Trojaner-Board - 2 Fehlermeldungen

Vielen herzlichen Dank für die schnelle Antwort.

1.FRST.txt

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02

Ran by Nutte (administrator) on SASCHA on 28-05-2014 21:31:56

Running from C:\Users\Nutte\Downloads

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe

(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Opera Software) C:\Program Files (x86)\Opera\opera.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1064224 2013-11-14] (NVIDIA Corporation)

HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)

HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)

HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-17] (AVAST Software)

HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION

HKLM Group Policy restriction on software: C:\Program Files (x86)\ESET <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION

HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION

HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION

HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION

HKLM\...\Policies\Explorer: [HideSCAHealth] 0

HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Run: [kdtsttp] => regsvr32.exe "C:\ProgramData\kdtsttp.dat"

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Run: [Steam] => D:\Steam\steam.exe [1775808 2014-05-21] (Valve Corporation)

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Policies\Explorer: [TaskbarNoNotification] 0

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Policies\Explorer: [HideSCAHealth] 0

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\MountPoints2: {391d85f6-967b-11e2-9b46-001fd0974b3e} - G:\Startme.exe

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\MountPoints2: {a13880e2-41de-11e2-90f4-001fd0974b3e} - H:\Startme.exe

IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\adobe extension manager cs6.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\extendscript toolkit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x383EC1F9CA70CD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKLM - {46B777C3-B2EC-4DF2-98F7-10ECD1D11EC0} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms}

SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzytCtAtCzz0DtDtC0C0B0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=2045799266&ir=

SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()

FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\iTuns\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Nutte\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Nutte\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: YoutubeAdblocker - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\fwzaxkv_t@o-odd.co.uk [2014-02-22]

FF Extension: websave - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\zfwm5_zxw@iy-btah.org [2014-02-22]

FF Extension: FireShot - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-05-18]

FF Extension: ProxTube - Unblock YouTube - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013-12-09]

FF Extension: DownloadHelper - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-19]

FF Extension: FTdownloader V3.0 - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]

FF Extension: Pinger - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\janetka@pinger.xpi [2012-08-25]

FF Extension: leethax.net extension - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\leethax@leethax.net.xpi [2013-07-20]

FF Extension: ReloadEvery - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-09-06]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-12-06]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-17]
 

Chrome: 

=======

CHR StartupUrls: "hxxp://www.google.com/"

CHR Extension: (Google Docs) - C:\Users\Nutte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]

CHR Extension: (Google Drive) - C:\Users\Nutte\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]

CHR Extension: (Google Wallet) - C:\Users\Nutte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-21]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-17]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Services (Whitelisted) =================
 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-17] (AVAST Software)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4999600 2012-10-24] (INCA Internet Co., Ltd.)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-08-03] ()

R2 RalinkRegistryWriter; C:\Program Files (x86)\Logilink\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)

R2 RalinkRegistryWriter64; C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)

S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware)

S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-07-13] (soft Xpansion)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

S2 84ef8d51; "C:\Windows\system32\rundll32.exe" "c:\progra~2\ws-boo~1\AssistantSvc.dll",service
 

==================== Drivers (Whitelisted) ====================
 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-17] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-17] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-17] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-17] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-17] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-17] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-17] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-17] ()

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)

R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)

S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-09-18] (Windows (R) Win 7 DDK provider)

R3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [180544 2012-09-20] (Saitek)

R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)

R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)

S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)

R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-07-16] (Sony Ericsson Mobile Communications)

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)

R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)

S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 massfilter; system32\drivers\massfilter.sys [X]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]

S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]

S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-05-28 21:31 - 2014-05-28 21:32 - 00019740 _____ () C:\Users\Nutte\Downloads\FRST.txt

2014-05-28 21:31 - 2014-05-28 21:31 - 00000000 ____D () C:\FRST

2014-05-28 21:24 - 2014-05-28 21:24 - 02066944 _____ (Farbar) C:\Users\Nutte\Downloads\FRST64.exe

2014-05-28 21:13 - 2014-05-28 21:13 - 13049005 _____ () C:\Users\Nutte\Desktop\Creepypasta Archives- Squidward's Suicide FOUND FOOTAGE 7.mp4

2014-05-27 22:02 - 2014-05-27 22:02 - 00000133 _____ () C:\Users\Nutte\Desktop\Neues Textdokument.txt

2014-05-27 21:58 - 2014-05-27 21:58 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-05-27 21:58 - 2014-05-27 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-27 21:51 - 2014-05-27 21:51 - 00700783 ____R (Swearware) C:\Users\Nutte\Desktop\dds+.exe

2014-05-27 21:43 - 2014-05-28 12:12 - 00000672 _____ () C:\Windows\setupact.log

2014-05-27 21:43 - 2014-05-27 21:43 - 00013660 _____ () C:\Windows\PFRO.log

2014-05-27 21:43 - 2014-05-27 21:43 - 00000000 _____ () C:\Windows\setuperr.log

2014-05-27 21:12 - 2014-05-27 21:12 - 00004439 _____ () C:\Users\Nutte\Desktop\JRT.txt

2014-05-27 16:32 - 2014-05-27 16:32 - 00000118 _____ () C:\#system_booting.bat

2014-05-27 16:25 - 2014-05-27 16:26 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm (1).exe

2014-05-26 22:27 - 2014-05-26 22:27 - 00112704 _____ () C:\Users\Nutte\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-26 12:53 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Nutte\Desktop\JRT_NEW.exe

2014-05-25 20:34 - 2014-05-25 20:35 - 05058616 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-05-25 20:32 - 2014-05-25 20:32 - 00003392 ____N () C:\bootsqm.dat

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieUserList

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieSiteList

2014-05-25 07:16 - 2014-05-25 07:16 - 00000576 _____ () C:\Users\Nutte\Desktop\ZynoxCodeLoader - Verknüpfung.lnk

2014-05-24 14:29 - 2014-05-24 14:29 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm.exe

2014-05-23 11:42 - 2014-05-23 11:42 - 00000652 _____ () C:\Users\Public\Desktop\MAESTIA.lnk

2014-05-23 11:41 - 2014-05-23 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA

2014-05-21 08:50 - 2014-05-23 10:45 - 00000000 ____D () C:\Users\Nutte\Downloads\Gameforge Live

2014-05-17 22:42 - 2014-05-17 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-05-17 22:41 - 2014-05-17 22:41 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job

2014-05-17 22:39 - 2014-05-17 22:42 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-05-17 22:39 - 2014-05-17 22:42 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-05-17 22:39 - 2014-05-17 22:42 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-05-17 22:39 - 2014-05-17 22:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00000000 ____D () C:\Program Files\AVAST Software

2014-05-17 19:35 - 2014-05-17 20:46 - 00131428 _____ () C:\Windows\system32\avgrep.txt

2014-05-14 01:52 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-14 01:52 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-14 01:52 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-14 01:52 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-14 01:52 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-14 01:52 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-14 00:03 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-14 00:03 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-14 00:03 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-14 00:03 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-05-14 00:02 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-14 00:02 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-14 00:02 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-14 00:02 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-14 00:02 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-14 00:02 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-14 00:02 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-14 00:02 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-05-14 00:02 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-05-14 00:02 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-14 00:02 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-14 00:02 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-14 00:02 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-05-14 00:02 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-05-14 00:02 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-05-14 00:02 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys

2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys

2014-05-12 19:06 - 2014-05-12 19:06 - 00000941 _____ () C:\Users\Nutte\Desktop\Neues Textdokument (2).txt

2014-05-12 19:06 - 2014-05-12 18:48 - 00001006 _____ () C:\Users\Nutte\Desktop\BO_xInstantHook_Default.ini

2014-05-11 21:09 - 2014-05-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3

2014-05-10 23:28 - 2014-05-10 23:28 - 00000000 ____D () C:\Users\Nutte\AppData\Local\fabi.me

2014-05-10 18:15 - 2014-05-10 18:15 - 00000419 _____ () C:\Users\Public\Desktop\S4League.lnk

2014-05-10 18:13 - 2014-05-10 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League

2014-05-06 22:28 - 2014-05-14 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
 

==================== One Month Modified Files and Folders =======
 

2014-05-28 21:32 - 2014-05-28 21:31 - 00019740 _____ () C:\Users\Nutte\Downloads\FRST.txt

2014-05-28 21:31 - 2014-05-28 21:31 - 00000000 ____D () C:\FRST

2014-05-28 21:31 - 2014-01-15 15:04 - 00000000 ____D () C:\ProgramData\MFAData

2014-05-28 21:24 - 2014-05-28 21:24 - 02066944 _____ (Farbar) C:\Users\Nutte\Downloads\FRST64.exe

2014-05-28 21:13 - 2014-05-28 21:13 - 13049005 _____ () C:\Users\Nutte\Desktop\Creepypasta Archives- Squidward's Suicide FOUND FOOTAGE 7.mp4

2014-05-28 12:50 - 2013-10-13 19:37 - 00395299 _____ () C:\Windows\WindowsUpdate.log

2014-05-28 12:21 - 2009-07-14 06:45 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-28 12:21 - 2009-07-14 06:45 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-28 12:19 - 2009-07-14 19:58 - 00701310 _____ () C:\Windows\system32\perfh007.dat

2014-05-28 12:19 - 2009-07-14 19:58 - 00150210 _____ () C:\Windows\system32\perfc007.dat

2014-05-28 12:19 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-28 12:18 - 2014-03-31 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-05-28 12:12 - 2014-05-27 21:43 - 00000672 _____ () C:\Windows\setupact.log

2014-05-28 12:11 - 2012-08-03 18:06 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-05-27 23:32 - 2013-12-19 13:12 - 00000000 ____D () C:\Users\Nutte\Desktop\Download

2014-05-27 22:55 - 2013-12-10 19:11 - 00000000 ____D () C:\Users\Nutte\Desktop\Programme

2014-05-27 22:02 - 2014-05-27 22:02 - 00000133 _____ () C:\Users\Nutte\Desktop\Neues Textdokument.txt

2014-05-27 21:59 - 2014-01-07 20:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-05-27 21:59 - 2012-08-02 18:11 - 00000000 ____D () C:\Program Files (x86)\Java

2014-05-27 21:58 - 2014-05-27 21:58 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-05-27 21:58 - 2014-05-27 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-27 21:58 - 2012-08-02 18:11 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-05-27 21:58 - 2012-08-02 18:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-05-27 21:58 - 2012-08-02 18:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-05-27 21:58 - 2012-08-02 18:11 - 00000000 ____D () C:\Program Files\Java

2014-05-27 21:53 - 2013-06-02 22:02 - 00000000 ____D () C:\Users\Nutte\Desktop\Spiele

2014-05-27 21:51 - 2014-05-27 21:51 - 00700783 ____R (Swearware) C:\Users\Nutte\Desktop\dds+.exe

2014-05-27 21:43 - 2014-05-27 21:43 - 00013660 _____ () C:\Windows\PFRO.log

2014-05-27 21:43 - 2014-05-27 21:43 - 00000000 _____ () C:\Windows\setuperr.log

2014-05-27 21:17 - 2014-03-10 09:43 - 00000000 ____D () C:\Program Files (x86)\Google

2014-05-27 21:12 - 2014-05-27 21:12 - 00004439 _____ () C:\Users\Nutte\Desktop\JRT.txt

2014-05-27 16:32 - 2014-05-27 16:32 - 00000118 _____ () C:\#system_booting.bat

2014-05-27 16:26 - 2014-05-27 16:25 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm (1).exe

2014-05-26 23:00 - 2012-08-02 20:59 - 00000000 ____D () C:\Users\Nutte\AppData\Roaming\TS3Client

2014-05-26 22:27 - 2014-05-26 22:27 - 00112704 _____ () C:\Users\Nutte\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-25 20:35 - 2014-05-25 20:34 - 05058616 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-05-25 20:32 - 2014-05-25 20:32 - 00003392 ____N () C:\bootsqm.dat

2014-05-25 20:10 - 2013-07-12 21:40 - 00000000 ____D () C:\Program Files\Google

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieUserList

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieSiteList

2014-05-25 19:55 - 2013-05-31 20:32 - 00000000 ____D () C:\Users\Nutte\AppData\Local\Google

2014-05-25 07:16 - 2014-05-25 07:16 - 00000576 _____ () C:\Users\Nutte\Desktop\ZynoxCodeLoader - Verknüpfung.lnk

2014-05-24 14:29 - 2014-05-24 14:29 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm.exe

2014-05-23 11:42 - 2014-05-23 11:42 - 00000652 _____ () C:\Users\Public\Desktop\MAESTIA.lnk

2014-05-23 11:42 - 2014-05-23 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA

2014-05-23 10:45 - 2014-05-21 08:50 - 00000000 ____D () C:\Users\Nutte\Downloads\Gameforge Live

2014-05-18 06:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery

2014-05-17 22:44 - 2014-02-17 22:25 - 00000000 ____D () C:\Program Files (x86)\WS-Booster

2014-05-17 22:42 - 2014-05-17 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-05-17 22:42 - 2014-05-17 22:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-05-17 22:42 - 2014-05-17 22:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-05-17 22:42 - 2014-05-17 22:39 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

2014-05-17 22:41 - 2014-05-17 22:41 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job

2014-05-17 22:39 - 2014-05-17 22:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-05-17 22:39 - 2014-05-17 22:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00000000 ____D () C:\Program Files\AVAST Software

2014-05-17 22:39 - 2013-10-17 15:49 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-05-17 22:37 - 2013-07-23 19:31 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-05-17 20:46 - 2014-05-17 19:35 - 00131428 _____ () C:\Windows\system32\avgrep.txt

2014-05-17 19:18 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-17 19:12 - 2014-01-30 19:14 - 00000680 __RSH () C:\Users\Nutte\ntuser.pol

2014-05-17 19:12 - 2012-08-02 18:14 - 00000000 ____D () C:\Users\Nutte

2014-05-14 12:46 - 2012-08-02 18:14 - 00000000 ___RD () C:\Users\Nutte\Virtual Machines

2014-05-14 12:46 - 2012-08-02 18:14 - 00000000 ___RD () C:\Users\Nutte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-14 12:46 - 2012-08-02 18:14 - 00000000 ___RD () C:\Users\Nutte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-14 11:38 - 2014-05-06 22:28 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-14 11:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-05-14 01:52 - 2014-01-15 22:23 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-14 01:50 - 2012-08-02 18:08 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys

2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys

2014-05-12 19:06 - 2014-05-12 19:06 - 00000941 _____ () C:\Users\Nutte\Desktop\Neues Textdokument (2).txt

2014-05-12 18:48 - 2014-05-12 19:06 - 00001006 _____ () C:\Users\Nutte\Desktop\BO_xInstantHook_Default.ini

2014-05-11 21:09 - 2014-05-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3

2014-05-10 23:28 - 2014-05-10 23:28 - 00000000 ____D () C:\Users\Nutte\AppData\Local\fabi.me

2014-05-10 18:15 - 2014-05-10 18:15 - 00000419 _____ () C:\Users\Public\Desktop\S4League.lnk

2014-05-10 18:13 - 2014-05-10 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League

2014-05-10 18:13 - 2014-01-21 23:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-05-09 08:14 - 2014-05-14 00:03 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 08:11 - 2014-05-14 00:03 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-06 06:40 - 2014-05-14 01:52 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 06:17 - 2014-05-14 01:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 05:25 - 2014-05-14 01:52 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-06 05:07 - 2014-05-14 01:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-06 05:00 - 2014-05-14 01:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-06 04:10 - 2014-05-14 01:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-04-30 11:39 - 2012-08-02 18:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-04-30 11:39 - 2012-08-02 18:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-04-30 11:39 - 2012-08-02 18:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
 

Files to move or delete:

====================

C:\ProgramData\nud0repor.pad
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-06-24 18:19
 

==================== End Of Log ============================

--- --- ---

2. Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02

Ran by Nutte at 2014-05-28 21:32:32

Running from C:\Users\Nutte\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 

==================== Installed Programs ======================
 

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.1.601 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)

AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Call of Duty Black Ops - Mod Tools (BETA) (HKLM-x32\...\Steam App 42740) (Version:  - )

Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)

Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )

Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )

Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)

Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )

Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)

Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Free Video Dub version 2.0.14.1005 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.14.1005 - DVDVideoSoft Ltd.)

GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)

Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden

Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)

MAESTIA Version 201307 (HKLM-x32\...\{8F50EC3D-C482-4445-9E4B-991A766047D5}_is1) (Version: 201307 - ANDROMEDAGAMES)

Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Midnight Club II (HKLM-x32\...\{F3856E7C-AD71-48E1-9A95-6D7E7FCB164A}) (Version: 2.0 - )

MorphVOX Pro (HKLM-x32\...\{30C87BBE-A13E-48BA-951A-DD545B0EE322}) (Version: 4.4.6 - Screaming Bee)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )

NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)

NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)

Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)

ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.0.0 - ParetoLogic, Inc.)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

S4 League_EU (HKLM-x32\...\{5B13397D-9A77-4070-A111-23E1DA1D33F2}) (Version: 1.00.0000 - )

SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden

SiSoftware Sandra Lite 2014.RTM (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.10.2014.2 - SiSoftware)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden

TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)

TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden

Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)

VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)

WhiteCap (HKLM-x32\...\WhiteCap) (Version: 5.7.1 - SoundSpectrum)

Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)

Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)

Windows 7 Codec Pack 4.0.8 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.8 - Windows 7 Codec Pack)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)

Windows Software Development Kit (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit EULA (x32 Version: 8.59.25584 - Microsoft Corporations) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.29699 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.29699 - Microsoft Corporation) Hidden

Windows Software Development Kit Redistributables (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden

Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)

WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Wise Folder Hider 1.53 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 1.53 - WiseCleaner.com, Inc.)
 

==================== Restore Points  =========================
 

17-05-2014 20:38:31 avast! antivirus system restore point

21-05-2014 04:34:41 Windows Update

21-05-2014 06:52:14 DirectX wurde installiert

22-05-2014 17:39:21 DirectX wurde installiert

27-05-2014 19:57:55 Installed Java 7 Update 55 (64-bit)

27-05-2014 19:59:18 Removed Java(TM) 6 Update 17

27-05-2014 20:00:17 Removed Java 7 Update 25

27-05-2014 20:01:03 Removed Java(TM) 6 Update 17 (64-bit)

27-05-2014 20:02:00 JavaFX 2.1.1 wird entfernt
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {00710DE4-3935-4D6D-859A-A3EDE2B581B9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {232F00D0-D7DC-4CD7-A298-9B289117FBF9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe

Task: {2916B27A-1200-4EDC-8802-2BAD4BCE8D79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe

Task: {4591790B-4F25-4032-B982-0EE32F4E816A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001Core => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14] (Facebook Inc.)

Task: {5A6F2721-664E-4FF6-9ABE-097C3FF897B4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe

Task: {5EE14ADF-A08C-4136-A591-9EB02F6BF855} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001UA => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14] (Facebook Inc.)

Task: {A92BFE26-8375-4E47-9D11-3824FCDC6961} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001UA => C:\Users\Nutte\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {A95B55C0-FBFD-4D71-842C-35EC5CF65F83} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001Core => C:\Users\Nutte\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {B19C98C6-91FE-4003-B8A6-4B6A90ABA2CB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

Task: {E4034118-D49C-4EE5-B065-C1A293EE00A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30] (Adobe Systems Incorporated)

Task: {EA1C294A-B356-4976-AA5E-5A5D14C0EA59} - \YourFile Update No Task File <==== ATTENTION

Task: {F30F3AAF-1556-49AD-B8C8-9EFC8B6ECF42} - System32\Tasks\{198629CD-7DF1-4E8F-BCB1-BAB53C57A4EF} => C:\Program Files (x86)\Rainmeter.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001Core.job => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001UA.job => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll

Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe

Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe

Task: C:\Windows\Tasks\SidebarExecute.job => C:\Program Files\Windows Sidebar\sidebar.exe

Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{8E672420-D33F-4523-98D4-83389212186A}.job => C:\Windows\system32\msfeedssync.exe
 

==================== Loaded Modules (whitelisted) =============
 

2012-08-03 18:11 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2012-08-03 19:27 - 2012-08-03 21:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll

2014-05-27 22:31 - 2014-05-27 22:31 - 02256384 _____ () C:\Program Files\AVAST Software\Avast\defs\14052701\algo.dll

2014-05-28 12:11 - 2014-05-28 12:11 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14052800\algo.dll

2014-05-28 20:29 - 2014-05-28 20:29 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14052801\algo.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 

==================== EXE Association (whitelisted) =============
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\startupfolder: C:^Users^Nutte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Real Desktop.lnk => C:\Windows\pss\Real Desktop.lnk.Startup

MSCONFIG\startupreg: 4StoryPrePatch => D:\4Story_DE\PrePatch.exe

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Nutte\AppData\Local\Smartbar\Application\Smartbar.exe startup

MSCONFIG\startupreg: EADM => "D:\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: kdtsttp => regsvr32.exe "C:\ProgramData\kdtsttp.dat"

MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

MSCONFIG\startupreg: OKAYFREEDOM_Agent => "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent

MSCONFIG\startupreg: Real Desktop => "C:\Program Files (x86)\Real Desktop\Real Desktop.exe"

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

MSCONFIG\startupreg: Unified Remote v2 => C:\Program Files (x86)\Unified Remote\RemoteServer.exe

MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (05/28/2014 00:16:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm s4client.exe, Version 0.8.32.17099 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 51c
 

Startzeit: 01cf7a5dbbe93c73
 

Endzeit: 360
 

Anwendungspfad: D:\Spiele\s4client.exe
 

Berichts-ID: 2c624d77-e651-11e3-93b6-001fd0974b3e
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 

System errors:

=============

Error: (05/28/2014 00:12:58 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/28/2014 00:11:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 10:58:15 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
 

Error: (05/27/2014 10:31:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/27/2014 10:31:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 10:08:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/27/2014 10:05:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 09:46:36 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/27/2014 09:44:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 09:43:55 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎27.‎05.‎2014 um 21:40:58 unerwartet heruntergefahren.
 
 

Microsoft Office Sessions:

=========================

Error: (05/28/2014 00:16:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: s4client.exe0.8.32.1709951c01cf7a5dbbe93c73360D:\Spiele\s4client.exe2c624d77-e651-11e3-93b6-001fd0974b3e
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutte\Desktop\Programme\esetsmartinstaller_deu.exe
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutte\Desktop\Programme\esetsmartinstaller_deu.exe
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 33%

Total physical RAM: 6142.49 MB

Available physical RAM: 4094.11 MB

Total Pagefile: 12283.16 MB

Available Pagefile: 10144.73 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:74.53 GB) (Free:12.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Lokaler Datenträger) (Fixed) (Total:465.76 GB) (Free:341.6 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 5977A1C7)

Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 2CC12CC0)

Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Code:

# AdwCleaner v3.211 - Bericht erstellt am 31/05/2014 um 21:34:38

# Aktualisiert 26/05/2014 von Xplode

# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)

# Benutzername : Nutte - SASCHA

# Gestartet von : C:\Users\Nutte\Downloads\adwcleaner_3.211.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\NextCoup

Ordner Gelöscht : C:\ProgramData\ParetoLogic

Ordner Gelöscht : C:\ProgramData\webesave

Ordner Gelöscht : C:\Program Files (x86)\NextCoup

Ordner Gelöscht : C:\Program Files (x86)\ParetoLogic

Ordner Gelöscht : C:\Program Files (x86)\webesave

Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic

Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch

Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch

Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch

Ordner Gelöscht : C:\Users\Nutte\AppData\Roaming\DownLite

Ordner Gelöscht : C:\Users\Nutte\AppData\Roaming\DriverCure

Ordner Gelöscht : C:\Users\Nutte\AppData\Roaming\ParetoLogic

Ordner Gelöscht : C:\Users\Nutte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic

Ordner Gelöscht : C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\fwzaxkv_t@o-odd.co.uk

Ordner Gelöscht : C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\zfwm5_zxw@iy-btah.org

Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmhhembikilgkbpkkpmahmegeglkdck

Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmhhembikilgkbpkkpmahmegeglkdck

Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmhhembikilgkbpkkpmahmegeglkdck

Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmhhembikilgkbpkkpmahmegeglkdck

Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chchdmpmgppggflpiecmmfmjifomccfa

Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chchdmpmgppggflpiecmmfmjifomccfa

Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\chchdmpmgppggflpiecmmfmjifomccfa

Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\chchdmpmgppggflpiecmmfmjifomccfa

Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncogkegnflocojhbhlikigaokjnmeha

Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncogkegnflocojhbhlikigaokjnmeha

Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncogkegnflocojhbhlikigaokjnmeha

Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncogkegnflocojhbhlikigaokjnmeha

Datei Gelöscht : C:\Users\Nutte\daemonprocess.txt

Datei Gelöscht : C:\Windows\Tasks\paretologic registration3.job

Datei Gelöscht : C:\Windows\Tasks\paretologic update version3.job

Datei Gelöscht : C:\Windows\Tasks\PC Health Advisor Defrag.job

Datei Gelöscht : C:\Windows\Tasks\PC Health Advisor.job
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}

Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Schlüssel Gelöscht : HKCU\Software\ParetoLogic

Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software

Schlüssel Gelöscht : HKLM\Software\ParetoLogic

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ParetoLogic
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.17041
 
 

-\\ Mozilla Firefox v28.0 (de)
 

[ Datei : C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\prefs.js ]
 

Zeile gelöscht : user_pref("extensions.5wVEmJS.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sum[...]

Zeile gelöscht : user_pref("extensions.MuDLsZ.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumo[...]

Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);

Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);

Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);

Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);

Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 14);

Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1399892724080");

Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);

Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "139911");

Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");

Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "yahoooc_pkr");

Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"www.only-apartments.es\\\",\\\"www.only-apartments.de\\\",\\\"www.only-apar[...]

Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");

Zeile gelöscht : user_pref("extensions.helperbar.installationid", "4bd9aa49-b2ed-4c23-82ee-38b373af8ec5");

Zeile gelöscht : user_pref("extensions.helperbar.installdate", "11/05/2014");

Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1400065523");

Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1400185783032");

Zeile gelöscht : user_pref("extensions.helperbar.publisher", "yahoooc");
 

-\\ Google Chrome v
 

[ Datei : C:\Users\Nutte\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 

*************************
 

AdwCleaner[R0].txt - [137302 octets] - [10/03/2014 14:46:25]

AdwCleaner[R1].txt - [8419 octets] - [30/05/2014 22:23:33]

AdwCleaner[R2].txt - [8540 octets] - [31/05/2014 21:32:52]

AdwCleaner[S0].txt - [131991 octets] - [10/03/2014 14:49:14]

AdwCleaner[S1].txt - [8276 octets] - [31/05/2014 21:34:38]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8336 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Ultimate x64

Ran by Nutte on 31.05.2014 at 21:39:45,88

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 31.05.2014 at 21:48:10,47

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02

Ran by Nutte (administrator) on SASCHA on 31-05-2014 21:48:45

Running from C:\Users\Nutte\Downloads

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe

(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(Opera Software) C:\Program Files (x86)\Opera\opera.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1064224 2013-11-14] (NVIDIA Corporation)

HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)

HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)

HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-30] (AVAST Software)

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Run: [Steam] => D:\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Policies\Explorer: [TaskbarNoNotification] 0

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\Policies\Explorer: [HideSCAHealth] 0

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\MountPoints2: {391d85f6-967b-11e2-9b46-001fd0974b3e} - G:\Startme.exe

HKU\S-1-5-21-1552988970-2330680414-1089751995-1001\...\MountPoints2: {a13880e2-41de-11e2-90f4-001fd0974b3e} - H:\Startme.exe

IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\adobe extension manager cs6.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\extendscript toolkit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x383EC1F9CA70CD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKLM - {46B777C3-B2EC-4DF2-98F7-10ECD1D11EC0} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms}

SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzytCtAtCzz0DtDtC0C0B0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=2045799266&ir=

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\iTuns\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Nutte\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Nutte\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FireShot - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-05-18]

FF Extension: ProxTube - Unblock YouTube - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013-12-09]

FF Extension: DownloadHelper - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-19]

FF Extension: FTdownloader V3.0 - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]

FF Extension: Pinger - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\janetka@pinger.xpi [2012-08-25]

FF Extension: leethax.net extension - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\leethax@leethax.net.xpi [2013-07-20]

FF Extension: ReloadEvery - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-09-06]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Nutte\AppData\Roaming\Mozilla\Firefox\Profiles\sx53d7dj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-12-06]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-17]
 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "hxxp://www.google.com/"

CHR Extension: (Google Docs) - C:\Users\Nutte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]

CHR Extension: (Google Drive) - C:\Users\Nutte\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]

CHR Extension: (Google Wallet) - C:\Users\Nutte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-21]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-17]
 

==================== Services (Whitelisted) =================
 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-17] (AVAST Software)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4999600 2012-10-24] (INCA Internet Co., Ltd.)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-08-03] ()

R2 RalinkRegistryWriter; C:\Program Files (x86)\Logilink\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)

R2 RalinkRegistryWriter64; C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)

S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware)

S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-07-13] (soft Xpansion)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
 

==================== Drivers (Whitelisted) ====================
 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-17] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-17] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-17] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-17] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-17] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-17] (AVAST Software)

S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-17] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-17] ()

R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)

S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-09-18] (Windows (R) Win 7 DDK provider)

R3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [180544 2012-09-20] (Saitek)

R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)

R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)

S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)

R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-07-16] (Sony Ericsson Mobile Communications)

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)

R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)

S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 massfilter; system32\drivers\massfilter.sys [X]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]

S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]

S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-05-31 21:48 - 2014-05-31 21:48 - 00000621 _____ () C:\Users\Nutte\Desktop\JRT.txt

2014-05-30 22:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-05-30 22:22 - 2014-05-30 22:22 - 01327971 _____ () C:\Users\Nutte\Downloads\adwcleaner_3.211.exe

2014-05-28 21:32 - 2014-05-28 21:33 - 00030437 _____ () C:\Users\Nutte\Downloads\Addition.txt

2014-05-28 21:31 - 2014-05-31 21:48 - 00015785 _____ () C:\Users\Nutte\Downloads\FRST.txt

2014-05-28 21:31 - 2014-05-31 21:48 - 00000000 ____D () C:\FRST

2014-05-28 21:24 - 2014-05-28 21:24 - 02066944 _____ (Farbar) C:\Users\Nutte\Downloads\FRST64.exe

2014-05-28 21:13 - 2014-05-28 21:13 - 13049005 _____ () C:\Users\Nutte\Desktop\Creepypasta Archives- Squidward's Suicide FOUND FOOTAGE 7.mp4

2014-05-27 22:02 - 2014-05-27 22:02 - 00000133 _____ () C:\Users\Nutte\Desktop\Neues Textdokument.txt

2014-05-27 21:58 - 2014-05-27 21:58 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-05-27 21:58 - 2014-05-27 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-27 21:51 - 2014-05-27 21:51 - 00700783 ____R (Swearware) C:\Users\Nutte\Desktop\dds+.exe

2014-05-27 21:43 - 2014-05-31 21:36 - 00031610 _____ () C:\Windows\PFRO.log

2014-05-27 21:43 - 2014-05-31 21:36 - 00003976 _____ () C:\Windows\setupact.log

2014-05-27 21:43 - 2014-05-27 21:43 - 00000000 _____ () C:\Windows\setuperr.log

2014-05-27 16:32 - 2014-05-27 16:32 - 00000118 _____ () C:\#system_booting.bat

2014-05-27 16:25 - 2014-05-27 16:26 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm (1).exe

2014-05-26 22:27 - 2014-05-26 22:27 - 00112704 _____ () C:\Users\Nutte\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-26 12:53 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Nutte\Desktop\JRT_NEW.exe

2014-05-25 20:34 - 2014-05-25 20:35 - 05058616 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-05-25 20:32 - 2014-05-25 20:32 - 00003392 ____N () C:\bootsqm.dat

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieUserList

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieSiteList

2014-05-25 07:16 - 2014-05-25 07:16 - 00000576 _____ () C:\Users\Nutte\Desktop\ZynoxCodeLoader - Verknüpfung.lnk

2014-05-24 14:29 - 2014-05-24 14:29 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm.exe

2014-05-23 11:42 - 2014-05-23 11:42 - 00000652 _____ () C:\Users\Public\Desktop\MAESTIA.lnk

2014-05-23 11:41 - 2014-05-23 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA

2014-05-21 08:50 - 2014-05-23 10:45 - 00000000 ____D () C:\Users\Nutte\Downloads\Gameforge Live

2014-05-17 22:42 - 2014-05-17 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-05-17 22:41 - 2014-05-17 22:41 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job

2014-05-17 22:39 - 2014-05-17 22:42 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-05-17 22:39 - 2014-05-17 22:42 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-05-17 22:39 - 2014-05-17 22:42 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-05-17 22:39 - 2014-05-17 22:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00000000 ____D () C:\Program Files\AVAST Software

2014-05-17 19:35 - 2014-05-17 20:46 - 00131428 _____ () C:\Windows\system32\avgrep.txt

2014-05-14 01:52 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-14 01:52 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-14 01:52 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-14 01:52 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-14 01:52 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-14 01:52 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-14 00:03 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-14 00:03 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-14 00:03 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-14 00:03 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-05-14 00:02 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-14 00:02 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-14 00:02 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-14 00:02 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-14 00:02 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-14 00:02 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-14 00:02 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-14 00:02 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-05-14 00:02 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-05-14 00:02 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-14 00:02 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-14 00:02 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-14 00:02 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-14 00:02 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-14 00:02 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-05-14 00:02 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-05-14 00:02 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-05-14 00:02 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-05-14 00:02 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-05-12 19:06 - 2014-05-12 19:06 - 00000941 _____ () C:\Users\Nutte\Desktop\Neues Textdokument (2).txt

2014-05-12 19:06 - 2014-05-12 18:48 - 00001006 _____ () C:\Users\Nutte\Desktop\BO_xInstantHook_Default.ini

2014-05-11 21:09 - 2014-05-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3

2014-05-10 23:28 - 2014-05-10 23:28 - 00000000 ____D () C:\Users\Nutte\AppData\Local\fabi.me

2014-05-10 18:15 - 2014-05-10 18:15 - 00000419 _____ () C:\Users\Public\Desktop\S4League.lnk

2014-05-10 18:13 - 2014-05-10 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League

2014-05-06 22:28 - 2014-05-14 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
 

==================== One Month Modified Files and Folders =======
 

2014-05-31 21:49 - 2014-05-28 21:31 - 00015785 _____ () C:\Users\Nutte\Downloads\FRST.txt

2014-05-31 21:48 - 2014-05-31 21:48 - 00000621 _____ () C:\Users\Nutte\Desktop\JRT.txt

2014-05-31 21:48 - 2014-05-28 21:31 - 00000000 ____D () C:\FRST

2014-05-31 21:43 - 2009-07-14 06:45 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-31 21:43 - 2009-07-14 06:45 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-31 21:36 - 2014-05-27 21:43 - 00031610 _____ () C:\Windows\PFRO.log

2014-05-31 21:36 - 2014-05-27 21:43 - 00003976 _____ () C:\Windows\setupact.log

2014-05-31 21:36 - 2012-08-03 18:06 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-05-31 21:35 - 2013-10-13 19:37 - 00630504 _____ () C:\Windows\WindowsUpdate.log

2014-05-31 21:34 - 2014-03-10 12:49 - 00000000 ____D () C:\AdwCleaner

2014-05-31 21:34 - 2012-08-02 18:14 - 00000000 ____D () C:\Users\Nutte

2014-05-31 15:00 - 2012-08-02 20:59 - 00000000 ____D () C:\Users\Nutte\AppData\Roaming\TS3Client

2014-05-31 12:57 - 2012-08-02 18:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-05-31 12:57 - 2012-08-02 18:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-05-31 12:57 - 2012-08-02 18:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-05-30 22:22 - 2014-05-30 22:22 - 01327971 _____ () C:\Users\Nutte\Downloads\adwcleaner_3.211.exe

2014-05-29 10:32 - 2014-01-15 15:07 - 00000000 ____D () C:\ProgramData\AVG2014

2014-05-29 10:32 - 2014-01-15 15:04 - 00000000 ____D () C:\ProgramData\MFAData

2014-05-28 22:33 - 2014-01-15 15:04 - 00000000 ____D () C:\Users\Nutte\AppData\Local\Avg2014

2014-05-28 22:16 - 2014-01-15 15:07 - 00000000 ___HD () C:\$AVG

2014-05-28 22:09 - 2014-01-30 19:14 - 00000008 __RSH () C:\Users\Nutte\ntuser.pol

2014-05-28 22:09 - 2013-06-14 22:00 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-05-28 22:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-05-28 21:33 - 2014-05-28 21:32 - 00030437 _____ () C:\Users\Nutte\Downloads\Addition.txt

2014-05-28 21:24 - 2014-05-28 21:24 - 02066944 _____ (Farbar) C:\Users\Nutte\Downloads\FRST64.exe

2014-05-28 21:13 - 2014-05-28 21:13 - 13049005 _____ () C:\Users\Nutte\Desktop\Creepypasta Archives- Squidward's Suicide FOUND FOOTAGE 7.mp4

2014-05-28 12:19 - 2009-07-14 19:58 - 00701310 _____ () C:\Windows\system32\perfh007.dat

2014-05-28 12:19 - 2009-07-14 19:58 - 00150210 _____ () C:\Windows\system32\perfc007.dat

2014-05-28 12:19 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-27 23:32 - 2013-12-19 13:12 - 00000000 ____D () C:\Users\Nutte\Desktop\Download

2014-05-27 22:55 - 2013-12-10 19:11 - 00000000 ____D () C:\Users\Nutte\Desktop\Programme

2014-05-27 22:02 - 2014-05-27 22:02 - 00000133 _____ () C:\Users\Nutte\Desktop\Neues Textdokument.txt

2014-05-27 21:59 - 2014-01-07 20:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-05-27 21:59 - 2012-08-02 18:11 - 00000000 ____D () C:\Program Files (x86)\Java

2014-05-27 21:58 - 2014-05-27 21:58 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-05-27 21:58 - 2014-05-27 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-27 21:58 - 2012-08-02 18:11 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-05-27 21:58 - 2012-08-02 18:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-05-27 21:58 - 2012-08-02 18:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-05-27 21:58 - 2012-08-02 18:11 - 00000000 ____D () C:\Program Files\Java

2014-05-27 21:53 - 2013-06-02 22:02 - 00000000 ____D () C:\Users\Nutte\Desktop\Spiele

2014-05-27 21:51 - 2014-05-27 21:51 - 00700783 ____R (Swearware) C:\Users\Nutte\Desktop\dds+.exe

2014-05-27 21:43 - 2014-05-27 21:43 - 00000000 _____ () C:\Windows\setuperr.log

2014-05-27 21:17 - 2014-03-10 09:43 - 00000000 ____D () C:\Program Files (x86)\Google

2014-05-27 16:32 - 2014-05-27 16:32 - 00000118 _____ () C:\#system_booting.bat

2014-05-27 16:26 - 2014-05-27 16:25 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm (1).exe

2014-05-26 22:27 - 2014-05-26 22:27 - 00112704 _____ () C:\Users\Nutte\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-25 20:35 - 2014-05-25 20:34 - 05058616 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-05-25 20:32 - 2014-05-25 20:32 - 00003392 ____N () C:\bootsqm.dat

2014-05-25 20:10 - 2013-07-12 21:40 - 00000000 ____D () C:\Program Files\Google

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieUserList

2014-05-25 19:55 - 2014-05-25 19:55 - 00000000 __SHD () C:\Users\Nutte\AppData\Local\EmieSiteList

2014-05-25 19:55 - 2013-05-31 20:32 - 00000000 ____D () C:\Users\Nutte\AppData\Local\Google

2014-05-25 07:16 - 2014-05-25 07:16 - 00000576 _____ () C:\Users\Nutte\Desktop\ZynoxCodeLoader - Verknüpfung.lnk

2014-05-24 14:29 - 2014-05-24 14:29 - 01043864 _____ (Solid State Networks) C:\Users\Nutte\Downloads\s4league-dlm.exe

2014-05-23 11:42 - 2014-05-23 11:42 - 00000652 _____ () C:\Users\Public\Desktop\MAESTIA.lnk

2014-05-23 11:42 - 2014-05-23 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA

2014-05-23 10:45 - 2014-05-21 08:50 - 00000000 ____D () C:\Users\Nutte\Downloads\Gameforge Live

2014-05-18 06:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery

2014-05-17 22:42 - 2014-05-17 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-05-17 22:42 - 2014-05-17 22:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-05-17 22:42 - 2014-05-17 22:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-05-17 22:42 - 2014-05-17 22:39 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

2014-05-17 22:41 - 2014-05-17 22:41 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job

2014-05-17 22:39 - 2014-05-17 22:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400359334183

2014-05-17 22:39 - 2014-05-17 22:39 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-05-17 22:39 - 2014-05-17 22:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-05-17 22:39 - 2014-05-17 22:39 - 00000000 ____D () C:\Program Files\AVAST Software

2014-05-17 22:39 - 2013-10-17 15:49 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-05-17 22:37 - 2013-07-23 19:31 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-05-17 20:46 - 2014-05-17 19:35 - 00131428 _____ () C:\Windows\system32\avgrep.txt

2014-05-17 19:18 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-14 12:46 - 2012-08-02 18:14 - 00000000 ___RD () C:\Users\Nutte\Virtual Machines

2014-05-14 12:46 - 2012-08-02 18:14 - 00000000 ___RD () C:\Users\Nutte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-14 12:46 - 2012-08-02 18:14 - 00000000 ___RD () C:\Users\Nutte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-14 11:38 - 2014-05-06 22:28 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-14 11:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-05-14 01:52 - 2014-01-15 22:23 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-14 01:50 - 2012-08-02 18:08 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-12 19:06 - 2014-05-12 19:06 - 00000941 _____ () C:\Users\Nutte\Desktop\Neues Textdokument (2).txt

2014-05-12 18:48 - 2014-05-12 19:06 - 00001006 _____ () C:\Users\Nutte\Desktop\BO_xInstantHook_Default.ini

2014-05-11 21:09 - 2014-05-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3

2014-05-10 23:28 - 2014-05-10 23:28 - 00000000 ____D () C:\Users\Nutte\AppData\Local\fabi.me

2014-05-10 18:15 - 2014-05-10 18:15 - 00000419 _____ () C:\Users\Public\Desktop\S4League.lnk

2014-05-10 18:13 - 2014-05-10 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League

2014-05-10 18:13 - 2014-01-21 23:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-05-09 08:14 - 2014-05-14 00:03 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 08:11 - 2014-05-14 00:03 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-06 06:40 - 2014-05-14 01:52 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 06:17 - 2014-05-14 01:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 05:25 - 2014-05-14 01:52 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-06 05:07 - 2014-05-14 01:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-06 05:00 - 2014-05-14 01:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-06 04:10 - 2014-05-14 01:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
 

Some content of TEMP:

====================

C:\Users\Nutte\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-06-24 18:19
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02

Ran by Nutte at 2014-05-28 21:32:32

Running from C:\Users\Nutte\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 

==================== Installed Programs ======================
 

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.1.601 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)

AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Call of Duty Black Ops - Mod Tools (BETA) (HKLM-x32\...\Steam App 42740) (Version:  - )

Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)

Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )

Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )

Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)

Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )

Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)

Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Free Video Dub version 2.0.14.1005 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.14.1005 - DVDVideoSoft Ltd.)

GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)

Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden

Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)

MAESTIA Version 201307 (HKLM-x32\...\{8F50EC3D-C482-4445-9E4B-991A766047D5}_is1) (Version: 201307 - ANDROMEDAGAMES)

Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Midnight Club II (HKLM-x32\...\{F3856E7C-AD71-48E1-9A95-6D7E7FCB164A}) (Version: 2.0 - )

MorphVOX Pro (HKLM-x32\...\{30C87BBE-A13E-48BA-951A-DD545B0EE322}) (Version: 4.4.6 - Screaming Bee)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )

NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)

NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)

Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)

ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.0.0 - ParetoLogic, Inc.)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

S4 League_EU (HKLM-x32\...\{5B13397D-9A77-4070-A111-23E1DA1D33F2}) (Version: 1.00.0000 - )

SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden

SiSoftware Sandra Lite 2014.RTM (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.10.2014.2 - SiSoftware)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden

TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)

TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden

Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)

VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)

WhiteCap (HKLM-x32\...\WhiteCap) (Version: 5.7.1 - SoundSpectrum)

Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)

Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)

Windows 7 Codec Pack 4.0.8 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.8 - Windows 7 Codec Pack)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)

Windows Software Development Kit (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit EULA (x32 Version: 8.59.25584 - Microsoft Corporations) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.29699 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.29699 - Microsoft Corporation) Hidden

Windows Software Development Kit Redistributables (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden

Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)

WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Wise Folder Hider 1.53 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 1.53 - WiseCleaner.com, Inc.)
 

==================== Restore Points  =========================
 

17-05-2014 20:38:31 avast! antivirus system restore point

21-05-2014 04:34:41 Windows Update

21-05-2014 06:52:14 DirectX wurde installiert

22-05-2014 17:39:21 DirectX wurde installiert

27-05-2014 19:57:55 Installed Java 7 Update 55 (64-bit)

27-05-2014 19:59:18 Removed Java(TM) 6 Update 17

27-05-2014 20:00:17 Removed Java 7 Update 25

27-05-2014 20:01:03 Removed Java(TM) 6 Update 17 (64-bit)

27-05-2014 20:02:00 JavaFX 2.1.1 wird entfernt
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {00710DE4-3935-4D6D-859A-A3EDE2B581B9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {232F00D0-D7DC-4CD7-A298-9B289117FBF9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe

Task: {2916B27A-1200-4EDC-8802-2BAD4BCE8D79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe

Task: {4591790B-4F25-4032-B982-0EE32F4E816A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001Core => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14] (Facebook Inc.)

Task: {5A6F2721-664E-4FF6-9ABE-097C3FF897B4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe

Task: {5EE14ADF-A08C-4136-A591-9EB02F6BF855} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001UA => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14] (Facebook Inc.)

Task: {A92BFE26-8375-4E47-9D11-3824FCDC6961} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001UA => C:\Users\Nutte\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {A95B55C0-FBFD-4D71-842C-35EC5CF65F83} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001Core => C:\Users\Nutte\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {B19C98C6-91FE-4003-B8A6-4B6A90ABA2CB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

Task: {E4034118-D49C-4EE5-B065-C1A293EE00A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30] (Adobe Systems Incorporated)

Task: {EA1C294A-B356-4976-AA5E-5A5D14C0EA59} - \YourFile Update No Task File <==== ATTENTION

Task: {F30F3AAF-1556-49AD-B8C8-9EFC8B6ECF42} - System32\Tasks\{198629CD-7DF1-4E8F-BCB1-BAB53C57A4EF} => C:\Program Files (x86)\Rainmeter.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001Core.job => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552988970-2330680414-1089751995-1001UA.job => C:\Users\Nutte\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll

Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe

Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe

Task: C:\Windows\Tasks\SidebarExecute.job => C:\Program Files\Windows Sidebar\sidebar.exe

Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{8E672420-D33F-4523-98D4-83389212186A}.job => C:\Windows\system32\msfeedssync.exe
 

==================== Loaded Modules (whitelisted) =============
 

2012-08-03 18:11 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2012-08-03 19:27 - 2012-08-03 21:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll

2014-05-27 22:31 - 2014-05-27 22:31 - 02256384 _____ () C:\Program Files\AVAST Software\Avast\defs\14052701\algo.dll

2014-05-28 12:11 - 2014-05-28 12:11 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14052800\algo.dll

2014-05-28 20:29 - 2014-05-28 20:29 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14052801\algo.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 

==================== EXE Association (whitelisted) =============
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\startupfolder: C:^Users^Nutte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Real Desktop.lnk => C:\Windows\pss\Real Desktop.lnk.Startup

MSCONFIG\startupreg: 4StoryPrePatch => D:\4Story_DE\PrePatch.exe

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Nutte\AppData\Local\Smartbar\Application\Smartbar.exe startup

MSCONFIG\startupreg: EADM => "D:\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: kdtsttp => regsvr32.exe "C:\ProgramData\kdtsttp.dat"

MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

MSCONFIG\startupreg: OKAYFREEDOM_Agent => "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent

MSCONFIG\startupreg: Real Desktop => "C:\Program Files (x86)\Real Desktop\Real Desktop.exe"

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

MSCONFIG\startupreg: Unified Remote v2 => C:\Program Files (x86)\Unified Remote\RemoteServer.exe

MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (05/28/2014 00:16:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm s4client.exe, Version 0.8.32.17099 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 51c
 

Startzeit: 01cf7a5dbbe93c73
 

Endzeit: 360
 

Anwendungspfad: D:\Spiele\s4client.exe
 

Berichts-ID: 2c624d77-e651-11e3-93b6-001fd0974b3e
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 

System errors:

=============

Error: (05/28/2014 00:12:58 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/28/2014 00:11:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 10:58:15 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
 

Error: (05/27/2014 10:31:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/27/2014 10:31:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 10:08:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/27/2014 10:05:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 09:46:36 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
 

Error: (05/27/2014 09:44:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WS-Sustainer erreicht.
 

Error: (05/27/2014 09:43:55 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎27.‎05.‎2014 um 21:40:58 unerwartet heruntergefahren.
 
 

Microsoft Office Sessions:

=========================

Error: (05/28/2014 00:16:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: s4client.exe0.8.32.1709951c01cf7a5dbbe93c73360D:\Spiele\s4client.exe2c624d77-e651-11e3-93b6-001fd0974b3e
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutte\Desktop\Programme\esetsmartinstaller_deu.exe
 

Error: (05/27/2014 09:53:32 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutte\Desktop\Programme\esetsmartinstaller_deu.exe
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 33%

Total physical RAM: 6142.49 MB

Available physical RAM: 4094.11 MB

Total Pagefile: 12283.16 MB

Available Pagefile: 10144.73 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:74.53 GB) (Free:12.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Lokaler Datenträger) (Fixed) (Total:465.76 GB) (Free:341.6 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 5977A1C7)

Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 2CC12CC0)

Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================