| Herr HDMI | 26.05.2014 20:29 |
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Alex (administrator) on PC on 26-05-2014 21:20:49
Running from D:\Users\Alex\Desktop
Platform: Windows 8.1 Pro (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LucidLogix) C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) D:\Program Files (x86)\VMWare\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Jeroen Pelgrims) C:\Users\Alex\AppData\Local\Apps\2.0\8AXCHEXO.52E\ZWD2AJGX.J3R\soun..tion_0000000000000000_0002.0004_f839aedc2aa2d7a7\SoundSwitch.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dominik Reichl) D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [VIRTU MVP 2.0] => C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\MVPControlPanel20.Exe [1239272 2013-11-26] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10394392 2014-04-07] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-24] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1042358896-3432114915-2194365511-1001\...\MountPoints2: {191785d8-c60f-11e3-8258-d43d7ef5a48d} - "F:\autorun.exe" de
HKU\S-1-5-21-1042358896-3432114915-2194365511-1001\...\MountPoints2: {9e24b9c2-c469-11e3-8258-d43d7ef5a48d} - "G:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\Windows\system32\appinit_dll.dll => C:\Windows\system32\appinit_dll.dll [531688 2013-11-26] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll => C:\Windows\SysWOW64\appinit_dll.dll [482536 2013-11-26] (Lucidlogix Inc.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SoundSwitch.appref-ms ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.ch.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x14898152AF5BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wheimoil.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Extension: anonymoX - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wheimoil.default\Extensions\client@anonymox.net.xpi [2014-05-11]
FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wheimoil.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-09]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-24] (AVAST Software)
R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2228048 2014-05-13] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 LucidSvc; C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe [20712 2013-11-26] (LucidLogix)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-16] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros)
R2 VMAuthdService; D:\Program Files (x86)\VMWare\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-24] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-23] (Microsoft Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 XFDriver64; D:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)
R3 xusb22; C:\Windows\system32\DRIVERS\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Alex\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-26 21:18 - 2014-05-26 21:20 - 00000000 ____D () C:\FRST
2014-05-26 19:03 - 2014-05-26 19:03 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1042358896-3432114915-2194365511-500
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-05-26 18:59 - 2014-05-26 18:59 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-26 18:59 - 2014-05-26 18:59 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ClassicShell
2014-05-26 18:58 - 2014-05-26 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA
2014-05-26 18:58 - 2014-05-26 18:58 - 00001450 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-26 18:58 - 2014-05-26 18:58 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\lucidlogix
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Logitech
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVAST Software
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Logitech
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator
2014-05-26 18:58 - 2014-05-14 22:07 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-26 18:58 - 2014-04-13 22:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-26 18:58 - 2014-04-09 20:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-26 18:58 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-26 18:58 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-26 18:58 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-26 18:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-24 17:59 - 2014-05-25 14:52 - 00000000 ____D () C:\Windows\GTA IV - UltimateVehiclePack
2014-05-23 19:27 - 2014-05-23 19:27 - 00000000 ____D () C:\Users\Alex\AppData\Local\Chromium
2014-05-23 19:26 - 2014-05-23 19:26 - 00000561 _____ () C:\Windows\wmsetup.log
2014-05-19 18:11 - 2014-05-19 18:11 - 00298016 _____ () C:\Windows\Minidump\051914-12203-01.dmp
2014-05-18 20:02 - 2014-05-26 19:02 - 00000000 ___RD () C:\Users\Alex\Dropbox
2014-05-18 20:01 - 2014-05-26 19:02 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\DropboxMaster
2014-05-18 20:01 - 2014-05-26 19:02 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-05-18 20:01 - 2014-05-24 16:45 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-14 17:42 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 17:42 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-05-14 17:42 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 17:42 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-14 17:42 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-14 17:41 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:41 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:41 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:41 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 17:41 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-14 17:41 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-14 17:41 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-05-14 17:41 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-14 17:40 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-05-14 17:40 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-14 17:40 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-05-14 17:40 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-14 17:40 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-05-14 17:40 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-05-14 17:40 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-14 17:40 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-05-14 17:40 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:40 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-05-14 17:40 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:40 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-14 17:40 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-14 17:40 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-05-14 17:40 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-05-14 17:40 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-14 17:40 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-14 17:40 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-14 17:40 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-14 17:40 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-05-14 17:40 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-14 17:40 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-05-14 17:40 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-14 17:40 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-05-14 17:40 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-05-14 17:40 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-05-14 17:40 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-05-14 17:40 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 17:40 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:38 - 2014-05-14 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-12 18:43 - 2014-05-12 20:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\VMware
2014-05-12 18:43 - 2014-05-12 20:05 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VMware
2014-05-12 18:40 - 2014-05-25 11:10 - 00000000 ____D () C:\ProgramData\VMware
2014-05-12 18:40 - 2014-05-12 18:40 - 00001735 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-12 18:40 - 2014-05-12 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-12 18:40 - 2014-05-12 18:40 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-12 18:40 - 2013-02-26 02:29 - 00933968 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-12 18:40 - 2013-02-26 02:28 - 00436304 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-12 18:40 - 2013-02-26 02:28 - 00357456 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-12 18:40 - 2013-02-26 02:28 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-12 18:40 - 2013-02-26 02:28 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-12 18:40 - 2013-02-26 02:27 - 00033360 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-05-12 18:40 - 2012-10-24 14:17 - 00070296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2014-05-12 18:40 - 2012-10-24 14:17 - 00067224 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2014-05-12 18:40 - 2012-10-24 14:17 - 00063128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2014-05-12 18:40 - 2012-10-11 16:15 - 00052376 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-07 22:42 - 2014-05-07 22:42 - 00298128 _____ () C:\Windows\Minidump\050714-12328-01.dmp
2014-05-06 13:59 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-06 13:59 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-03 22:43 - 2014-05-03 22:43 - 00001207 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-03 22:43 - 2014-05-03 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-03 22:42 - 2014-05-03 22:43 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\DVDVideoSoft
2014-05-03 13:20 - 2014-05-03 13:20 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn
2014-05-03 13:20 - 2014-05-03 13:20 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-05-03 13:18 - 2014-05-16 17:11 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn Hamachi
2014-05-03 13:17 - 2014-05-14 17:38 - 00000719 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-03 11:13 - 2014-05-03 11:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 11:13 - 2014-05-03 11:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 19:31 - 2014-05-01 19:31 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-01 17:29 - 2014-05-01 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 17:08 - 2014-05-19 18:11 - 812303212 _____ () C:\Windows\MEMORY.DMP
2014-05-01 17:08 - 2014-05-19 18:11 - 00000000 ____D () C:\Windows\Minidump
2014-05-01 17:08 - 2014-05-01 17:08 - 01711936 _____ () C:\Windows\Minidump\050114-12312-01.dmp
2014-04-30 21:51 - 2014-04-30 21:51 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-04-30 21:45 - 2014-04-30 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-04-30 21:30 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\Alex\AppData\Local\Rockstar Games
2014-04-30 21:30 - 2014-04-30 21:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-04-30 21:30 - 2014-04-30 21:30 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-04-30 21:30 - 2014-04-30 21:30 - 00000000 __RHD () C:\Users\Alex\AppData\Roaming\SecuROM
2014-04-30 21:30 - 2014-04-30 21:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-04-29 20:06 - 2014-04-29 20:06 - 00000000 ____D () C:\Users\Alex\AppData\Local\My Games
2014-04-26 23:14 - 2014-04-26 23:14 - 00000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
==================== One Month Modified Files and Folders =======
2014-05-26 21:20 - 2014-05-26 21:18 - 00000000 ____D () C:\FRST
2014-05-26 21:16 - 2014-04-09 20:19 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\ClassicShell
2014-05-26 21:05 - 2014-04-10 19:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-26 19:07 - 2014-04-09 19:06 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1042358896-3432114915-2194365511-1001
2014-05-26 19:05 - 2014-04-09 19:04 - 01788458 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-26 19:05 - 2013-08-23 01:24 - 00768062 _____ () C:\Windows\system32\perfh007.dat
2014-05-26 19:05 - 2013-08-23 01:24 - 00160906 _____ () C:\Windows\system32\perfc007.dat
2014-05-26 19:03 - 2014-05-26 19:03 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1042358896-3432114915-2194365511-500
2014-05-26 19:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-05-26 19:02 - 2014-05-18 20:02 - 00000000 ___RD () C:\Users\Alex\Dropbox
2014-05-26 19:02 - 2014-05-18 20:01 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\DropboxMaster
2014-05-26 19:02 - 2014-05-18 20:01 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-05-26 19:02 - 2014-04-13 21:34 - 00000000 ____D () C:\Users\Alex\AppData\Local\Deployment
2014-05-26 19:02 - 2014-04-09 21:44 - 00000000 _RSHD () C:\ProgramData\Key-Base
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-05-26 19:00 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA
2014-05-26 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-05-26 18:59 - 2014-05-26 18:59 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-26 18:59 - 2014-05-26 18:59 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ClassicShell
2014-05-26 18:59 - 2014-04-09 19:00 - 01155935 _____ () C:\Windows\WindowsUpdate.log
2014-05-26 18:59 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-26 18:58 - 2014-05-26 18:58 - 00001450 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-26 18:58 - 2014-05-26 18:58 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\lucidlogix
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Logitech
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVAST Software
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Logitech
2014-05-26 18:58 - 2014-05-26 18:58 - 00000000 ____D () C:\Users\Administrator
2014-05-26 18:44 - 2014-04-09 19:00 - 00000000 ____D () C:\Users\Alex
2014-05-25 19:46 - 2014-04-10 18:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\KeePass
2014-05-25 14:52 - 2014-05-24 17:59 - 00000000 ____D () C:\Windows\GTA IV - UltimateVehiclePack
2014-05-25 11:10 - 2014-05-12 18:40 - 00000000 ____D () C:\ProgramData\VMware
2014-05-25 11:10 - 2014-04-09 19:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-25 11:10 - 2013-08-22 16:46 - 00021886 _____ () C:\Windows\setupact.log
2014-05-25 11:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-25 11:06 - 2014-04-09 19:00 - 00000000 ___RD () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 22:24 - 2014-04-10 17:50 - 00000000 ____D () C:\ProgramData\Origin
2014-05-24 20:35 - 2014-04-13 15:06 - 00291328 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-24 20:35 - 2014-04-10 20:37 - 00291328 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-24 20:34 - 2014-04-10 20:37 - 00280600 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-24 20:33 - 2014-04-09 22:10 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-05-24 16:45 - 2014-05-18 20:01 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-23 19:27 - 2014-05-23 19:27 - 00000000 ____D () C:\Users\Alex\AppData\Local\Chromium
2014-05-23 19:26 - 2014-05-23 19:26 - 00000561 _____ () C:\Windows\wmsetup.log
2014-05-23 19:26 - 2014-04-10 20:36 - 00150587 _____ () C:\Windows\DirectX.log
2014-05-23 18:47 - 2014-04-13 11:45 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-19 18:11 - 2014-05-19 18:11 - 00298016 _____ () C:\Windows\Minidump\051914-12203-01.dmp
2014-05-19 18:11 - 2014-05-01 17:08 - 812303212 _____ () C:\Windows\MEMORY.DMP
2014-05-19 18:11 - 2014-05-01 17:08 - 00000000 ____D () C:\Windows\Minidump
2014-05-16 17:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-05-16 17:11 - 2014-05-03 13:18 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn Hamachi
2014-05-15 17:36 - 2014-04-09 19:05 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 17:36 - 2014-04-09 19:05 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 17:36 - 2014-04-09 19:05 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 17:34 - 2014-04-09 19:00 - 00000000 ___RD () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 22:07 - 2014-05-26 18:58 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 22:07 - 2014-04-13 22:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-05-14 22:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 22:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 22:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-05-14 22:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-14 22:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-14 22:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 22:06 - 2014-04-09 19:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:05 - 2014-04-09 19:48 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 22:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-14 17:38 - 2014-05-14 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 17:38 - 2014-05-03 13:17 - 00000719 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-13 20:07 - 2014-04-10 19:46 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-12 20:07 - 2014-05-12 18:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\VMware
2014-05-12 20:05 - 2014-05-12 18:43 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VMware
2014-05-12 18:40 - 2014-05-12 18:40 - 00001735 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-12 18:40 - 2014-05-12 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-12 18:40 - 2014-05-12 18:40 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-12 18:40 - 2014-04-09 21:38 - 01807894 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-07 22:42 - 2014-05-07 22:42 - 00298128 _____ () C:\Windows\Minidump\050714-12328-01.dmp
2014-05-07 19:35 - 2014-04-09 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-07 19:35 - 2014-04-09 21:53 - 00000000 ____D () C:\Program Files\Logitech
2014-05-07 17:08 - 2014-04-09 18:58 - 00026080 _____ () C:\Windows\PFRO.log
2014-05-06 06:40 - 2014-05-14 17:41 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-14 17:41 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-14 17:41 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:03 - 2014-04-09 19:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-03 22:43 - 2014-05-03 22:43 - 00001207 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-03 22:43 - 2014-05-03 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-03 22:43 - 2014-05-03 22:42 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\DVDVideoSoft
2014-05-03 13:20 - 2014-05-03 13:20 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn
2014-05-03 13:20 - 2014-05-03 13:20 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-05-03 11:13 - 2014-05-03 11:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 11:13 - 2014-05-03 11:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 22:30 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:30 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-01 20:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-01 19:35 - 2014-04-30 21:30 - 00000000 ____D () C:\Users\Alex\AppData\Local\Rockstar Games
2014-05-01 19:31 - 2014-05-01 19:31 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-01 17:29 - 2014-05-01 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 17:08 - 2014-05-01 17:08 - 01711936 _____ () C:\Windows\Minidump\050114-12312-01.dmp
2014-04-30 21:51 - 2014-04-30 21:51 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-04-30 21:45 - 2014-04-30 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-04-30 21:45 - 2014-04-30 21:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-04-30 21:30 - 2014-04-30 21:30 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-04-30 21:30 - 2014-04-30 21:30 - 00000000 __RHD () C:\Users\Alex\AppData\Roaming\SecuROM
2014-04-30 21:30 - 2014-04-30 21:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-04-30 20:29 - 2014-04-09 21:31 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-30 20:29 - 2014-04-09 21:31 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-29 20:06 - 2014-04-29 20:06 - 00000000 ____D () C:\Users\Alex\AppData\Local\My Games
2014-04-27 12:14 - 2014-04-23 18:04 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Xfire
2014-04-27 12:14 - 2014-04-23 18:04 - 00000000 ____D () C:\ProgramData\Xfire
2014-04-26 23:14 - 2014-04-26 23:14 - 00000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\devcon64.exe
C:\Users\Alex\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Alex\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkyqpfs.dll
C:\Users\Alex\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Alex\AppData\Local\Temp\sonarinst.exe
C:\Users\Alex\AppData\Local\Temp\ubi436B.tmp.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-18 10:30
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Alex at 2014-05-26 21:18:34
Running from D:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.4 - Electronic Arts)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.150 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Firefox 29.0.1 (x86 de) (HKCU\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
SoundSwitch (HKCU\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Ultimate Vehicle Pack v11 for "Grand Theft Auto IV" (HKLM-x32\...\GTA IV - Ultimate Vehicle Pack) (Version: 11.0.86.0 - ZZCOOL)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VIRTU MVP 2.0 3.0.108 (HKLM\...\VIRTU MVP 2.0_is1) (Version: 3.0.108 - Lucidlogix Technologies LTD)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
Winterberg Configurator Version WEM Confi 8.8 (HKLM-x32\...\{58C3816E-B1BC-40B6-A97C-4358292A74C6}_is1) (Version: WEM Confi 8.8 - )
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version: - )
==================== Restore Points =========================
22-05-2014 16:17:46 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {010F0B66-6713-4C74-94D3-BFF744B364EC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {09509202-DF7F-4D78-B6FE-350D393E68FB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6429B624-14F5-4AA1-BE91-1FAE0D4D9D85} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {820A5E05-8688-4BAE-A444-CD26AB803DB2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A8B027EC-6E63-4391-8994-058901B52040} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {BDA43A6E-553D-41F7-8DF0-156E8ABD330A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-24] (AVAST Software)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D171DDAE-C9F0-4082-AA86-762E6790CFC0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-05-14] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F3D28AC0-42A0-4F61-A3D3-D117BFD2BE69} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-04-09 21:42 - 2013-11-26 12:52 - 00179432 _____ () C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\GuiCommon.dll
2014-04-10 20:37 - 2014-04-16 15:37 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-09 19:52 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-11 20:21 - 2014-02-11 20:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-01-22 15:15 - 2014-01-22 15:15 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-04-09 21:31 - 2014-04-30 20:30 - 00096200 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-04-09 21:31 - 2014-04-30 20:30 - 00870744 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-04-10 18:45 - 2014-02-03 10:31 - 00376832 _____ () D:\Program Files (x86)\KeePass Password Safe 2\KeePass.XmlSerializers.dll
2014-05-24 17:27 - 2014-05-24 17:27 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052400\algo.dll
2014-05-25 11:11 - 2014-05-25 11:11 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052401\algo.dll
2014-05-26 20:37 - 2014-05-26 20:37 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052603\algo.dll
2013-02-26 02:28 - 2013-02-26 02:28 - 01260624 _____ () D:\Program Files (x86)\VMWare\libxml2.dll
2014-04-09 21:41 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-04-09 19:05 - 2014-04-09 19:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-11 12:27 - 2014-05-11 12:27 - 03839088 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-26 19:02 - 2014-05-26 19:02 - 00043008 _____ () c:\users\alex\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkyqpfs.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Alex\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: CDC Serial
Description: CDC Serial
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2014 06:59:22 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-05-02T16:59:22Z. Fehlercode: 0x80040154.
Error: (05/26/2014 06:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_iphlpsvc, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17031, Zeitstempel: 0x530895af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000065e8e
ID des fehlerhaften Prozesses: 0x1ad8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_iphlpsvc0
Pfad der fehlerhaften Anwendung: svchost.exe_iphlpsvc1
Pfad des fehlerhaften Moduls: svchost.exe_iphlpsvc2
Berichtskennung: svchost.exe_iphlpsvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_iphlpsvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_iphlpsvc5
Error: (05/26/2014 06:45:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-05-02T16:45:02Z. Fehlercode: 0x80040154.
Error: (05/26/2014 06:44:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_wuauserv, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffc9c7e000a
ID des fehlerhaften Prozesses: 0x448
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_wuauserv0
Pfad der fehlerhaften Anwendung: svchost.exe_wuauserv1
Pfad des fehlerhaften Moduls: svchost.exe_wuauserv2
Berichtskennung: svchost.exe_wuauserv3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_wuauserv4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_wuauserv5
Error: (05/25/2014 10:58:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/24/2014 08:33:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MOHW.exe, Version: 1.0.0.3, Zeitstempel: 0x50cf7c2e
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 9.18.13.3523, Zeitstempel: 0x5315b45c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00135bbe
ID des fehlerhaften Prozesses: 0x1960
Startzeit der fehlerhaften Anwendung: 0xMOHW.exe0
Pfad der fehlerhaften Anwendung: MOHW.exe1
Pfad des fehlerhaften Moduls: MOHW.exe2
Berichtskennung: MOHW.exe3
Vollständiger Name des fehlerhaften Pakets: MOHW.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MOHW.exe5
Error: (05/24/2014 08:29:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GTAIV.exe, Version 1.0.7.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 124c
Startzeit: 01cf77741a8325d6
Endzeit: 4294967295
Anwendungspfad: D:\Users\Alex\Desktop\hgf\Grand Theft Auto IV\GTAIV\GTAIV.exe
Berichts-ID: 5ec83a6e-e371-11e3-8267-d43d7ef5a48d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/24/2014 07:04:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GTAIV.exe, Version 1.0.7.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 296c
Startzeit: 01cf7771df9ae0a0
Endzeit: 4294967295
Anwendungspfad: D:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe
Berichts-ID: 6840d2a6-e365-11e3-8267-d43d7ef5a48d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/24/2014 07:01:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GTAIV.exe, Version 1.0.7.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2200
Startzeit: 01cf777195e4de23
Endzeit: 4294967295
Anwendungspfad: D:\Users\Alex\Desktop\hgf\Grand Theft Auto IV\GTAIV\GTAIV.exe
Berichts-ID: 0d9c0091-e365-11e3-8267-d43d7ef5a48d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/24/2014 06:40:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.7.0, Zeitstempel: 0x4bd9efbe
Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.7.0, Zeitstempel: 0x4bd9efbe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001a9346
ID des fehlerhaften Prozesses: 0x3f94
Startzeit der fehlerhaften Anwendung: 0xGTAIV.exe0
Pfad der fehlerhaften Anwendung: GTAIV.exe1
Pfad des fehlerhaften Moduls: GTAIV.exe2
Berichtskennung: GTAIV.exe3
Vollständiger Name des fehlerhaften Pakets: GTAIV.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GTAIV.exe5
System errors:
=============
Error: (05/26/2014 07:03:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/26/2014 07:03:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerprofildienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/26/2014 07:03:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/26/2014 07:03:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Gruppenrichtlinienclient" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/26/2014 07:03:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/26/2014 07:00:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/26/2014 07:00:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Intelligenter Hintergrundübertragungsdienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/26/2014 06:58:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (05/26/2014 06:58:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/26/2014 06:58:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (05/26/2014 06:59:22 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800401542114-05-02T16:59:22Z
Error: (05/26/2014 06:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_iphlpsvc6.3.9600.163845215dfe3ntdll.dll6.3.9600.17031530895afc00000050000000000065e8e1ad801cf7901b83ecd5fC:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllf0766c67-e4f6-11e3-8269-d43d7ef5a48d
Error: (05/26/2014 06:45:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800401542114-05-02T16:45:02Z
Error: (05/26/2014 06:44:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_wuauserv6.3.9600.163845215dfe3unknown0.0.0.000000000c000000500007ffc9c7e000a44801cf77f924d84decC:\Windows\system32\svchost.exeunknownf46457c9-e4f4-11e3-8269-d43d7ef5a48d
Error: (05/25/2014 10:58:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (05/24/2014 08:33:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MOHW.exe1.0.0.350cf7c2envwgf2um.dll9.18.13.35235315b45cc000000500135bbe196001cf777ea7a975baD:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exeC:\Windows\SYSTEM32\nvwgf2um.dllecb93329-e371-11e3-8268-d43d7ef5a48d
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 32706.96 MB
Available physical RAM: 27813.27 MB
Total Pagefile: 65474.96 MB
Available Pagefile: 59988.79 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.23 GB) (Free:137.42 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1397.26 GB) (Free:973.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: 27CA27C9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: 000277AF)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)
==================== End Of Log ============================
Vielen Dank für die schnelle Antwort. :daumenhoc |
FRST 32-Bit | FRST 64-Bit