-OlderVersion
2014-06-26 14:46 - 2014-06-21 20:23 - 00000000 ____D () C:\FRST
2014-06-26 14:45 - 2014-06-23 10:59 - 00001120 _____ () C:\Windows\setupact.log
2014-06-26 14:45 - 2014-05-12 15:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-26 14:45 - 2014-05-12 15:10 - 00000000 ____D () C:\ProgramData\Origin
2014-06-26 14:45 - 2014-05-05 15:49 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Skype
2014-06-26 14:45 - 2014-04-14 18:31 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Spotify
2014-06-26 14:45 - 2014-04-14 15:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-26 14:45 - 2014-04-14 15:03 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TS3Client
2014-06-26 14:45 - 2014-04-14 14:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 14:45 - 2014-04-08 11:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-26 14:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-25 21:45 - 2014-04-08 10:54 - 01085269 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 21:41 - 2014-04-08 11:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-25 21:27 - 2014-04-14 14:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 21:08 - 2014-04-14 17:27 - 00000000 ____D () C:\Users\Julian\AppData\Local\Arma 3
2014-06-25 19:04 - 2014-05-27 17:18 - 00000000 ____D () C:\Users\Julian\Desktop\Soundboard sounds
2014-06-25 11:27 - 2014-06-25 11:27 - 00000628 _____ () C:\Users\Julian\Downloads\Download (3)
2014-06-25 10:31 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 10:31 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 10:29 - 2010-11-21 08:50 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-06-25 10:29 - 2010-11-21 08:50 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-06-25 10:29 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-24 16:55 - 2014-06-24 16:55 - 00453232 _____ () C:\Users\Julian\Downloads\CBA_A3_RC1.zip
2014-06-24 16:29 - 2014-06-24 16:18 - 814840305 _____ () C:\Users\Julian\Downloads\@SpeedOfSound_RC1.rar
2014-06-24 10:01 - 2014-04-14 18:31 - 00000000 ____D () C:\Users\Julian\AppData\Local\Spotify
2014-06-23 20:58 - 2014-06-23 20:58 - 00071419 _____ () C:\Users\Julian\Downloads\@VTS_Weaponresting_v05.7z
2014-06-23 10:59 - 2014-06-23 10:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-23 03:03 - 2014-06-08 14:02 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-23 02:55 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-22 21:58 - 2014-06-21 20:23 - 00051692 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-22 21:29 - 2014-06-22 21:29 - 02347384 _____ (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_deu.exe
2014-06-22 21:27 - 2014-04-14 18:43 - 00000000 ____D () C:\Users\Julian\Desktop\Stuff
2014-06-22 21:21 - 2014-06-21 15:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 21:19 - 2014-06-22 21:18 - 00448512 _____ (OldTimer Tools) C:\Users\Julian\Downloads\TFC.exe
2014-06-22 21:02 - 2014-06-21 15:01 - 00000000 ____D () C:\AdwCleaner
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio.htm
2014-06-22 11:39 - 2014-06-22 11:39 - 00038971 _____ () C:\Users\Julian\Downloads\vio (1).htm
2014-06-22 11:14 - 2014-06-22 11:14 - 00000654 _____ () C:\Users\Julian\Downloads\Download (2)
2014-06-21 21:38 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Local\Ubisoft Game Launcher
2014-06-21 21:23 - 2014-04-16 08:58 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-21 21:23 - 2014-04-16 08:58 - 00000000 ____D () C:\Users\Julian\AppData\Local\PunkBuster
2014-06-21 21:23 - 2014-04-16 08:57 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-21 21:22 - 2014-05-06 15:27 - 00000000 ____D () C:\Users\Julian\Documents\My Games
2014-06-21 21:08 - 2014-05-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-21 20:23 - 2014-06-21 20:23 - 00020755 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-21 15:44 - 2014-04-16 08:57 - 00282512 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-21 15:44 - 2014-04-16 08:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-21 15:27 - 2014-04-14 15:06 - 00001873 _____ () C:\Users\Julian\Desktop\TS ID's.txt
2014-06-21 15:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-06-21 15:12 - 2014-06-21 15:12 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 15:12 - 2014-06-21 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-21 15:11 - 2014-06-21 15:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-21 15:05 - 2014-06-21 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-21 15:01 - 2014-06-21 15:01 - 01333465 _____ () C:\Users\Julian\Downloads\adwcleaner_3.212.exe
2014-06-21 14:53 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\683c649fcfc2e2a5
2014-06-21 14:28 - 2014-06-21 14:28 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-20 21:38 - 2014-05-06 19:00 - 00000000 ____D () C:\Users\Julian\Desktop\Screenshots
2014-06-20 21:34 - 2014-06-20 21:34 - 00001480 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-06-20 21:34 - 2014-04-14 18:34 - 00000000 ____D () C:\Users\Julian\.gimp-2.8
2014-06-20 19:23 - 2014-06-20 19:23 - 00001211 _____ () C:\Users\Julian\Desktop\Uplay.lnk
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-06-20 19:23 - 2014-06-20 19:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-20 19:00 - 2014-06-20 18:55 - 63548256 _____ (Ubisoft) C:\Users\Julian\Downloads\UplayInstaller.exe
2014-06-15 00:01 - 2014-06-15 00:01 - 00000718 _____ () C:\Users\Julian\Downloads\Download
2014-06-15 00:01 - 2014-06-15 00:01 - 00000628 _____ () C:\Users\Julian\Downloads\Download (1)
2014-06-14 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 22:52 - 2014-04-18 10:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 22:51 - 2014-05-06 21:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 22:51 - 2014-04-18 10:37 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 18:04 - 2014-06-10 16:36 - 35550986 _____ () C:\Users\Julian\Desktop\PPv14_[www.unknowncheats.me]_.zip
2014-06-10 16:35 - 2014-06-10 16:35 - 17895055 _____ () C:\Users\Julian\Downloads\PPv14_[www.unknowncheats.me]_.zip
2014-06-09 13:51 - 2014-04-14 14:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-08 17:13 - 2014-06-08 17:13 - 00002218 _____ () C:\Users\Julian\Desktop\Google Earth.lnk
2014-06-08 14:13 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-08 14:12 - 2014-06-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-08 14:11 - 2014-06-08 14:11 - 07648470 _____ () C:\Users\Julian\Downloads\npp.6.6.4.Installer.exe
2014-06-08 14:09 - 2014-06-08 14:09 - 01527092 _____ () C:\Users\Julian\Downloads\HoxHud-P1-Self-installer.exe
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\suave on
2014-06-08 14:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Julian\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Gast
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\Users\Administrator
2014-06-08 14:01 - 2014-06-08 14:01 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-08 14:01 - 2014-04-14 14:58 - 00000000 ____D () C:\Users\Julian\AppData\Local\Google
2014-06-08 11:13 - 2014-06-11 19:55 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 19:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 21:07 - 2014-06-07 21:06 - 00000000 ____D () C:\Users\Julian\AppData\Local\SniperV2
2014-05-30 13:47 - 2014-05-04 15:23 - 00000846 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-05-30 13:47 - 2014-04-14 18:45 - 00002016 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-30 13:47 - 2014-04-14 18:34 - 00000932 _____ () C:\Users\Julian\Desktop\GIMP 2.lnk
2014-05-30 12:21 - 2014-06-11 19:55 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 19:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 19:55 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 19:55 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 19:55 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 19:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 19:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 19:55 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 19:55 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 19:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 19:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 19:55 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 19:55 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 19:55 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 19:55 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 19:55 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 19:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 19:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 19:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 19:55 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 19:55 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 19:55 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 19:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 19:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 19:55 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 19:55 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 19:55 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 19:55 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 19:55 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 19:55 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 19:55 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 19:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 19:55 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 19:55 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 19:55 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 19:55 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 19:55 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 19:55 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 19:55 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 19:55 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 19:55 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 19:55 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 19:55 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 19:55 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 19:55 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 19:55 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 19:55 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 19:55 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 19:55 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 19:55 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 00:50 - 2014-05-30 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-30 00:50 - 2014-04-08 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-30 00:50 - 2014-04-08 11:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-29 02:14 - 2014-05-29 02:13 - 00011776 ___SH () C:\Users\Julian\Thumbs.db
2014-05-29 02:13 - 2014-04-08 10:54 - 00000000 ____D () C:\Users\Julian
2014-05-28 20:37 - 2014-05-28 20:37 - 00000000 ____D () C:\Users\Julian\Documents\Paradox Interactive
2014-05-28 18:29 - 2014-05-28 18:27 - 90396104 _____ (The GIMP Team ) C:\Users\Julian\Downloads\gimp-2.8.10-setup.exe
2014-05-27 17:05 - 2014-05-27 17:05 - 00331560 _____ () C:\Users\Julian\Downloads\soundboard-0.9.9.9k-win64.ts3_plugin
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-22 15:18
==================== End Of Log ============================
--- --- --- Nein, von mir aus gibt es nichts mehr mir wäre nur noch wichtig, dass wir das system wiegesagt nochmal checken, nicht das da noch was drauf ist :S |
|
29.06.2014, 20:00
| #15 |
| | Seid kurzer Zeit aufdringliche Browserwerbung Wie sieht's aus ? |
|
| Themen zu Seid kurzer Zeit aufdringliche Browserwerbung |
| browser, erschienen, folgende, folgenden, google, kurzer, pop-ups, problem, shopping, werbung, werbungen, win32/adware.multiplug.y, win32/bundled.toolbar.google.d, win32/installerex.m, win32/packed.themida, ähnliches |
Gruß Aneri 
Linear-Darstellung
