| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 8.1: Virusfund Trojan.GenericKD.2011851 (Engine A)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.12.2014, 00:43
| #1 |
| |  Win 8.1: Virusfund Trojan.GenericKD.2011851 (Engine A) Hallo, mein Vierenscan (GData) hatmir eben gerade eine Virenmeldung gegeben. Und zwar meinter er folgendes: Beim Öffnen der Datei "G:\Clean Master\kcleaner.exe" wurde der Virus "Trojan.GenericKD.2011851 (Engine A)" entdeckt. In Quarantäne verschoben. Ich habe den mal gelöscht. Und bin anschließend nochmal mit einem Kompletten Virenscan drüber gegangen. Außerdem noch einen Scan mit dem Malwarebytes. Es konnte aber jeweils nichts mehr gefunden werden. Meine Frage ist nun, ob der Trojaner weg ist? Und ob der den Schlimm ist? Mfg |
|
06.12.2014, 02:05
| #2 |
| /// the machine /// TB-Ausbilder    | Win 8.1: Virusfund Trojan.GenericKD.2011851 (Engine A) hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
06.12.2014, 12:21
| #3 |
| | Win 8.1: Virusfund Trojan.GenericKD.2011851 (Engine A) Hallo,
__________________einmal die FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014 Ran by TheMo_000 (administrator) on STEFAN on 06-12-2014 12:15:04 Running from C:\Users\TheMo_000\Downloads Loaded Profile: TheMo_000 (Available profiles: TheMo_000) Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\System32\PnkBstrA.exe (TeamViewer GmbH) C:\Users\Public\temp\TeamViewer\Version9\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Malwarebytes Corporation) G:\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) G:\ Malwarebytes Anti-Malware \mbamscheduler.exe (AMD) C:\Windows\System32\atieclxx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (Malwarebytes Corporation) G:\ Malwarebytes Anti-Malware \mbam.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Mozilla Corporation) G:\firefox developer\firefox.exe (Creative Technology Ltd) G:\soundblaster\Sound Blaster Omni Control Panel\SBOmni.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe () C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\extensions\adbhelper@mozilla.org\win32\adb.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-15] (Realtek Semiconductor) HKLM\...\Run: [Creative SB Monitoring Utility Launcher] => RunDll32 SBAVMonL.dll,SBAVMonitorLauncher HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Sound Blaster Omni Control Panel] => G:\soundblaster\Sound Blaster Omni Control Panel\SBOmni.exe [930304 2013-10-28] (Creative Technology Ltd) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-11-12] (Raptr, Inc) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [Amazon Music] => C:\Users\TheMo_000\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-19] () HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\TheMo_000\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [Steam] => G:\steam\steam.exe [1940160 2014-11-18] (Valve Corporation) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [EADM] => G:\origin\Origin.exe [3618648 2014-11-29] (Electronic Arts) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] () HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xFF000000 HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {5b8ab7ef-9a56-11e3-beba-94de80b85ce7} - "E:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {5b8ab840-9a56-11e3-beba-94de80b85ce7} - "F:\LG_PC_Programs.exe" HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {dd7b4052-67cf-11e2-be7b-002522790915} - "D:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {dfebce8c-d75d-11e2-be85-002522790915} - "E:\pushinst.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x25EB8E6CB1E3CE01 HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-21-1854020161-2806125204-302643416-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=DE&ver=21&locale=de_DE&gct=kwd&qsrc=2869 BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> G:\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> G:\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\S-1-5-21-1854020161-2806125204-302643416-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> G:\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-1854020161-2806125204-302643416-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\TheMo_000\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin HKU\S-1-5-21-1854020161-2806125204-302643416-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Extension: Better Battlelog (BBLog) - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack [2014-10-30] FF Extension: Classic Theme Restorer - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-10-06] FF Extension: Adblock Plus - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-11] FF Extension: ADB Helper - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\adbhelper@mozilla.org [2014-12-05] FF Extension: Firefox Developer Tools Adapters - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\fxdevtools-adapters@mozilla.org [2014-12-05] FF Extension: Classic Theme Restorer - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-12-05] FF Extension: Adblock Plus - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-05] FF StartMenuInternet: FIREFOX.EXE - G:\firefox developer\firefox.exe Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-05] () S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-13] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-13] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed] S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-09] (Futuremark) R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG) S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) R2 MBAMScheduler; G:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; G:\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18974152 2014-08-09] (NVIDIA Corporation) S3 Origin Client Service; G:\origin\OriginClientService.exe [1900400 2014-11-29] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-09-14] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-09-14] () R2 TeamViewer9; C:\Users\Public\temp\TeamViewer\Version9\TeamViewer_Service.exe [4915040 2014-02-17] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices) S3 fwlanusb5; C:\Windows\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-08-31] (G Data Software AG) R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-10-26] (G Data Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [142336 2014-09-26] (G Data Software AG) R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [64000 2014-08-31] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2014-10-26] (G Data Software AG) R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-08-31] (G Data Software) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [61440 2014-08-31] (G Data Software AG) S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [56680 2014-12-05] (Kingsoft Corporation) R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [2056192 2013-10-16] (Creative Technology Ltd.) S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [44544 2013-01-15] (ManyCam LLC) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [29696 2012-10-11] (ManyCam LLC) S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [21448 2014-08-09] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R2 RtNdPt630; C:\Windows\system32\DRIVERS\RtNdPt630.sys [28888 2013-09-26] (Realtek Semiconductor Corp.) S3 RTTEAMPT; C:\Windows\system32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation) S3 ALSysIO; \??\C:\Users\THEMO_~1\AppData\Local\Temp\ALSysIO64.sys [X] S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 cpuz136; \??\C:\Users\THEMO_~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] S3 cpuz137; \??\C:\Users\THEMO_~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X] S3 X6va017; \??\C:\WINDOWS\SysWOW64\Drivers\X6va017 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-06 12:15 - 2014-12-06 12:15 - 00019494 _____ () C:\Users\TheMo_000\Downloads\FRST.txt 2014-12-06 12:14 - 2014-12-06 12:15 - 00000000 ____D () C:\FRST 2014-12-06 12:14 - 2014-12-06 12:14 - 02117632 ____C (Farbar) C:\Users\TheMo_000\Downloads\FRST64.exe 2014-12-06 00:59 - 2014-11-19 15:22 - 24172344 _____ (Ubisoft) C:\Users\TheMo_000\Desktop\Uplay.exe 2014-12-06 00:49 - 2014-12-06 00:50 - 00002823 _____ () C:\WINDOWS\avmfwlanci.log 2014-12-06 00:49 - 2014-12-06 00:49 - 00362856 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-12-06 00:49 - 2014-12-06 00:49 - 00001074 _____ () C:\WINDOWS\PFRO.log 2014-12-06 00:49 - 2014-12-06 00:49 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-12-06 00:49 - 2014-12-06 00:49 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-12-06 00:33 - 2014-12-06 00:33 - 00001490 _____ () C:\Users\TheMo_000\Desktop\G DATA Protokoll ID 773.html 2014-12-06 00:14 - 2014-12-06 00:14 - 02623656 ____C (VS Revo Group Ltd.) C:\Users\TheMo_000\Downloads\revosetup95.exe 2014-12-06 00:14 - 2014-12-06 00:14 - 00000665 _____ () C:\Users\TheMo_000\Desktop\Revo Uninstaller.lnk 2014-12-06 00:09 - 2014-12-06 12:13 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-06 00:09 - 2014-12-06 00:09 - 00000675 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-06 00:09 - 2014-12-06 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-06 00:09 - 2014-12-06 00:09 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-06 00:09 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-06 00:09 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-12-06 00:09 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-06 00:08 - 2014-12-06 00:08 - 20447072 ____C (Malwarebytes Corporation ) C:\Users\TheMo_000\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-05 17:53 - 2014-12-06 11:38 - 00063451 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-05 17:37 - 2014-12-05 20:04 - 00000000 ___DC () C:\Users\TheMo_000\AppData\Local\DayZ 2014-12-05 16:20 - 2014-12-05 16:21 - 00000000 ____D () C:\Users\TheMo_000\.android 2014-12-05 16:00 - 2014-12-05 16:00 - 00355388 _____ () C:\Users\TheMo_000\Desktop\bookmarks-2014-12-05.json 2014-12-05 15:50 - 2014-12-05 15:50 - 00000708 _____ () C:\Users\Public\Desktop\Firefox Developer Edition.lnk 2014-12-05 15:45 - 2014-12-05 15:45 - 00081768 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi.sys 2014-12-05 15:45 - 2014-12-05 15:45 - 00056680 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi64.sys 2014-12-05 15:45 - 2014-12-05 15:45 - 00000000 ____D () C:\ProgramData\Kingsoft 2014-12-05 15:45 - 2014-12-05 15:45 - 00000000 ____D () C:\ProgramData\cmcm 2014-12-01 18:55 - 2014-12-01 18:55 - 00000202 _____ () C:\Users\TheMo_000\Desktop\Saints Row IV.url 2014-12-01 17:21 - 2014-12-01 17:21 - 00000233 _____ () C:\Users\TheMo_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Crew (Worldwide).url 2014-11-29 20:58 - 2014-11-29 20:58 - 00000000 _SHDC () C:\Users\TheMo_000\AppData\Local\EmieBrowserModeList 2014-11-22 13:18 - 2014-11-22 13:18 - 04331309 ____C () C:\Users\TheMo_000\Desktop\10812590_563722503758294_1288012363_n.mp4 2014-11-19 15:22 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-11-19 15:22 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-11-19 15:22 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-11-19 15:22 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2014-11-18 21:22 - 2014-11-18 21:22 - 00000000 ____D () C:\Program Files\Java 2014-11-18 21:22 - 2014-11-18 21:22 - 00000000 ____D () C:\Program Files\Bonjour 2014-11-18 21:22 - 2014-11-18 21:22 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-11-18 15:07 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2014-11-18 15:06 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2014-11-18 15:06 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434475.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434475.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00500880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00418112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00393024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00348304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2014-11-13 18:01 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-11-13 18:01 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-11-13 18:01 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-11-13 18:01 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-11-13 18:01 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-11-13 18:00 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-11-13 18:00 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2014-11-13 18:00 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-11-13 18:00 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-11-13 18:00 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2014-11-13 18:00 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-11-13 18:00 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2014-11-13 18:00 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-11-13 18:00 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-11-13 18:00 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2014-11-13 18:00 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-11-13 18:00 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-11-13 18:00 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-11-13 17:59 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-11-13 17:59 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-11-13 17:59 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-11-13 17:59 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-11-13 17:59 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-11-13 17:59 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-11-13 17:59 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-11-13 17:59 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-11-13 17:59 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-13 17:59 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-11-13 17:59 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-11-13 17:59 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-11-13 17:59 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-11-13 17:59 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-11-13 17:59 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-11-13 17:59 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-11-13 17:59 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-11-13 17:59 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-11-13 17:59 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-11-13 17:59 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-11-13 17:59 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-11-13 17:59 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-11-13 17:59 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-11-13 17:59 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-11-13 17:59 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-11-13 17:59 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-11-13 17:59 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-11-13 17:59 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-11-13 17:59 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-11-13 17:59 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-11-13 17:59 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-11-13 17:59 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2014-11-13 17:59 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2014-11-13 17:58 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-11-13 17:58 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2014-11-13 17:58 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2014-11-13 17:58 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2014-11-13 17:58 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2014-11-13 17:58 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2014-11-13 17:58 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-11-13 17:58 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-11-13 17:58 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-11-13 17:58 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-13 17:58 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-11-13 17:58 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-11-13 17:58 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-11-13 17:58 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-11-13 17:58 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-11-13 17:58 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2014-11-13 17:58 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2014-11-13 17:58 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2014-11-13 17:58 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-11-13 17:58 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-11-13 17:58 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-11-13 17:58 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-11-13 17:58 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-11-13 17:58 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-11-13 17:58 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-11-13 17:58 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-13 17:58 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-11-13 17:58 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2014-11-13 17:58 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2014-11-13 17:58 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-11-13 17:58 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-11-13 17:58 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-11-13 17:58 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-11-13 17:58 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-11-13 17:58 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-11-13 17:58 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-11-13 17:58 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-11-13 17:58 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-11-13 17:58 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-11-13 17:58 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-11-13 17:58 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-11-13 17:58 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-11-13 17:58 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-11-13 17:58 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-11-13 17:58 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-11-13 17:58 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2014-11-13 17:58 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-11-13 17:58 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2014-11-13 17:58 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2014-11-13 17:58 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2014-11-13 17:58 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2014-11-13 17:58 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2014-11-13 17:58 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-11-13 17:58 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2014-11-13 17:58 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-11-13 17:58 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-11-13 17:58 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-11-13 17:58 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-11-13 17:58 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-11-13 17:58 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-11-13 17:58 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-11-13 17:58 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-11-13 17:58 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2014-11-13 17:58 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2014-11-13 17:58 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2014-11-13 17:58 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-11-13 17:58 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-11-13 17:58 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-11-13 17:58 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2014-11-13 17:58 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-11-13 17:58 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-13 17:58 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2014-11-13 17:58 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-11-13 17:58 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2014-11-13 17:58 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-11-13 17:58 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2014-11-13 17:58 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-11-13 17:58 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-11-13 17:58 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-11-13 17:58 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2014-11-13 17:58 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-11-13 17:58 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-11-13 17:58 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-11-13 17:58 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-11-13 17:58 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-11-13 17:58 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-11-13 17:58 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-11-13 17:58 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-11-13 17:58 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2014-11-13 17:58 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-11-13 17:58 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-11-13 17:58 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-11-13 17:58 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-11-13 17:58 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-11-13 17:58 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-11-13 17:58 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-11-13 17:58 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-13 17:58 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-11-13 17:58 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2014-11-13 17:58 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-11-13 17:58 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-11-13 17:58 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-11-13 17:58 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-11-13 17:58 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-13 17:58 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-11-13 17:58 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-11-13 17:58 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-11-13 17:57 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-11-13 17:57 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-11-13 17:57 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-11-13 17:57 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-11-13 17:57 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-11-13 17:57 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-11-13 17:57 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-13 17:57 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-11-13 17:57 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-11-13 17:57 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-11-13 17:57 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-11-13 17:57 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-11-13 17:57 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-11-13 17:57 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-13 17:57 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll 2014-11-13 17:57 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-13 17:57 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll 2014-11-13 17:57 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-11-13 17:57 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-11-13 17:57 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-11-13 17:57 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-11-13 17:57 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-11-13 17:57 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-11-13 17:57 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-13 17:57 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-11-13 17:57 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2014-11-10 19:41 - 2014-11-10 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-10 19:17 - 2014-11-13 01:20 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2014-11-10 19:17 - 2014-11-13 01:20 - 16884632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2014-11-10 19:17 - 2014-11-04 01:04 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434465.dll 2014-11-10 19:17 - 2014-11-04 01:04 - 01539272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434465.dll 2014-11-06 14:57 - 2014-11-06 14:57 - 12407910 ____C () C:\Users\TheMo_000\Desktop\If Sex Was Like Call of Duty.mp4 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-06 12:13 - 2013-10-19 09:27 - 00000000 __RDO () C:\Users\TheMo_000\SkyDrive 2014-12-06 12:13 - 2013-06-10 14:16 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-06 12:03 - 2013-11-16 21:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-06 12:01 - 2013-06-10 14:16 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-06 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-12-06 00:59 - 2013-01-11 20:42 - 00000000 ____D () C:\ProgramData\Norton 2014-12-06 00:54 - 2013-09-30 05:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-06 00:54 - 2013-09-30 04:56 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-06 00:54 - 2013-09-30 04:56 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-06 00:49 - 2014-05-02 20:24 - 00000374 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-12-06 00:49 - 2014-02-20 18:27 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-12-06 00:49 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-06 00:49 - 2013-01-13 22:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-06 00:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-12-06 00:25 - 2013-01-11 20:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1854020161-2806125204-302643416-1001 2014-12-05 23:57 - 2013-08-19 14:14 - 00000000 ____D () C:\Users\TheMo_000\AppData\Roaming\Skype 2014-12-05 23:56 - 2013-01-11 20:46 - 00000000 ___DC () C:\Users\TheMo_000\AppData\Local\CrashDumps 2014-12-05 23:54 - 2013-10-20 12:28 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{065A3092-8369-4E55-AB88-927EA340CC6B} 2014-12-05 16:20 - 2013-10-19 09:10 - 00000000 ____D () C:\Users\TheMo_000 2014-12-05 15:48 - 2013-08-19 14:14 - 00000000 ____D () C:\ProgramData\Skype 2014-12-05 15:47 - 2013-10-19 10:08 - 00000000 ___DC () C:\WINDOWS\Panther 2014-12-03 22:58 - 2013-01-12 00:25 - 00000000 ____D () C:\Users\TheMo_000\AppData\Roaming\TS3Client 2014-11-29 19:51 - 2013-01-11 20:57 - 00000000 ____D () C:\ProgramData\Origin 2014-11-29 12:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-11-29 12:37 - 2013-11-06 19:26 - 00000000 ____D () C:\WINDOWS\Minidump 2014-11-26 16:27 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-11-25 20:03 - 2013-11-16 21:48 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-11-22 16:33 - 2014-06-20 18:51 - 00001250 _____ () C:\Users\TheMo_000\Desktop\Amazon Music.lnk 2014-11-22 00:13 - 2014-09-14 20:09 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2014-11-20 21:51 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-11-20 21:51 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-18 21:22 - 2013-11-16 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2014-11-18 21:22 - 2013-11-16 16:01 - 00000000 ____D () C:\Program Files\Logitech Gaming Software 2014-11-18 21:21 - 2013-09-30 17:38 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-18 15:08 - 2014-02-20 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-11-18 15:07 - 2014-02-20 18:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-11-15 12:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-13 18:14 - 2013-07-12 16:00 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-11-13 18:12 - 2013-01-13 02:02 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-11-13 01:20 - 2014-07-02 19:13 - 02874456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2014-11-13 01:20 - 2014-07-02 18:54 - 20986592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2014-11-13 01:20 - 2014-07-02 18:54 - 03262784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2014-11-13 01:20 - 2014-07-02 18:54 - 00989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2014-11-13 01:20 - 2013-08-26 23:03 - 00027094 _____ () C:\WINDOWS\system32\nvinfo.pb 2014-11-12 22:56 - 2014-02-20 18:27 - 06897352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 03534152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 00934032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2014-11-12 22:56 - 2014-02-20 18:27 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2014-11-12 17:12 - 2013-01-11 21:45 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2014-11-12 17:11 - 2013-01-11 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-11-11 13:57 - 2014-08-02 13:24 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-11 11:29 - 2014-02-20 18:27 - 04100776 _____ () C:\WINDOWS\system32\nvcoproc.bin 2014-11-08 16:10 - 2014-03-31 17:06 - 00000000 ___DC () C:\Users\TheMo_000\AppData\Local\Battle.net 2014-11-08 16:10 - 2014-03-31 17:06 - 00000000 ____D () C:\Program Files (x86)\Battle.net ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-27 17:46 ==================== End Of Log ============================ --- --- --- Und die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by TheMo_000 at 2014-12-06 12:15:29
Running from C:\Users\TheMo_000\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM-x32\...\{e1e3b41b-1078-4885-a74f-393ca384b1aa}) (Version: 1.2.250.0 - Futuremark)
3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark)
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte / related Design)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23028 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cities XL 2012 (HKLM-x32\...\Steam App 201760) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Debugging Tools for Windows (x86) (HKLM-x32\...\{48F95CE7-69D9-4967-81F7-D763CABFBD53}) (Version: 6.10.3.233 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
EA SPORTS FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.1.0.50515 - Electronic Arts, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Firefox Developer Edition 35.0a2 (x86 de) (HKLM-x32\...\Firefox Developer Edition 35.0a2 (x86 de)) (Version: 35.0a2 - Mozilla)
Firefox Developer Edition 36.0a2 (x86 de) (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Firefox Developer Edition 36.0a2 (x86 de)) (Version: 36.0a2 - Mozilla)
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{4050C71E-EB43-4A8C-B6A6-778DD6F8252C}) (Version: 4.24.338 - Futuremark)
FXAA Post Process Injector (HKLM-x32\...\FXAA Post Process Injector) (Version: - )
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.3 - G DATA Software AG)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hama Wireless LAN Adapter (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM-x32\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mouse Editor (HKLM-x32\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Ihr Firmenname)
Mouse Editor (HKLM-x32\...\InstallShield_{8973F26D-3E74-481C-AF11-FDC7D0089E96}) (Version: 10.07.0002 - Ihr Firmenname)
MOUSE Editor (x32 Version: 12.08.0006 - Ihr Firmenname) Hidden
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0a2 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1398 - Electronic Arts)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
Next Car Game (HKLM-x32\...\Steam App 228380) (Version: - Bugbear)
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version: - Bugbear)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.21.909.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - Square Enix)
Sound Blaster Omni Surround 5.1 (HKLM-x32\...\{951C371C-53D5-46B0-841F-A8726C30CE53}) (Version: 1.01.01 - Creative Technology Limited)
Sound Blaster Omni Surround 5.1 Extras (HKLM-x32\...\{C9120656-8F23-409A-8B4D-278FEAA33856}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.4.15 - Electronic Arts)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
Train Fever (HKLM-x32\...\Steam App 304730) (Version: - Urban Games)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games)
War Thunder Launcher 1.0.1.195 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1854020161-2806125204-302643416-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
06-12-2014 10:52:36 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2D70BCCE-828B-4B39-8DA9-DDF2365D0DB8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {7E4401F0-6006-47C1-87E8-E4AEC2F94D39} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
Task: {8023B16C-D0B3-42A7-BE59-3BE8082DD6B0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-13] (Microsoft Corporation)
Task: {802DFAC5-54B5-4D77-9807-FF66A1745082} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe
Task: {8D25651A-86C6-4B78-AE18-EEF51AF4AF61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {91E22D4C-3027-4819-8FD2-CB364360AD7F} - System32\Tasks\{A468F68F-0CCD-49B6-9040-DACA74373433} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?page=tsPlugin
Task: {953BFA7C-421F-4A69-B85B-1AEEEBF6C9C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B412BF2A-3F76-4C4C-A0C4-7EBFCA3F90F9} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe
Task: {C2BC313E-09FB-4353-BF59-22F0E47AE454} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe
Task: {CE4EE3C3-789F-4CCE-AD74-A11441EBBA0C} - System32\Tasks\Driver Booster SkipUAC (TheMo_000) => G:\Driver Booster\DriverBooster.exe
Task: {F1FACBD0-854D-441B-B7F8-657765C40BFF} - System32\Tasks\CCleanerSkipUAC => G:\ccleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-07 21:38 - 2013-10-17 16:32 - 00020472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-11-28 19:11 - 2014-09-14 20:15 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-02-20 18:27 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-04-13 13:59 - 2013-09-09 11:37 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2014-04-13 13:59 - 2013-09-09 11:35 - 00352768 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2014-02-20 18:35 - 2014-08-09 01:30 - 00700872 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-02-20 18:35 - 2014-08-09 01:30 - 00856520 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-12-05 16:20 - 2014-12-05 16:20 - 00818176 _____ () C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\extensions\adbhelper@mozilla.org\win32\adb.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\TheMo_000\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Hama Wireless LAN Utility.lnk"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ApnUpdater"
HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\StartupFolder: => "Logitech blank Produktregistrierung.lnk"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Amazon Music"
========================= Accounts: ==========================
Administrator (S-1-5-21-1854020161-2806125204-302643416-500 - Administrator - Disabled)
Gast (S-1-5-21-1854020161-2806125204-302643416-501 - Limited - Disabled)
TheMo_000 (S-1-5-21-1854020161-2806125204-302643416-1001 - Administrator - Enabled) => C:\Users\TheMo_000
==================== Faulty Device Manager Devices =============
Name: Serieller PCI-Anschluss
Description: Serieller PCI-Anschluss
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: HID-konformer Gamecontroller
Description: HID-konformer Gamecontroller
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardsystemgeräte)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) HD Graphics 4600
Description: Intel(R) HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2014 11:52:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/06/2014 11:39:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/06/2014 00:59:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 36.0.0.5452, Zeitstempel: 0x5481ec8f
Name des fehlerhaften Moduls: xul.dll, Version: 36.0.0.5452, Zeitstempel: 0x5481faa4
Ausnahmecode: 0x80000003
Fehleroffset: 0x00619c7e
ID des fehlerhaften Prozesses: 0x1604
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5
Error: (12/06/2014 00:59:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "XAudio2_7.X,processorArchitecture="X86",type="Win32",version="9.29.1962.0"1".
Die abhängige Assemblierung "XAudio2_7.X,processorArchitecture="X86",type="Win32",version="9.29.1962.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/06/2014 00:49:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ec68
ID des fehlerhaften Prozesses: 0x4dc
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (12/05/2014 11:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x53948b55
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x53bf14c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015acaa
ID des fehlerhaften Prozesses: 0x1708
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5
Error: (12/05/2014 08:04:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DayZ.exe, Version: 0.51.125.720, Zeitstempel: 0x547603d9
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002357
ID des fehlerhaften Prozesses: 0x1720
Startzeit der fehlerhaften Anwendung: 0xDayZ.exe0
Pfad der fehlerhaften Anwendung: DayZ.exe1
Pfad des fehlerhaften Moduls: DayZ.exe2
Berichtskennung: DayZ.exe3
Vollständiger Name des fehlerhaften Pakets: DayZ.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DayZ.exe5
Error: (12/02/2014 05:56:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/29/2014 05:34:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/26/2014 04:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe, Version: 15.0.0.239, Zeitstempel: 0x546d18b1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x008711e8
ID des fehlerhaften Prozesses: 0x14ec
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_15_0_0_239.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_15_0_0_239.exe2
Berichtskennung: FlashPlayerPlugin_15_0_0_239.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_15_0_0_239.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_15_0_0_239.exe5
System errors:
=============
Error: (12/06/2014 00:49:44 AM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "STEFAN" auf Transport "NetBT_Tcpip_{A346E8C0-53B9-4CA7-B958-4C4266FD815C}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (12/06/2014 00:49:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (12/06/2014 00:49:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LiveUpdate" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/06/2014 00:49:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (12/06/2014 00:00:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Clean Master Core Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/05/2014 04:15:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/05/2014 03:45:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Clean Master Core Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/03/2014 10:12:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/03/2014 10:12:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/29/2014 02:39:08 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Microsoft Office Sessions:
=========================
Error: (12/06/2014 11:52:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (12/06/2014 11:39:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/06/2014 00:59:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe36.0.0.54525481ec8fxul.dll36.0.0.54525481faa48000000300619c7e160401d010e62b26b16eG:\firefox developer\firefox.exeG:\firefox developer\xul.dllcab3008a-7cda-11e4-bf13-94de80b85ce7
Error: (12/06/2014 00:59:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: XAudio2_7.X,processorArchitecture="X86",type="Win32",version="9.29.1962.0"C:\Users\TheMo_000\Desktop\Uplay.exe
Error: (12/06/2014 00:49:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.36215376e21aigfxCUIService.exe6.15.10.36215376e21ac0000005000000000000ec684dc01d010e622b9213fC:\WINDOWS\system32\igfxCUIService.exeC:\WINDOWS\system32\igfxCUIService.exe61e7c2db-7cd9-11e4-bf13-94de80b85ce7
Error: (12/05/2014 11:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.053948b55client.dll1.0.0.153bf14c7c00000050015acaa170801d010c176bbcddaG:\steam\steamapps\common\GarrysMod\hl2.exeg:\steam\steamapps\common\garrysmod\garrysmod\bin\client.dllbbb228ab-7cd1-11e4-bf12-94de80b85ce7
Error: (12/05/2014 08:04:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DayZ.exe0.51.125.720547603d9MSVCR100.dll10.0.40219.3254df2be1ec000000500002357172001d010aa29755a93G:\steam\steamapps\common\DayZ\DayZ.exeC:\WINDOWS\SYSTEM32\MSVCR100.dll8964e1b4-7cb1-11e4-bf12-94de80b85ce7
Error: (12/02/2014 05:56:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (11/29/2014 05:34:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (11/26/2014 04:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_15_0_0_239.exe15.0.0.239546d18b1unknown0.0.0.000000000c0000005008711e814ec01d00980afd03825C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exeunknown897df278-7582-11e4-bf12-94de80b85ce7
CodeIntegrity Errors:
===================================
Date: 2014-02-16 21:42:19.956
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\THEMO_~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:42:19.877
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-15 23:16:57.595
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\THEMO_~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-15 23:16:57.524
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-30 22:34:13.044
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-30 22:33:25.064
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-19 10:13:00.956
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-19 10:13:00.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-03 20:19:46.710
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-03 20:19:46.242
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 24%
Total physical RAM: 8070.98 MB
Available physical RAM: 6122.98 MB
Total Pagefile: 9350.98 MB
Available Pagefile: 6923.2 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:16.26 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (Volume) (Fixed) (Total:931.51 GB) (Free:248.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: DA738F4D)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 35F2C8FE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
06.12.2014, 21:37
| #4 |
| | Win 8.1: Virusfund Trojan.GenericKD.2011851 (Engine A) Sry für Doppelpost, doch das Passte nicht mehr oben rein. Das Scan Tool hat mir jede .txt Doppelt gegeben, nur weiß ich nicht ob da noch was anderes drinne steht. Daher nochmal hier die anderen beiden. FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014 Ran by TheMo_000 (administrator) on STEFAN on 06-12-2014 12:15:04 Running from C:\Users\TheMo_000\Downloads Loaded Profile: TheMo_000 (Available profiles: TheMo_000) Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\System32\PnkBstrA.exe (TeamViewer GmbH) C:\Users\Public\temp\TeamViewer\Version9\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Malwarebytes Corporation) G:\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) G:\ Malwarebytes Anti-Malware \mbamscheduler.exe (AMD) C:\Windows\System32\atieclxx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (Malwarebytes Corporation) G:\ Malwarebytes Anti-Malware \mbam.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Mozilla Corporation) G:\firefox developer\firefox.exe (Creative Technology Ltd) G:\soundblaster\Sound Blaster Omni Control Panel\SBOmni.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe () C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\extensions\adbhelper@mozilla.org\win32\adb.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-15] (Realtek Semiconductor) HKLM\...\Run: [Creative SB Monitoring Utility Launcher] => RunDll32 SBAVMonL.dll,SBAVMonitorLauncher HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Sound Blaster Omni Control Panel] => G:\soundblaster\Sound Blaster Omni Control Panel\SBOmni.exe [930304 2013-10-28] (Creative Technology Ltd) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-11-12] (Raptr, Inc) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [Amazon Music] => C:\Users\TheMo_000\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-19] () HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\TheMo_000\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [Steam] => G:\steam\steam.exe [1940160 2014-11-18] (Valve Corporation) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [EADM] => G:\origin\Origin.exe [3618648 2014-11-29] (Electronic Arts) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] () HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xFF000000 HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {5b8ab7ef-9a56-11e3-beba-94de80b85ce7} - "E:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {5b8ab840-9a56-11e3-beba-94de80b85ce7} - "F:\LG_PC_Programs.exe" HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {dd7b4052-67cf-11e2-be7b-002522790915} - "D:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\MountPoints2: {dfebce8c-d75d-11e2-be85-002522790915} - "E:\pushinst.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x25EB8E6CB1E3CE01 HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKU\S-1-5-21-1854020161-2806125204-302643416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-21-1854020161-2806125204-302643416-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=DE&ver=21&locale=de_DE&gct=kwd&qsrc=2869 BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> G:\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> G:\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\S-1-5-21-1854020161-2806125204-302643416-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> G:\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-1854020161-2806125204-302643416-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\TheMo_000\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin HKU\S-1-5-21-1854020161-2806125204-302643416-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Extension: Better Battlelog (BBLog) - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack [2014-10-30] FF Extension: Classic Theme Restorer - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-10-06] FF Extension: Adblock Plus - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\w70f1tp7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-11] FF Extension: ADB Helper - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\adbhelper@mozilla.org [2014-12-05] FF Extension: Firefox Developer Tools Adapters - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\fxdevtools-adapters@mozilla.org [2014-12-05] FF Extension: Classic Theme Restorer - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-12-05] FF Extension: Adblock Plus - C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-05] FF StartMenuInternet: FIREFOX.EXE - G:\firefox developer\firefox.exe Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-05] () S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-13] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-13] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed] S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-09] (Futuremark) R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG) S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) R2 MBAMScheduler; G:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; G:\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18974152 2014-08-09] (NVIDIA Corporation) S3 Origin Client Service; G:\origin\OriginClientService.exe [1900400 2014-11-29] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-09-14] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-09-14] () R2 TeamViewer9; C:\Users\Public\temp\TeamViewer\Version9\TeamViewer_Service.exe [4915040 2014-02-17] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices) S3 fwlanusb5; C:\Windows\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-08-31] (G Data Software AG) R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-10-26] (G Data Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [142336 2014-09-26] (G Data Software AG) R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [64000 2014-08-31] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2014-10-26] (G Data Software AG) R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-08-31] (G Data Software) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [61440 2014-08-31] (G Data Software AG) S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [56680 2014-12-05] (Kingsoft Corporation) R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [2056192 2013-10-16] (Creative Technology Ltd.) S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [44544 2013-01-15] (ManyCam LLC) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [29696 2012-10-11] (ManyCam LLC) S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [21448 2014-08-09] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R2 RtNdPt630; C:\Windows\system32\DRIVERS\RtNdPt630.sys [28888 2013-09-26] (Realtek Semiconductor Corp.) S3 RTTEAMPT; C:\Windows\system32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation) S3 ALSysIO; \??\C:\Users\THEMO_~1\AppData\Local\Temp\ALSysIO64.sys [X] S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 cpuz136; \??\C:\Users\THEMO_~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] S3 cpuz137; \??\C:\Users\THEMO_~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X] S3 X6va017; \??\C:\WINDOWS\SysWOW64\Drivers\X6va017 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-06 12:15 - 2014-12-06 12:15 - 00019494 _____ () C:\Users\TheMo_000\Downloads\FRST.txt 2014-12-06 12:14 - 2014-12-06 12:15 - 00000000 ____D () C:\FRST 2014-12-06 12:14 - 2014-12-06 12:14 - 02117632 ____C (Farbar) C:\Users\TheMo_000\Downloads\FRST64.exe 2014-12-06 00:59 - 2014-11-19 15:22 - 24172344 _____ (Ubisoft) C:\Users\TheMo_000\Desktop\Uplay.exe 2014-12-06 00:49 - 2014-12-06 00:50 - 00002823 _____ () C:\WINDOWS\avmfwlanci.log 2014-12-06 00:49 - 2014-12-06 00:49 - 00362856 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-12-06 00:49 - 2014-12-06 00:49 - 00001074 _____ () C:\WINDOWS\PFRO.log 2014-12-06 00:49 - 2014-12-06 00:49 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-12-06 00:49 - 2014-12-06 00:49 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-12-06 00:33 - 2014-12-06 00:33 - 00001490 _____ () C:\Users\TheMo_000\Desktop\G DATA Protokoll ID 773.html 2014-12-06 00:14 - 2014-12-06 00:14 - 02623656 ____C (VS Revo Group Ltd.) C:\Users\TheMo_000\Downloads\revosetup95.exe 2014-12-06 00:14 - 2014-12-06 00:14 - 00000665 _____ () C:\Users\TheMo_000\Desktop\Revo Uninstaller.lnk 2014-12-06 00:09 - 2014-12-06 12:13 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-06 00:09 - 2014-12-06 00:09 - 00000675 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-06 00:09 - 2014-12-06 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-06 00:09 - 2014-12-06 00:09 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-06 00:09 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-06 00:09 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-12-06 00:09 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-06 00:08 - 2014-12-06 00:08 - 20447072 ____C (Malwarebytes Corporation ) C:\Users\TheMo_000\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-05 17:53 - 2014-12-06 11:38 - 00063451 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-05 17:37 - 2014-12-05 20:04 - 00000000 ___DC () C:\Users\TheMo_000\AppData\Local\DayZ 2014-12-05 16:20 - 2014-12-05 16:21 - 00000000 ____D () C:\Users\TheMo_000\.android 2014-12-05 16:00 - 2014-12-05 16:00 - 00355388 _____ () C:\Users\TheMo_000\Desktop\bookmarks-2014-12-05.json 2014-12-05 15:50 - 2014-12-05 15:50 - 00000708 _____ () C:\Users\Public\Desktop\Firefox Developer Edition.lnk 2014-12-05 15:45 - 2014-12-05 15:45 - 00081768 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi.sys 2014-12-05 15:45 - 2014-12-05 15:45 - 00056680 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi64.sys 2014-12-05 15:45 - 2014-12-05 15:45 - 00000000 ____D () C:\ProgramData\Kingsoft 2014-12-05 15:45 - 2014-12-05 15:45 - 00000000 ____D () C:\ProgramData\cmcm 2014-12-01 18:55 - 2014-12-01 18:55 - 00000202 _____ () C:\Users\TheMo_000\Desktop\Saints Row IV.url 2014-12-01 17:21 - 2014-12-01 17:21 - 00000233 _____ () C:\Users\TheMo_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Crew (Worldwide).url 2014-11-29 20:58 - 2014-11-29 20:58 - 00000000 _SHDC () C:\Users\TheMo_000\AppData\Local\EmieBrowserModeList 2014-11-22 13:18 - 2014-11-22 13:18 - 04331309 ____C () C:\Users\TheMo_000\Desktop\10812590_563722503758294_1288012363_n.mp4 2014-11-19 15:22 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-11-19 15:22 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-11-19 15:22 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-11-19 15:22 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2014-11-18 21:22 - 2014-11-18 21:22 - 00000000 ____D () C:\Program Files\Java 2014-11-18 21:22 - 2014-11-18 21:22 - 00000000 ____D () C:\Program Files\Bonjour 2014-11-18 21:22 - 2014-11-18 21:22 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-11-18 15:07 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2014-11-18 15:06 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2014-11-18 15:06 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434475.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434475.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00500880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00418112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00393024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00348304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2014-11-18 15:06 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2014-11-13 18:01 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-11-13 18:01 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-11-13 18:01 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-11-13 18:01 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-11-13 18:01 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-11-13 18:00 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-11-13 18:00 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2014-11-13 18:00 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-11-13 18:00 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-11-13 18:00 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2014-11-13 18:00 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-11-13 18:00 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2014-11-13 18:00 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-11-13 18:00 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-11-13 18:00 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2014-11-13 18:00 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-11-13 18:00 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-11-13 18:00 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-11-13 17:59 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-11-13 17:59 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-11-13 17:59 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-11-13 17:59 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-11-13 17:59 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-11-13 17:59 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-11-13 17:59 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-11-13 17:59 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-11-13 17:59 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-13 17:59 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-11-13 17:59 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-11-13 17:59 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-11-13 17:59 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-11-13 17:59 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-11-13 17:59 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-11-13 17:59 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-11-13 17:59 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-11-13 17:59 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-11-13 17:59 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-11-13 17:59 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-11-13 17:59 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-11-13 17:59 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-11-13 17:59 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-11-13 17:59 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-11-13 17:59 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-11-13 17:59 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-11-13 17:59 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-11-13 17:59 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-11-13 17:59 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-11-13 17:59 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-11-13 17:59 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-11-13 17:59 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2014-11-13 17:59 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2014-11-13 17:58 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-11-13 17:58 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2014-11-13 17:58 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2014-11-13 17:58 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2014-11-13 17:58 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2014-11-13 17:58 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2014-11-13 17:58 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-11-13 17:58 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-11-13 17:58 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-11-13 17:58 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-13 17:58 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-11-13 17:58 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-11-13 17:58 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-11-13 17:58 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-11-13 17:58 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-11-13 17:58 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2014-11-13 17:58 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2014-11-13 17:58 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2014-11-13 17:58 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-11-13 17:58 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-11-13 17:58 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-11-13 17:58 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-11-13 17:58 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-11-13 17:58 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-11-13 17:58 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-11-13 17:58 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-13 17:58 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-11-13 17:58 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2014-11-13 17:58 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2014-11-13 17:58 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-11-13 17:58 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-11-13 17:58 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-11-13 17:58 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-11-13 17:58 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-11-13 17:58 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-11-13 17:58 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-11-13 17:58 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-11-13 17:58 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-11-13 17:58 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-11-13 17:58 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-11-13 17:58 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-11-13 17:58 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-11-13 17:58 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-11-13 17:58 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-11-13 17:58 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-11-13 17:58 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2014-11-13 17:58 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-11-13 17:58 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2014-11-13 17:58 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2014-11-13 17:58 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2014-11-13 17:58 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2014-11-13 17:58 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2014-11-13 17:58 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-11-13 17:58 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2014-11-13 17:58 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-11-13 17:58 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-11-13 17:58 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-11-13 17:58 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-11-13 17:58 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-11-13 17:58 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-11-13 17:58 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-11-13 17:58 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-11-13 17:58 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2014-11-13 17:58 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2014-11-13 17:58 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2014-11-13 17:58 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-11-13 17:58 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-11-13 17:58 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-11-13 17:58 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2014-11-13 17:58 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-11-13 17:58 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-13 17:58 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2014-11-13 17:58 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-11-13 17:58 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2014-11-13 17:58 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-11-13 17:58 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2014-11-13 17:58 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-11-13 17:58 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-11-13 17:58 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-11-13 17:58 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2014-11-13 17:58 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-11-13 17:58 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-11-13 17:58 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-11-13 17:58 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-11-13 17:58 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-11-13 17:58 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-11-13 17:58 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-11-13 17:58 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-11-13 17:58 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2014-11-13 17:58 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-11-13 17:58 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-11-13 17:58 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-11-13 17:58 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-11-13 17:58 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-11-13 17:58 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-11-13 17:58 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-11-13 17:58 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-13 17:58 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-11-13 17:58 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2014-11-13 17:58 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-11-13 17:58 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-11-13 17:58 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-11-13 17:58 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-11-13 17:58 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-13 17:58 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-11-13 17:58 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-11-13 17:58 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-11-13 17:57 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-11-13 17:57 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-11-13 17:57 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-11-13 17:57 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-11-13 17:57 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-11-13 17:57 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-11-13 17:57 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-13 17:57 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-11-13 17:57 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-11-13 17:57 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-11-13 17:57 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-11-13 17:57 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-11-13 17:57 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-11-13 17:57 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-13 17:57 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll 2014-11-13 17:57 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-13 17:57 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll 2014-11-13 17:57 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-11-13 17:57 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-11-13 17:57 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-11-13 17:57 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-11-13 17:57 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-11-13 17:57 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-11-13 17:57 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-13 17:57 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-11-13 17:57 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2014-11-10 19:41 - 2014-11-10 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-10 19:17 - 2014-11-13 01:20 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2014-11-10 19:17 - 2014-11-13 01:20 - 16884632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2014-11-10 19:17 - 2014-11-04 01:04 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434465.dll 2014-11-10 19:17 - 2014-11-04 01:04 - 01539272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434465.dll 2014-11-06 14:57 - 2014-11-06 14:57 - 12407910 ____C () C:\Users\TheMo_000\Desktop\If Sex Was Like Call of Duty.mp4 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-06 12:13 - 2013-10-19 09:27 - 00000000 __RDO () C:\Users\TheMo_000\SkyDrive 2014-12-06 12:13 - 2013-06-10 14:16 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-06 12:03 - 2013-11-16 21:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-06 12:01 - 2013-06-10 14:16 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-06 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-12-06 00:59 - 2013-01-11 20:42 - 00000000 ____D () C:\ProgramData\Norton 2014-12-06 00:54 - 2013-09-30 05:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-06 00:54 - 2013-09-30 04:56 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-06 00:54 - 2013-09-30 04:56 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-06 00:49 - 2014-05-02 20:24 - 00000374 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-12-06 00:49 - 2014-02-20 18:27 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-12-06 00:49 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-06 00:49 - 2013-01-13 22:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-06 00:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-12-06 00:25 - 2013-01-11 20:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1854020161-2806125204-302643416-1001 2014-12-05 23:57 - 2013-08-19 14:14 - 00000000 ____D () C:\Users\TheMo_000\AppData\Roaming\Skype 2014-12-05 23:56 - 2013-01-11 20:46 - 00000000 ___DC () C:\Users\TheMo_000\AppData\Local\CrashDumps 2014-12-05 23:54 - 2013-10-20 12:28 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{065A3092-8369-4E55-AB88-927EA340CC6B} 2014-12-05 16:20 - 2013-10-19 09:10 - 00000000 ____D () C:\Users\TheMo_000 2014-12-05 15:48 - 2013-08-19 14:14 - 00000000 ____D () C:\ProgramData\Skype 2014-12-05 15:47 - 2013-10-19 10:08 - 00000000 ___DC () C:\WINDOWS\Panther 2014-12-03 22:58 - 2013-01-12 00:25 - 00000000 ____D () C:\Users\TheMo_000\AppData\Roaming\TS3Client 2014-11-29 19:51 - 2013-01-11 20:57 - 00000000 ____D () C:\ProgramData\Origin 2014-11-29 12:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-11-29 12:37 - 2013-11-06 19:26 - 00000000 ____D () C:\WINDOWS\Minidump 2014-11-26 16:27 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-11-25 20:03 - 2013-11-16 21:48 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-11-22 16:33 - 2014-06-20 18:51 - 00001250 _____ () C:\Users\TheMo_000\Desktop\Amazon Music.lnk 2014-11-22 00:13 - 2014-09-14 20:09 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2014-11-20 21:51 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-11-20 21:51 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-18 21:22 - 2013-11-16 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2014-11-18 21:22 - 2013-11-16 16:01 - 00000000 ____D () C:\Program Files\Logitech Gaming Software 2014-11-18 21:21 - 2013-09-30 17:38 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-18 15:08 - 2014-02-20 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-11-18 15:07 - 2014-02-20 18:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-11-15 12:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-13 18:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-13 18:14 - 2013-07-12 16:00 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-11-13 18:12 - 2013-01-13 02:02 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-11-13 01:20 - 2014-07-02 19:13 - 02874456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2014-11-13 01:20 - 2014-07-02 18:54 - 20986592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2014-11-13 01:20 - 2014-07-02 18:54 - 03262784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2014-11-13 01:20 - 2014-07-02 18:54 - 00989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2014-11-13 01:20 - 2013-08-26 23:03 - 00027094 _____ () C:\WINDOWS\system32\nvinfo.pb 2014-11-12 22:56 - 2014-02-20 18:27 - 06897352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 03534152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 00934032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2014-11-12 22:56 - 2014-02-20 18:27 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2014-11-12 22:56 - 2014-02-20 18:27 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2014-11-12 17:12 - 2013-01-11 21:45 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2014-11-12 17:11 - 2013-01-11 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-11-11 13:57 - 2014-08-02 13:24 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-11 11:29 - 2014-02-20 18:27 - 04100776 _____ () C:\WINDOWS\system32\nvcoproc.bin 2014-11-08 16:10 - 2014-03-31 17:06 - 00000000 ___DC () C:\Users\TheMo_000\AppData\Local\Battle.net 2014-11-08 16:10 - 2014-03-31 17:06 - 00000000 ____D () C:\Program Files (x86)\Battle.net ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-27 17:46 ==================== End Of Log ============================ --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by TheMo_000 at 2014-12-06 12:15:29
Running from C:\Users\TheMo_000\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM-x32\...\{e1e3b41b-1078-4885-a74f-393ca384b1aa}) (Version: 1.2.250.0 - Futuremark)
3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark)
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte / related Design)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23028 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cities XL 2012 (HKLM-x32\...\Steam App 201760) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Debugging Tools for Windows (x86) (HKLM-x32\...\{48F95CE7-69D9-4967-81F7-D763CABFBD53}) (Version: 6.10.3.233 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
EA SPORTS FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.1.0.50515 - Electronic Arts, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Firefox Developer Edition 35.0a2 (x86 de) (HKLM-x32\...\Firefox Developer Edition 35.0a2 (x86 de)) (Version: 35.0a2 - Mozilla)
Firefox Developer Edition 36.0a2 (x86 de) (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\Firefox Developer Edition 36.0a2 (x86 de)) (Version: 36.0a2 - Mozilla)
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{4050C71E-EB43-4A8C-B6A6-778DD6F8252C}) (Version: 4.24.338 - Futuremark)
FXAA Post Process Injector (HKLM-x32\...\FXAA Post Process Injector) (Version: - )
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.3 - G DATA Software AG)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hama Wireless LAN Adapter (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM-x32\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mouse Editor (HKLM-x32\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Ihr Firmenname)
Mouse Editor (HKLM-x32\...\InstallShield_{8973F26D-3E74-481C-AF11-FDC7D0089E96}) (Version: 10.07.0002 - Ihr Firmenname)
MOUSE Editor (x32 Version: 12.08.0006 - Ihr Firmenname) Hidden
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0a2 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1398 - Electronic Arts)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
Next Car Game (HKLM-x32\...\Steam App 228380) (Version: - Bugbear)
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version: - Bugbear)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.21.909.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - Square Enix)
Sound Blaster Omni Surround 5.1 (HKLM-x32\...\{951C371C-53D5-46B0-841F-A8726C30CE53}) (Version: 1.01.01 - Creative Technology Limited)
Sound Blaster Omni Surround 5.1 Extras (HKLM-x32\...\{C9120656-8F23-409A-8B4D-278FEAA33856}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.4.15 - Electronic Arts)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
Train Fever (HKLM-x32\...\Steam App 304730) (Version: - Urban Games)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games)
War Thunder Launcher 1.0.1.195 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1854020161-2806125204-302643416-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
06-12-2014 10:52:36 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2D70BCCE-828B-4B39-8DA9-DDF2365D0DB8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {7E4401F0-6006-47C1-87E8-E4AEC2F94D39} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
Task: {8023B16C-D0B3-42A7-BE59-3BE8082DD6B0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-13] (Microsoft Corporation)
Task: {802DFAC5-54B5-4D77-9807-FF66A1745082} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe
Task: {8D25651A-86C6-4B78-AE18-EEF51AF4AF61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {91E22D4C-3027-4819-8FD2-CB364360AD7F} - System32\Tasks\{A468F68F-0CCD-49B6-9040-DACA74373433} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?page=tsPlugin
Task: {953BFA7C-421F-4A69-B85B-1AEEEBF6C9C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B412BF2A-3F76-4C4C-A0C4-7EBFCA3F90F9} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe
Task: {C2BC313E-09FB-4353-BF59-22F0E47AE454} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe
Task: {CE4EE3C3-789F-4CCE-AD74-A11441EBBA0C} - System32\Tasks\Driver Booster SkipUAC (TheMo_000) => G:\Driver Booster\DriverBooster.exe
Task: {F1FACBD0-854D-441B-B7F8-657765C40BFF} - System32\Tasks\CCleanerSkipUAC => G:\ccleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-07 21:38 - 2013-10-17 16:32 - 00020472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-11-28 19:11 - 2014-09-14 20:15 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-02-20 18:27 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-04-13 13:59 - 2013-09-09 11:37 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2014-04-13 13:59 - 2013-09-09 11:35 - 00352768 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2014-02-20 18:35 - 2014-08-09 01:30 - 00700872 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-02-20 18:35 - 2014-08-09 01:30 - 00856520 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-12-05 16:20 - 2014-12-05 16:20 - 00818176 _____ () C:\Users\TheMo_000\AppData\Roaming\Mozilla\Firefox\Profiles\s61pxrea.dev-edition-default\extensions\adbhelper@mozilla.org\win32\adb.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\TheMo_000\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Hama Wireless LAN Utility.lnk"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ApnUpdater"
HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\StartupFolder: => "Logitech blank Produktregistrierung.lnk"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-1854020161-2806125204-302643416-1001\...\StartupApproved\Run: => "Amazon Music"
========================= Accounts: ==========================
Administrator (S-1-5-21-1854020161-2806125204-302643416-500 - Administrator - Disabled)
Gast (S-1-5-21-1854020161-2806125204-302643416-501 - Limited - Disabled)
TheMo_000 (S-1-5-21-1854020161-2806125204-302643416-1001 - Administrator - Enabled) => C:\Users\TheMo_000
==================== Faulty Device Manager Devices =============
Name: Serieller PCI-Anschluss
Description: Serieller PCI-Anschluss
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: HID-konformer Gamecontroller
Description: HID-konformer Gamecontroller
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardsystemgeräte)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) HD Graphics 4600
Description: Intel(R) HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2014 11:52:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/06/2014 11:39:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/06/2014 00:59:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 36.0.0.5452, Zeitstempel: 0x5481ec8f
Name des fehlerhaften Moduls: xul.dll, Version: 36.0.0.5452, Zeitstempel: 0x5481faa4
Ausnahmecode: 0x80000003
Fehleroffset: 0x00619c7e
ID des fehlerhaften Prozesses: 0x1604
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5
Error: (12/06/2014 00:59:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "XAudio2_7.X,processorArchitecture="X86",type="Win32",version="9.29.1962.0"1".
Die abhängige Assemblierung "XAudio2_7.X,processorArchitecture="X86",type="Win32",version="9.29.1962.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/06/2014 00:49:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ec68
ID des fehlerhaften Prozesses: 0x4dc
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (12/05/2014 11:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x53948b55
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x53bf14c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015acaa
ID des fehlerhaften Prozesses: 0x1708
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5
Error: (12/05/2014 08:04:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DayZ.exe, Version: 0.51.125.720, Zeitstempel: 0x547603d9
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002357
ID des fehlerhaften Prozesses: 0x1720
Startzeit der fehlerhaften Anwendung: 0xDayZ.exe0
Pfad der fehlerhaften Anwendung: DayZ.exe1
Pfad des fehlerhaften Moduls: DayZ.exe2
Berichtskennung: DayZ.exe3
Vollständiger Name des fehlerhaften Pakets: DayZ.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DayZ.exe5
Error: (12/02/2014 05:56:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/29/2014 05:34:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/26/2014 04:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe, Version: 15.0.0.239, Zeitstempel: 0x546d18b1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x008711e8
ID des fehlerhaften Prozesses: 0x14ec
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_15_0_0_239.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_15_0_0_239.exe2
Berichtskennung: FlashPlayerPlugin_15_0_0_239.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_15_0_0_239.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_15_0_0_239.exe5
System errors:
=============
Error: (12/06/2014 00:49:44 AM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "STEFAN" auf Transport "NetBT_Tcpip_{A346E8C0-53B9-4CA7-B958-4C4266FD815C}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (12/06/2014 00:49:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (12/06/2014 00:49:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LiveUpdate" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/06/2014 00:49:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (12/06/2014 00:00:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Clean Master Core Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/05/2014 04:15:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/05/2014 03:45:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Clean Master Core Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/03/2014 10:12:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/03/2014 10:12:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/29/2014 02:39:08 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Microsoft Office Sessions:
=========================
Error: (12/06/2014 11:52:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (12/06/2014 11:39:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/06/2014 00:59:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe36.0.0.54525481ec8fxul.dll36.0.0.54525481faa48000000300619c7e160401d010e62b26b16eG:\firefox developer\firefox.exeG:\firefox developer\xul.dllcab3008a-7cda-11e4-bf13-94de80b85ce7
Error: (12/06/2014 00:59:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: XAudio2_7.X,processorArchitecture="X86",type="Win32",version="9.29.1962.0"C:\Users\TheMo_000\Desktop\Uplay.exe
Error: (12/06/2014 00:49:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.36215376e21aigfxCUIService.exe6.15.10.36215376e21ac0000005000000000000ec684dc01d010e622b9213fC:\WINDOWS\system32\igfxCUIService.exeC:\WINDOWS\system32\igfxCUIService.exe61e7c2db-7cd9-11e4-bf13-94de80b85ce7
Error: (12/05/2014 11:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.053948b55client.dll1.0.0.153bf14c7c00000050015acaa170801d010c176bbcddaG:\steam\steamapps\common\GarrysMod\hl2.exeg:\steam\steamapps\common\garrysmod\garrysmod\bin\client.dllbbb228ab-7cd1-11e4-bf12-94de80b85ce7
Error: (12/05/2014 08:04:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DayZ.exe0.51.125.720547603d9MSVCR100.dll10.0.40219.3254df2be1ec000000500002357172001d010aa29755a93G:\steam\steamapps\common\DayZ\DayZ.exeC:\WINDOWS\SYSTEM32\MSVCR100.dll8964e1b4-7cb1-11e4-bf12-94de80b85ce7
Error: (12/02/2014 05:56:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (11/29/2014 05:34:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (11/26/2014 04:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_15_0_0_239.exe15.0.0.239546d18b1unknown0.0.0.000000000c0000005008711e814ec01d00980afd03825C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exeunknown897df278-7582-11e4-bf12-94de80b85ce7
CodeIntegrity Errors:
===================================
Date: 2014-02-16 21:42:19.956
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\THEMO_~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:42:19.877
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-15 23:16:57.595
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\THEMO_~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-15 23:16:57.524
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-30 22:34:13.044
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-30 22:33:25.064
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-19 10:13:00.956
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-19 10:13:00.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-03 20:19:46.710
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-03 20:19:46.242
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 24%
Total physical RAM: 8070.98 MB
Available physical RAM: 6122.98 MB
Total Pagefile: 9350.98 MB
Available Pagefile: 6923.2 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:16.26 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (Volume) (Fixed) (Total:931.51 GB) (Free:248.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: DA738F4D)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 35F2C8FE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ist den soweit alles oke? |
|
07.12.2014, 20:55
| #5 |
| /// the machine /// TB-Ausbilder | Win 8.1: Virusfund Trojan.GenericKD.2011851 (Engine A) Sieht eigentlich gut aus. Gab es nochmal nen Fund?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 8.1: Virusfund Trojan.GenericKD.2011851 (Engine A) |
| clean, datei, engine, entdeck, folge, folgendes, frage, gdata, gefunde, komplette, konnte, mas, master, meldung, nichts, quarantäne, scan, schließe, schlimm, troja, trojaner, virenscan, virus, virusfund, win |
Linear-Darstellung
