|
Plagegeister aller Art und deren Bekämpfung: Internetverbindung wird kontrolliertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.04.2015, 19:11 | #1 |
| Internetverbindung wird kontrolliert Guten Abend, am besten einfach hier nachlesen, habe exakt das selbe Problem http://www.trojaner-board.de/159860-...trolliert.html habe win 7 und nutze zur zeit avast, jedoch konnte avast und auch antimalewarebytes keinen virus finden. der andere thread ist deckungsgleich mit meiner situation bis auf den adwcleaner den ich nicht nutze. die frage ist nun auch von mir ob dies ein virus ist oder nicht. ich danke im vorraus. mfg /edit habe leider keinen screenshot gemacht ... |
26.04.2015, 19:28 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | Internetverbindung wird kontrolliertMein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
26.04.2015, 20:21 | #3 |
| Internetverbindung wird kontrolliert FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015 Ran by Jonas (administrator) on JONAS-PC on 26-04-2015 21:18:21 Running from C:\Users\Jonas\Desktop Loaded Profiles: Jonas (Available profiles: Jonas) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe () D:\Programme\MSI Afterburner\MSIAfterburner.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2-ui.exe (Malwarebytes Corporation) D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamscheduler.exe (LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Malwarebytes Corporation) D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe (MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2.exe (LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe () C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Spotify Ltd) C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSS.exe () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\EncoderServer.exe () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooksLoader64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-03-17] (MSI) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programme\Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3631448 2015-02-27] (Electronic Arts) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [Spotify Web Helper] => C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [Spotify] => D:\Programme\Spotify\Spotify.exe [6611512 2015-03-17] (Spotify Ltd) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\MountPoints2: {0a2cacb2-3ca1-11e3-bfc7-806e6f6e6963} - E:\acer.exe HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\MountPoints2: {eb388d63-3ca1-11e3-9ee2-829eabdd274b} - G:\pushinst.exe HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-20] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-03-10] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-10] (Avast Software s.r.o.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg64.dll [2015-03-05] (Google Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-11] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-10] (Avast Software s.r.o.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-05] (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-11] (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.) Toolbar: HKU\S-1-5-21-3728843872-2363194956-1273056754-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB) FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @hogrefe.de/nphtspse,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspse.dll No File FF Plugin-x32: @hogrefe.de/nphtspst,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspst.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-11] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-07] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://facebook.com/" CHR Profile: C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-21] CHR Extension: (Google Docs) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15] CHR Extension: (Google Drive) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15] CHR Extension: (James White) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2015-02-01] CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15] CHR Extension: (Adblock Plus) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-16] CHR Extension: (Google Search) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15] CHR Extension: (Avast SafePrice) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-11-12] CHR Extension: (Hola Better Internet) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-04-14] CHR Extension: (Avast Online Security) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-07] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11] CHR Extension: (Google Wallet) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-15] CHR Extension: (Gmail) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-10] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-10] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-10] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-10] (Avast Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-03-20] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-03-05] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation) R2 Hamachi2Svc; D:\Programme\Hamachi\hamachi-2.exe [2490216 2015-03-30] (LogMeIn Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation) R2 MBAMScheduler; D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2014-01-20] (MSI) [File not signed] S4 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [310784 2014-02-17] () [File not signed] S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2113536 2014-02-19] () [File not signed] R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4113408 2014-02-18] () [File not signed] R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2014-01-16] () [File not signed] S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2225152 2014-02-18] () [File not signed] S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2014-01-20] () [File not signed] S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [179200 2014-02-17] () [File not signed] R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [531968 2014-02-17] () [File not signed] S4 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [183296 2014-01-20] () [File not signed] R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4513840 2013-10-22] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-10] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-10] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-10] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-10] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-10] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-10] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-10] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-10] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-10] () R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation) S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI) R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI) S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI) R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI) S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI) R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI) R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 RTCore64; D:\Programme\MSI Afterburner\RTCore64.sys [13368 2013-03-11] () R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-10] (Avast Software) S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X] S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-26 21:18 - 2015-04-26 21:18 - 00027559 _____ () C:\Users\Jonas\Desktop\FRST.txt 2015-04-26 21:17 - 2015-04-26 21:18 - 00000000 ____D () C:\FRST 2015-04-26 21:15 - 2015-04-26 21:15 - 02101248 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe 2015-04-26 21:14 - 2015-04-26 21:14 - 02224640 _____ () C:\Users\Jonas\Desktop\AdwCleaner_4.202.exe 2015-04-25 00:47 - 2015-04-26 18:12 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-04-25 00:47 - 2015-04-25 00:47 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-04-25 00:47 - 2015-04-25 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-04-25 00:47 - 2015-04-25 00:47 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-04-25 00:47 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-04-25 00:47 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-04-25 00:47 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-04-16 19:35 - 2015-04-16 19:37 - 00000216 _____ () C:\Users\Jonas\Desktop\uhr.txt 2015-04-13 15:43 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-04-13 15:43 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-04-13 15:43 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-04-13 15:43 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-04-10 13:16 - 2015-04-10 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-26 21:17 - 2013-10-24 16:50 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Skype 2015-04-26 21:10 - 2013-10-24 14:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-26 20:26 - 2013-12-09 01:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-26 20:10 - 2013-10-24 14:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-26 17:19 - 2015-02-01 20:36 - 00000000 ____D () C:\Users\Jonas\AppData\Local\Spotify 2015-04-26 16:52 - 2015-02-01 20:43 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Spotify 2015-04-26 16:48 - 2009-07-14 19:58 - 00710030 _____ () C:\Windows\system32\perfh007.dat 2015-04-26 16:48 - 2009-07-14 19:58 - 00154466 _____ () C:\Windows\system32\perfc007.dat 2015-04-26 16:48 - 2009-07-14 07:13 - 01649878 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-26 16:47 - 2013-10-24 13:48 - 01818871 _____ () C:\Windows\WindowsUpdate.log 2015-04-26 16:47 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-26 16:47 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-26 16:44 - 2013-10-24 19:17 - 00000000 ____D () C:\ProgramData\Origin 2015-04-26 16:42 - 2015-02-01 23:15 - 00020948 _____ () C:\Windows\setupact.log 2015-04-26 16:42 - 2015-02-01 20:44 - 00001767 _____ () C:\Users\Jonas\Desktop\Spotify.lnk 2015-04-26 16:42 - 2015-02-01 20:36 - 00001753 _____ () C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-04-26 16:42 - 2013-12-31 00:44 - 00000000 ____D () C:\Users\Jonas\AppData\Local\LogMeIn Hamachi 2015-04-26 16:42 - 2013-10-24 14:18 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-26 16:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-25 18:17 - 2014-06-17 08:08 - 00003002 _____ () C:\Windows\System32\Tasks\MSIAfterburner 2015-04-25 01:00 - 2015-02-02 12:36 - 00005892 _____ () C:\Windows\PFRO.log 2015-04-24 19:33 - 2014-11-07 13:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-04-21 00:00 - 2013-10-24 16:56 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\TS3Client 2015-04-17 21:11 - 2014-04-15 21:42 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-04-17 20:26 - 2013-12-09 01:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-17 20:26 - 2013-12-09 01:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-17 20:26 - 2013-12-09 01:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-16 19:16 - 2014-03-03 01:26 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\vlc 2015-04-15 22:44 - 2013-10-30 01:34 - 00000000 ____D () C:\Users\Jonas\AppData\Local\CrashDumps 2015-04-14 23:57 - 2014-01-29 02:11 - 00000000 ____D () C:\Users\Jonas\AppData\Local\ArmA 2 OA 2015-04-13 15:44 - 2014-04-06 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-04-13 15:44 - 2013-10-24 14:18 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-04-13 15:43 - 2014-04-06 15:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-04-13 15:37 - 2014-04-06 15:27 - 00001381 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2015-04-13 12:10 - 2013-10-24 16:50 - 00000000 ____D () C:\ProgramData\Skype 2015-04-10 13:16 - 2014-04-22 13:07 - 00000625 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2015-04-09 02:58 - 2014-08-11 19:33 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-04-09 02:58 - 2014-04-06 15:26 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-04-09 02:58 - 2014-04-06 15:26 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-04-09 02:58 - 2014-04-06 15:25 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-04-09 02:58 - 2014-04-06 15:25 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-04-09 02:58 - 2014-04-06 15:25 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-04-09 02:58 - 2014-04-06 15:25 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-04-09 02:58 - 2014-04-06 15:25 - 00029329 _____ () C:\Windows\system32\nvinfo.pb 2015-04-08 23:30 - 2014-04-06 15:26 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-04-08 23:30 - 2014-04-06 15:26 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-04-08 23:30 - 2014-04-06 15:26 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-04-08 23:30 - 2014-04-06 15:26 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-04-08 23:30 - 2014-04-06 15:26 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-04-08 23:30 - 2014-04-06 15:26 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-04-08 19:52 - 2014-04-06 15:26 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin 2015-04-08 13:15 - 2013-11-07 01:18 - 00000000 ___RD () C:\Users\Jonas\Desktop\Spiele 2015-04-06 19:07 - 2013-11-07 00:21 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2015-03-30 15:25 - 2014-01-27 19:56 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2015-03-28 05:44 - 2014-06-03 10:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-03-28 05:44 - 2014-04-06 15:27 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-03-28 05:43 - 2014-06-03 10:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-03-28 05:43 - 2014-04-06 15:27 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll ==================== Files in the root of some directories ======= 2014-10-27 19:21 - 2015-03-10 15:06 - 0000302 _____ () C:\Users\Jonas\AppData\Roaming\BreakingPoint_Login.ini 2014-10-27 19:22 - 2015-03-10 15:06 - 0001408 _____ () C:\Users\Jonas\AppData\Roaming\BreakingPoint_Options.ini 2014-04-03 23:29 - 2014-04-03 23:29 - 0007605 _____ () C:\Users\Jonas\AppData\Local\Resmon.ResmonCfg 2014-11-30 17:04 - 2014-11-30 17:04 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\Jonas\AppData\Local\Temp\i4jdel0.exe C:\Users\Jonas\AppData\Local\Temp\jre-8u40-windows-au.exe C:\Users\Jonas\AppData\Local\Temp\jshortcut-3848203736546741468.dll C:\Users\Jonas\AppData\Local\Temp\jshortcut-4635714071111452450.dll C:\Users\Jonas\AppData\Local\Temp\jshortcut-8655012844567121041.dll C:\Users\Jonas\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Jonas\AppData\Local\Temp\nvStInst.exe C:\Users\Jonas\AppData\Local\Temp\SkypeSetup.exe C:\Users\Jonas\AppData\Local\Temp\SpotifyUninstall.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-24 21:17 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2015 Ran by Jonas at 2015-04-26 21:18:39 Running from C:\Users\Jonas\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3728843872-2363194956-1273056754-500 - Administrator - Disabled) Gast (S-1-5-21-3728843872-2363194956-1273056754-501 - Limited - Disabled) Jonas (S-1-5-21-3728843872-2363194956-1273056754-1000 - Administrator - Enabled) => C:\Users\Jonas ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc) Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version: - Intoxicate Studios) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation) Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Archlord2 (HKLM-x32\...\{4B23B4C1-769A-49A4-AA12-1FF72B548F5D}_is1) (Version: 1.0.0.1 - Webzen) Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive) ARMA 2 Army of The Czech Republic - Data cache removal (HKLM-x32\...\A2ACR Data cache removal) (Version: - ) ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version: - ) ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version: - ) ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version: - ) Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version: - Bohemia Interactive) Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive) ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version: - ) Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version: - Bohemia Interactive) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) ArmA3Sync 1.4.54 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.4.54 - The [S.o.E] team) Assassins Creed IV Black Flag Deluxe Edition (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software) Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal) Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version: - ) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts) Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform) CommandCenter (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.52 - MSI) Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE) DayZ Commander (HKLM-x32\...\{99C28455-E285-4639-B4C6-9F747C0C3D4C}) (Version: 0.92.90 - Dotjosh Studios) DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars) Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{BB830050-E345-45FC-80D3-4EF9680CFC06}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Officejet 4630 series Hilfe (HKLM-x32\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.114 - MSI) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - ) Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - ) Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD) MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation) MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden MTA:SA v1.3.4 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.4 - Multi Theft Auto) MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto) Nether (HKLM-x32\...\Steam App 247730) (Version: - Phosphor Games) NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games) SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited) Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform) Spotify (HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 23-02-2015 20:49:16 Geplanter Prüfpunkt 02-03-2015 21:13:20 Geplanter Prüfpunkt 10-03-2015 15:58:48 Geplanter Prüfpunkt 10-03-2015 18:42:27 avast! antivirus system restore point 12-03-2015 16:13:25 DirectX wurde installiert 12-03-2015 16:15:08 DirectX wurde installiert 19-03-2015 19:16:20 Gerätetreiber-Paketinstallation: Steinberg Media Technologies GmbH 19-03-2015 19:54:15 Removed Steinberg Groove Agent ONE Vintage Beatboxes 19-03-2015 19:54:23 Removed Steinberg HALion Sonic SE Content for Cubase LE AI Elements 19-03-2015 19:54:35 Removed Steinberg Cubase LE AI Elements 7 64bit 19-03-2015 19:54:52 Removed Steinberg REVerence Content 01 19-03-2015 19:55:11 Removed Steinberg Groove Agent ONE Content 19-03-2015 19:55:22 Removed Steinberg HALion Sonic SE 64bit 19-03-2015 19:55:33 Removed Steinberg VST Amp Rack Content 01 19-03-2015 19:55:40 Removed Steinberg Midi Loop Library 19-03-2015 19:55:50 Removed Steinberg Drum Loop Expansion 01 19-03-2015 19:55:57 Removed Steinberg Upload Manager 27-03-2015 12:50:41 Geplanter Prüfpunkt 06-04-2015 22:54:34 Geplanter Prüfpunkt 13-04-2015 15:44:13 NVIDIA PhysX wird entfernt 21-04-2015 21:18:06 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {067FF7A5-AB4B-4CCF-ADC0-6961AF47537F} - System32\Tasks\{8B0DDEB3-8498-4AD6-9F58-6727A7377E63} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {2018E1F3-DE3E-4CFA-A624-6F1CB166EBB7} - System32\Tasks\{74A71055-8615-4B7A-8BCE-A165E374D9E9} => pcalua.exe -a "D:\Programme\DriverCleaner\Driver Cleaner Pro\DCleaner.exe" -d "D:\Programme\DriverCleaner\Driver Cleaner Pro" Task: {22B70E67-D9D2-4B1B-A7F1-2ACFDFB6078A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {32C3C9E9-F940-4345-AC6C-676429782BFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {46926EFF-DF59-4E6D-8B00-64C0823CE708} - System32\Tasks\{0E7F0382-9C66-4B5B-BFDA-726820641A57} => pcalua.exe -a D:\Programme\Arschlord\JUSTArchlord.exe -d D:\Programme\Arschlord Task: {5D3F5988-1BE8-4EF9-A4B3-06164BFAB8DF} - System32\Tasks\MSIAfterburner => D:\Programme\MSI Afterburner\MSIAfterburner.exe [2014-12-06] () Task: {661EBAB4-6A13-4B34-88BC-FA3E7460EF79} - System32\Tasks\{32CB1A07-A44E-4CB7-BF93-ABF7AD68DFFD} => D:\Programme\League of Legends\lol.launcher.exe [2013-06-12] () Task: {80809FF7-CA8B-4BB8-81A5-EB588FAB2530} - System32\Tasks\{6134E115-9A21-47BB-BA84-41C714823CFF} => D:\Programme\League of Legends\lol.launcher.exe [2013-06-12] () Task: {923E4025-D648-4DBB-99DD-618A06253923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {9AF0ED81-CC09-463C-80AD-5389EDA3AAA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd) Task: {A2E5D537-69B5-4E90-BE5A-F3317C1A8F04} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-10] (Avast Software s.r.o.) Task: {A4B8BDDF-C0FB-4D22-AAF4-E702BAF3D0A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated) Task: {BE7E1CD1-64AB-43C8-A653-EA80A6F15861} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EE4E1AA8-2D77-47F0-9E1B-6B68859501DD} - System32\Tasks\{326E6E3B-185C-4610-B51A-CB4C2F3E680E} => C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe [2014-08-02] (Dotjosh Studios, LLC) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-04-06 15:26 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-06-05 11:41 - 2014-11-09 13:37 - 00402432 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooks64.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-12-06 09:03 - 2014-12-06 09:03 - 00565760 _____ () D:\Programme\MSI Afterburner\MSIAfterburner.exe 2014-04-02 20:54 - 2014-01-16 17:00 - 01985536 _____ () C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe 2013-10-24 19:55 - 2014-08-10 21:29 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-04-02 20:54 - 2014-02-17 17:27 - 00531968 _____ () C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe 2014-04-02 20:54 - 2014-02-18 15:07 - 04113408 _____ () C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe 2014-11-09 13:37 - 2014-11-09 13:37 - 00197632 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSS.exe 2014-11-09 13:37 - 2014-11-09 13:37 - 00026112 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\EncoderServer.exe 2014-11-09 13:37 - 2014-11-09 13:37 - 00088576 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooksLoader64.exe 2015-03-10 18:43 - 2015-03-10 18:43 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-03-10 18:43 - 2015-03-10 18:43 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-04-25 18:02 - 2015-04-25 18:02 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042500\algo.dll 2015-04-26 16:42 - 2015-04-26 16:42 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042600\algo.dll 2015-04-13 15:37 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-06-05 11:40 - 2014-11-09 13:37 - 00356864 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooks.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2014-01-30 12:48 - 2015-02-27 20:58 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2014-04-02 22:13 - 2012-10-31 15:00 - 00991232 ____N () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00071680 _____ () D:\Programme\MSI Afterburner\RTMUI.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00056832 _____ () D:\Programme\MSI Afterburner\RTFC.dll 2014-12-06 09:02 - 2014-12-06 09:02 - 00217600 _____ () D:\Programme\MSI Afterburner\RTCore.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00353792 _____ () D:\Programme\MSI Afterburner\RTUI.dll 2014-12-06 09:02 - 2014-12-06 09:02 - 00649216 _____ () D:\Programme\MSI Afterburner\RTHAL.dll 2015-03-10 18:43 - 2015-03-10 18:43 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-03-10 18:43 - 2015-03-10 18:43 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll 2015-03-10 18:43 - 2015-03-10 18:43 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll 2014-11-09 13:37 - 2014-11-09 13:37 - 00056832 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTFC.dll 2014-11-09 13:37 - 2014-11-09 13:37 - 00353792 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTUI.dll 2014-11-09 13:37 - 2014-11-09 13:37 - 00071680 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTMUI.dll 2014-04-02 20:56 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-04-17 21:11 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll 2015-04-17 21:11 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll 2015-04-17 21:11 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\ProgramData:NT2 AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Users\All Users:NT2 AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Application Data:NT2 AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 AlternateDataStreams: C:\Users\Jonas\Anwendungsdaten:NT AlternateDataStreams: C:\Users\Jonas\Anwendungsdaten:NT2 AlternateDataStreams: C:\Users\Jonas\AppData\Roaming:NT AlternateDataStreams: C:\Users\Jonas\AppData\Roaming:NT2 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CommandCenter => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe MSCONFIG\startupreg: Fast Boot => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe MSCONFIG\startupreg: iTunesHelper => "D:\Programme\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LiveUpdate 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder MSCONFIG\startupreg: MBCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [{C964CF3B-C868-4A4D-82FB-1DC2F4EEED7F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe FirewallRules: [{85F8946D-95E5-43EB-A3C4-47C12304AC20}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{57C12CC0-2EC3-4373-86F4-8E35A262DDD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{FD40F426-F1B3-4D36-9825-3BE5CE8A2DA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{11376261-4D1C-4EF8-A72D-A3C759E787D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{2625AB0C-0C87-4853-94CA-E4FEDBF575A6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{351BEA94-675E-459E-976A-1C128C4AE11A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{ED90717B-5EEA-41BF-AD03-D76606EB41A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D630D27D-F6C8-483D-A218-6AE590949EB2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{3DCD3B14-DD0D-4C7D-95AF-76AF7D73B36B}D:\programme\skype\phone\skype.exe] => (Allow) D:\programme\skype\phone\skype.exe FirewallRules: [UDP Query User{5FBBD407-67C8-4FF9-AAED-F0031669A5CB}D:\programme\skype\phone\skype.exe] => (Allow) D:\programme\skype\phone\skype.exe FirewallRules: [{3C513716-1FE0-4D11-8AA1-AFB0F71CFDC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{6D7F3D9C-B693-4CBE-BB90-431C099809E3}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{70F9AB8F-107E-47E2-87D1-D49CE77ECB33}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [TCP Query User{46156F90-3073-4303-883F-3271B78AFD79}D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe FirewallRules: [UDP Query User{15C16BB7-DA1B-4BDB-B9D0-3B260D237A9E}D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe FirewallRules: [{14F04D83-A359-4BA8-912A-2718AAB43810}] => (Allow) D:\Programme\RGSC\Rockstar Games Social Club\RGSCLauncher.exe FirewallRules: [{5668ABFD-E3BF-4252-A9F6-AAD33857E24D}] => (Allow) D:\Programme\RGSC\Rockstar Games Social Club\RGSCLauncher.exe FirewallRules: [{7D4AD19E-11D1-43FC-81F5-6116F7E3B1B6}] => (Allow) D:\Programme\Splinter Cell BL\Blacklist_Launcher.exe FirewallRules: [{916FC418-C086-4885-8D77-D109BE0E1039}] => (Allow) D:\Programme\Splinter Cell BL\Blacklist_Launcher.exe FirewallRules: [{61156FEF-0F40-45D8-A67C-0369E91B7AB0}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_game.exe FirewallRules: [{FA786CC1-A022-4EBB-B0F1-81AB9906C6D0}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_game.exe FirewallRules: [{C47951EA-78CC-4073-AD89-5FA3626B9423}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_DX11_game.exe FirewallRules: [{27F4B2FA-C75A-467D-8172-72D71F72F42A}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_DX11_game.exe FirewallRules: [{8A0A59EB-5CA4-4EF0-9C05-C1FDC63F12EF}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\gu.exe FirewallRules: [{F51633D2-4A4D-4CA3-B11F-8FFF4934C723}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\gu.exe FirewallRules: [{0F3E80BD-869A-4F67-80DF-DE6C2C4D788A}] => (Allow) D:\Programme\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{0D91E452-719D-4DA0-B823-8099F4906022}] => (Allow) D:\Programme\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [TCP Query User{7D758F8E-F055-46B5-B3D2-28E0455C4DE8}D:\programme\battlefield 2142\bf2142.exe] => (Allow) D:\programme\battlefield 2142\bf2142.exe FirewallRules: [UDP Query User{CC1C40E3-A5A1-44FB-BC2A-43BC415D05E8}D:\programme\battlefield 2142\bf2142.exe] => (Allow) D:\programme\battlefield 2142\bf2142.exe FirewallRules: [{2D5961A5-168B-404D-B635-60B91908A5BF}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe FirewallRules: [{86288E17-2574-49A7-96F7-AA688212ED91}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe FirewallRules: [{54DF1AEF-6045-4C41-B67A-53D7E1950FE4}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe FirewallRules: [{3441453B-1EA9-41E7-B330-5E350C307E25}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe FirewallRules: [{4D333135-1FDD-4893-B736-1384F4E07BBE}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe FirewallRules: [{1327514D-E162-4288-A488-FD82709D760F}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe FirewallRules: [{90D9BB06-335F-42D1-B375-79F62570FE18}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{4767D312-45D6-4D62-8A2B-09E22E13AD66}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{D38AEFA3-3A15-45D3-8DAA-202A6E563027}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{4C271AD2-1348-4248-992B-B3630AE1FDC3}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [TCP Query User{4318795E-A352-4304-BDE5-B77FACDCE71A}D:\programme\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\programme\call of duty 4 - modern warfare\iw3mp.exe FirewallRules: [UDP Query User{3102A9EE-1951-40AA-A646-2EA069FC4D8E}D:\programme\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\programme\call of duty 4 - modern warfare\iw3mp.exe FirewallRules: [TCP Query User{8070A3B3-29DD-4A74-8717-E6BABC6E056F}D:\programme\call of duty - world at war\codwawmp.exe] => (Block) D:\programme\call of duty - world at war\codwawmp.exe FirewallRules: [UDP Query User{28715F85-9E3B-473D-98C5-637EF25EF0E5}D:\programme\call of duty - world at war\codwawmp.exe] => (Block) D:\programme\call of duty - world at war\codwawmp.exe FirewallRules: [TCP Query User{05EFCB79-D179-4E1D-9049-49C01D857B86}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [UDP Query User{7C545AA3-AA02-435A-8B4D-B6A29AC2B67D}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [TCP Query User{DC038755-7840-4EC4-AFD0-559892C2ACA9}D:\programme\steam\steam.exe] => (Allow) D:\programme\steam\steam.exe FirewallRules: [UDP Query User{B546F596-C974-44FE-AA51-D98FFD6FF441}D:\programme\steam\steam.exe] => (Allow) D:\programme\steam\steam.exe FirewallRules: [TCP Query User{285D18DA-BDBE-4CF9-80BB-A49134B083B8}D:\programme\call of duty - world at war\codwaw2.exe] => (Allow) D:\programme\call of duty - world at war\codwaw2.exe FirewallRules: [UDP Query User{E9AF433D-B61D-4737-BC1A-FCC981836F99}D:\programme\call of duty - world at war\codwaw2.exe] => (Allow) D:\programme\call of duty - world at war\codwaw2.exe FirewallRules: [{1EBC8A4D-426C-4E5F-905A-107C5C3967BA}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe FirewallRules: [{D7275809-0782-4B3B-A987-1FE45C770EEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{D7A7CE7E-7FB7-457E-BC2D-681768A6058F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{E4FCC796-0214-4CEB-9CFE-46AA7D7A8527}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E0315E48-3840-4599-94D3-373C9CA1861D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{467BAB08-1EA0-4D13-87EB-4246248854E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{408B7C52-B7D7-4D65-A884-080BDF1FB889}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{ADCF57E3-B9E7-480B-A608-3E40677821EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{B2C7C0D1-9139-4D1D-B7FA-22C739998A6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{E61023FF-0583-4DC2-9464-7DE0BD078A33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{67BAD71F-BF9E-4BD2-BAD1-7C6E750F6846}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{65AA7443-6A63-4DDC-A864-B450C8CD5A13}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E52006B9-C7E3-45F9-AE34-F6E5617D980B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F20EBB78-C66F-4E2A-BBB1-B2417A5D4821}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{23E1780F-F8FC-4A7D-847F-5B75699ED757}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{65B05299-E1D3-43DB-AC73-35459A7949D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{70BC6EA9-99D5-420C-A7E8-4706DB03CA8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C34A39F3-0737-4A0B-B73B-1EBE4F22F7FD}] => (Allow) D:\Programme\Steam\SteamApps\common\Nether\Launcher\Launcher.exe FirewallRules: [{12F2F98F-EF22-4D7C-A40F-8DD16DFA39FD}] => (Allow) D:\Programme\Steam\SteamApps\common\Nether\Launcher\Launcher.exe FirewallRules: [TCP Query User{1E71369E-7699-42CE-8494-98F6D8B511CC}D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe] => (Allow) D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe FirewallRules: [UDP Query User{5FC11757-BCC5-491F-8E3F-C0A5E9FA89BD}D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe] => (Allow) D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe FirewallRules: [{C24193C0-E3B0-4FF1-AA77-F9D0940C1AC6}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{6E81BB66-32BE-412E-AB06-059DC467B5AB}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{7A7AC981-0FE2-45C0-A9C3-05F4DA161AAD}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 2\arma2.exe FirewallRules: [{E17C6D68-0353-42D2-8156-5E184743B4F3}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 2\arma2.exe FirewallRules: [{63DC12F5-003A-4ADA-8E0A-EA3E630EEC8E}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe FirewallRules: [{7174020F-F187-4281-9B9F-4A541EC4DCEE}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe FirewallRules: [{5359EF6E-5809-42A3-824D-5389D7CC65BF}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe FirewallRules: [{BF723D1F-8FE4-40C3-8515-50448FFA5B78}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe FirewallRules: [TCP Query User{42003748-019E-486F-A88B-D2742581964B}D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe] => (Block) D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe FirewallRules: [UDP Query User{08056199-C61F-4B85-B809-567A9A7C53AF}D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe] => (Block) D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe FirewallRules: [{59D0B5E5-C4D9-4BF8-8EBF-9D6AE963E536}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{838645FD-78B1-4045-969F-6DBF52B6EA47}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2C9F8D89-68D0-4325-B5D3-8B3BC0C30B2A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5AD4680D-4906-4EA4-9E89-4903942A2017}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{9C3B2493-FD88-4150-AD84-4D612CDA48B3}] => (Allow) D:\Programme\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{5A8E6DE1-E037-401F-809E-A84D55043635}] => (Allow) D:\Programme\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{27F6389E-A110-4818-8274-9A9406D5B14E}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{80BB1E5D-E955-4791-B93E-A2E33AF27DE7}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{72774BE3-13B3-4831-B0C8-3D6BA2E10CBA}] => (Allow) D:\Programme\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{42540116-BE08-4B0C-9931-270690D56C97}] => (Allow) D:\Programme\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{DB996F36-ED5D-4ED8-BA66-30C4B0B58E94}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{1B4FA859-A8B6-431B-BED8-E53B2967B767}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{BC9C0D66-2120-491D-8B4A-F2A16F0B6300}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{D27F34EA-3479-4D13-9EF3-3F6DE02D0179}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{71770921-100F-4CA2-B3B3-8612A628C408}] => (Allow) D:\Programme\Steam\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe FirewallRules: [{B21A0D1A-0630-46AC-8E7C-C860F228F1BB}] => (Allow) D:\Programme\Steam\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe FirewallRules: [{3608F771-7B01-4F8E-978A-AB1982299D64}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [{17AD0D7E-6B86-4937-814C-31A4B207512C}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [TCP Query User{1E60DA56-7736-4FD3-92AC-2B54FD4794AC}D:\programme\breaking point (arma3)\breakingpoint.exe] => (Block) D:\programme\breaking point (arma3)\breakingpoint.exe FirewallRules: [UDP Query User{95074FA1-8CC3-4B0F-BE4F-A2CF5407AC2E}D:\programme\breaking point (arma3)\breakingpoint.exe] => (Block) D:\programme\breaking point (arma3)\breakingpoint.exe FirewallRules: [TCP Query User{BCFB4635-FB36-4283-87B8-387ED656B6B3}C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe] => (Block) C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe FirewallRules: [UDP Query User{79829D97-B557-4ED8-8884-7D61399F1840}C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe] => (Block) C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe FirewallRules: [{7E14423A-5F99-4774-9710-D5405CB5DBB6}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe FirewallRules: [{90F0A9A9-AF72-41DF-B8FE-30595B5256D4}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe FirewallRules: [{78B8BCD2-8954-4145-9F07-897039025826}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe FirewallRules: [{DD783AC5-98C4-4486-837F-72464ACAB561}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe FirewallRules: [{00CBBD64-89B1-46C4-A1BE-AD7AB76F5D11}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{F3D40EC2-E2B0-48FC-91B1-E1D799041ADD}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\PMC\datacachepreprocessor.exe FirewallRules: [{29123D3E-E1CE-449F-972D-0AE4882FEE05}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\PMC\datacachepreprocessor.exe FirewallRules: [{DEB2C1B1-4382-4A18-96D0-A5874C685C7A}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\ACR\datacachepreprocessor.exe FirewallRules: [{9ABF058F-B7DF-49F4-8B68-14C6E05F132F}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\ACR\datacachepreprocessor.exe FirewallRules: [{C2317AA3-70D5-4CF8-B682-614DB458B42B}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\BAF\datacachepreprocessor.exe FirewallRules: [{45576F3C-B6F7-4341-AA19-03D3E8ABAC03}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\BAF\datacachepreprocessor.exe FirewallRules: [TCP Query User{C388E5CD-9884-441E-B271-0D6FB8B94F73}D:\programme\spotify\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify\spotify.exe FirewallRules: [UDP Query User{5660A152-6038-4BE1-B263-438C9DD6C80F}D:\programme\spotify\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify\spotify.exe FirewallRules: [{3FF91C9F-C9E2-452E-84B7-20A9EFCFDBBA}] => (Block) D:\programme\spotify\spotify\spotify.exe FirewallRules: [{4B3BC523-5852-47AD-9048-439325640F04}] => (Block) D:\programme\spotify\spotify\spotify.exe FirewallRules: [TCP Query User{2257A44B-3AF4-4D11-AB54-5011F28A046C}D:\programme\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify.exe FirewallRules: [UDP Query User{177A9FAB-3C32-46DC-A22A-DB1E9818B878}D:\programme\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify.exe FirewallRules: [{9D2D55A9-8833-4156-BF6A-9FE520065218}] => (Block) D:\programme\spotify\spotify.exe FirewallRules: [{FC01FE32-85F1-49F3-960B-F02F45CFBB1D}] => (Block) D:\programme\spotify\spotify.exe FirewallRules: [{14DFACE4-9BF2-4710-9BE3-956017C243F5}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{9B4C2954-18AD-4E6C-872D-9A9BEF8D36DF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{FAFAA210-A8B2-48AA-82E5-7E719BB5B998}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [TCP Query User{F455FCBC-3219-4230-93C8-03B805D09DB7}C:\users\jonas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonas\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{032BCA69-4B59-4874-8203-5024733A8981}C:\users\jonas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonas\appdata\roaming\spotify\spotify.exe FirewallRules: [{32B0E9CB-0971-48A4-B5BD-374125AAAC9A}] => (Block) C:\users\jonas\appdata\roaming\spotify\spotify.exe FirewallRules: [{86F47016-AB1E-4813-AAF7-8EBBB3B313BB}] => (Block) C:\users\jonas\appdata\roaming\spotify\spotify.exe FirewallRules: [{7F941748-13AA-4771-819E-CDAF185780D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8034 Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8034 Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7004 Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7004 Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6006 Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6006 Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/24/2015 01:44:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5007 System errors: ============= Error: (04/25/2015 01:00:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MSISuperIO_CC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/19/2015 08:15:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/19/2015 08:14:57 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 19.04.2015 um 20:13:58 unerwartet heruntergefahren. Error: (04/14/2015 06:03:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (04/14/2015 06:03:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (04/13/2015 03:32:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (04/13/2015 03:32:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (04/10/2015 01:16:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (04/07/2015 07:50:32 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (04/07/2015 07:50:32 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Microsoft Office Sessions: ========================= Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8034 Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8034 Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7004 Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7004 Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6006 Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6006 Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/24/2015 01:44:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5007 CodeIntegrity Errors: =================================== Date: 2015-03-01 23:31:55.692 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-03-01 23:31:55.639 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-03-01 23:31:50.086 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-03-01 23:31:50.033 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-03-01 21:31:12.748 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-03-01 21:31:12.696 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-03-01 21:31:07.673 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-03-01 21:31:07.621 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-28 23:27:55.996 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-28 23:27:55.937 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz Percentage of memory in use: 34% Total physical RAM: 8136 MB Available physical RAM: 5308.41 MB Total Pagefile: 16270.17 MB Available Pagefile: 12901.56 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:40.92 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:394.15 GB) NTFS Drive e: (acer_ S242HL) (CDROM) (Total:0.23 GB) (Free:0 GB) CDFS Drive f: () (Removable) (Total:7.52 GB) (Free:7.45 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 035E6137) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A972791) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 7.6 GB) (Disk ID: 3A5EF7E8) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B) ==================== End Of Log ============================ |
26.04.2015, 20:34 | #4 |
/// TB-Ausbilder /// Anleitungs-Guru | Internetverbindung wird kontrolliertVersuch mal bitte einen Screenshot zu machen. Der alte Thread hat auch keine mehr...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
26.04.2015, 20:40 | #5 |
| Internetverbindung wird kontrolliert geht leider nicht also es ist seit dem nicht mehr erschienen :/ sah aber ich sag mal vom layout aus wie ein ganz normales pop-up bzw eine meldung von chrome .. /edit: was ich vergessen habe zu schreiben ist ich konnte zwei felder anklicken entweder "einstellungen wiederherstellen" oder ein anderes aber ich bin gerade nicht sicher was dort stand. ich dachte mir es würde von chrome kommen und klickte auf einstellungen wiederherstellen. ich glaube auf dem anderen stand "weitere informationen" oder so etwas.. Geändert von JamesP (26.04.2015 um 20:47 Uhr) |
26.04.2015, 21:51 | #6 |
/// TB-Ausbilder /// Anleitungs-Guru | Internetverbindung wird kontrolliert Was hast Du denn gerade gemacht als das gekommen ist? Ein "Virus" ist das wohl nicht. Wäre zumindest kein schlauer...
__________________ --> Internetverbindung wird kontrolliert |
02.05.2015, 17:29 | #7 |
| Internetverbindung wird kontrolliert servus habe nun die meldung erneut bekommen und diesmal einen screenshot hxxp://www.picfront.org/d/9h0p gemacht. habe auf "weitere informationen" geklickt und wurde hierher verwiesen: https://support.google.com/chrome/answer/6029416?p=ui_settings_api_extension&rd=1 Geändert von JamesP (02.05.2015 um 17:36 Uhr) |
02.05.2015, 17:54 | #8 |
/// TB-Ausbilder /// Anleitungs-Guru | Internetverbindung wird kontrolliert Gibst das Bild auch größer?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
02.05.2015, 18:01 | #9 |
| Internetverbindung wird kontrolliert bekomms irgendwie nicht gebacken das groß zu machen .. hier ist der link: hxxp://www.picfront.org/d/9h0p geht nur wenn man hxxp zu http macht |
02.05.2015, 18:12 | #10 |
/// TB-Ausbilder /// Anleitungs-Guru | Internetverbindung wird kontrolliert Naja, Du hast ja auch dementsprechende Erweiterungen. Böse Malware ist das bestimmt keine. Zumindest kenne ich davon keine, die sich meldet und dem User einen Hinweis gibt.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
02.05.2015, 18:15 | #11 |
| Internetverbindung wird kontrolliert okay das klingt ja gut haha vielen dank trotzdem für deine hilfe |
02.05.2015, 18:16 | #12 |
/// TB-Ausbilder /// Anleitungs-Guru | Internetverbindung wird kontrolliert Alles klar.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
Themen zu Internetverbindung wird kontrolliert |
.html, abend, adwcleaner, andere, avast, beste, besten, einfach, frage, guten, inter, interne, internetverbindung, konnte, kontrolliert, nutze, problem, situation, thread, verbindung, virus, win, win 7, win 7 u |