Windows 7 : ständig leere Pop Ups von cdn.cloudwm.com
Hallölchen,
seit vorgestern habe ich das Problem das bei quasi jedem Klick sich ein pop-up öffnet von cdn.cloudwm.com, als auch das pijoto.net & superfish.com bei jeder Seite mit geladen werden.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01
Ran by Askuras (administrator) on EPIC-TOWER on 17-07-2014 14:29:12
Running from C:\Users\Askuras\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal Code:
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
() C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
() C:\Program Files (x86)\Isis\isis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(Dropbox, Inc.) C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [IntelSBA] => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [5293760 2014-03-26] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-14] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Isis] => C:\Program Files (x86)\Isis\Isis.exe [330544 2014-07-14] ()
HKU\S-1-5-21-2425187811-2979876149-857028503-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-12] (Valve Corporation)
HKU\S-1-5-21-2425187811-2979876149-857028503-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2425187811-2979876149-857028503-1000\...\MountPoints2: D - D:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Askuras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0E0B0EtCyDyEtAzytBtC0EtN0D0Tzu0SyCzytBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=747970610&ir=
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0E0B0EtCyDyEtAzytBtC0EtN0D0Tzu0SyCzytBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=747970610&ir=
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=1387&r=2014/05/31&hid=10926161268956507376&lg=EN&cc=DE&unqvl=55
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0E0B0EtCyDyEtAzytBtC0EtN0D0Tzu0SyCzytBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=747970610&ir=
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{B97402A6-BFAF-4C9B-99C3-DB52D9FB0504}: [NameServer]192.168.99.254
FireFox:
========
FF ProfilePath: C:\Users\Askuras\AppData\Roaming\Mozilla\Firefox\Profiles\921kp5xj.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Askuras\AppData\Roaming\Mozilla\Firefox\Profiles\921kp5xj.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Askuras\AppData\Roaming\Mozilla\Firefox\Profiles\921kp5xj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: {49c2976e-bd18-4524-b8e6-8998a1b946ae} - C:\Users\Askuras\AppData\Roaming\Mozilla\Firefox\Profiles\921kp5xj.default\Extensions\{49c2976e-bd18-4524-b8e6-8998a1b946ae}.xpi [2013-10-17]
FF Extension: Adblock Plus - C:\Users\Askuras\AppData\Roaming\Mozilla\Firefox\Profiles\921kp5xj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-02]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-04-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR Extension: (bloomind ct deepdark) - C:\Users\Askuras\AppData\Local\Google\Chrome\User Data\Default\Extensions\djolekdiiojehgfggcjckachfgkkdmjd [2014-01-28]
CHR Extension: (AdBlock) - C:\Users\Askuras\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-28]
CHR Extension: (Google Wallet) - C:\Users\Askuras\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-14]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-14] (AVAST Software)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-11-30] (BioWare)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-26] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-04-18] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-02] ()
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-14] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-17] (DT Soft Ltd)
R1 isis; C:\Windows\System32\drivers\isis.sys [47408 2014-07-14] (Windows (R) Win 7 DDK provider)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-17 14:28 - 2014-07-17 14:28 - 00050477 _____ () C:\Users\Askuras\Downloads\Defogger.exe
2014-07-17 14:28 - 2014-07-17 14:28 - 00000546 _____ () C:\Users\Askuras\Downloads\defogger_disable.log
2014-07-17 14:28 - 2014-07-17 14:28 - 00000168 _____ () C:\Users\Askuras\defogger_reenable
2014-07-17 09:35 - 2014-07-17 13:50 - 00000392 _____ () C:\Windows\setupact.log
2014-07-17 09:35 - 2014-07-17 09:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 17:39 - 2014-07-16 17:39 - 01452768 _____ () C:\Users\Askuras\Downloads\Player_Setup.exe
2014-07-16 11:58 - 2014-07-16 11:58 - 00009668 _____ () C:\Users\Askuras\AppData\Local\recently-used.xbel
2014-07-14 22:17 - 2014-07-16 09:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 22:16 - 2014-07-14 22:16 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-14 22:16 - 2014-07-14 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 22:16 - 2014-07-14 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 22:16 - 2014-07-14 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-14 22:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-14 22:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-14 22:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-14 22:14 - 2014-07-14 22:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Askuras\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-14 22:08 - 2014-07-14 22:08 - 02347384 _____ (ESET) C:\Users\Askuras\Downloads\esetsmartinstaller_deu.exe
2014-07-14 22:03 - 2014-07-14 22:03 - 54318536 _____ () C:\Users\Askuras\Downloads\CloudAntivirus (1).exe
2014-07-14 22:03 - 2014-07-14 22:02 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-14 22:02 - 2014-07-14 22:02 - 54318536 _____ () C:\Users\Askuras\Downloads\CloudAntivirus.exe
2014-07-14 22:02 - 2014-07-14 22:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-14 22:01 - 2014-07-14 22:54 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\Panda Security
2014-07-14 21:59 - 2014-07-15 09:19 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-14 21:57 - 2014-07-14 21:57 - 00033847 _____ () C:\Users\Askuras\Downloads\Addition.txt
2014-07-14 21:56 - 2014-07-17 14:29 - 00021100 _____ () C:\Users\Askuras\Downloads\FRST.txt
2014-07-14 21:55 - 2014-07-17 14:29 - 00000000 ____D () C:\FRST
2014-07-14 21:55 - 2014-07-14 21:55 - 02086912 _____ (Farbar) C:\Users\Askuras\Downloads\FRST64.exe
2014-07-14 21:54 - 2014-07-14 22:54 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-14 21:54 - 2014-07-14 21:54 - 01369712 _____ () C:\Users\Askuras\Downloads\PandaCloud301Antivirus.exe
2014-07-14 18:35 - 2014-07-14 18:35 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 16:41 - 2014-07-14 16:41 - 00047408 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-12 18:37 - 2014-07-12 18:40 - 00000000 ____D () C:\Users\Askuras\Desktop\Neuer Ordner
2014-07-09 21:10 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 21:10 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 21:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 21:10 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 21:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 21:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 21:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 21:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 21:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 21:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 21:10 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 21:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 21:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 21:10 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 21:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 21:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 21:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 21:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 21:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 21:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 21:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 21:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 21:10 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 21:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 21:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 21:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 21:10 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 21:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 21:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 21:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 21:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 21:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 21:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 21:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 21:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 21:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 21:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 21:10 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 21:10 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 21:10 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 21:10 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 21:10 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 21:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 21:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 21:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 21:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 21:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 21:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 21:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 21:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 21:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 21:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 21:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 21:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 21:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 21:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 21:10 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 21:09 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 21:09 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 21:09 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 21:09 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 21:09 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 21:09 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 21:09 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 21:09 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 21:09 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 21:09 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 21:09 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 21:09 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 21:09 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 21:09 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 21:09 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 21:09 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 21:09 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 21:09 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 21:09 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 21:09 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 21:09 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 21:07 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 21:07 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 21:07 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 15:00 - 2014-07-06 15:00 - 00079818 _____ () C:\Users\Askuras\Downloads\26797 (1)
2014-07-06 15:00 - 2014-07-06 15:00 - 00079818 _____ () C:\Users\Askuras\Downloads\26797
2014-07-05 18:18 - 2014-07-05 18:18 - 01627494 _____ () C:\Users\Askuras\Downloads\Flixster.air
2014-07-05 18:18 - 2014-07-05 18:18 - 00000000 ____D () C:\Program Files (x86)\Flixster
2014-07-05 17:29 - 2014-07-05 17:30 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Askuras\Downloads\AdobeAIRInstaller.exe
2014-06-28 00:48 - 2014-06-30 14:37 - 00021619 _____ () C:\Users\Askuras\Desktop\Unbenannt 1.odt
2014-06-24 12:11 - 2014-06-24 12:11 - 01794978 _____ () C:\Users\Askuras\Downloads\Total_RP_2_1.027 (1).zip
2014-06-24 12:10 - 2014-06-24 12:11 - 01794978 _____ () C:\Users\Askuras\Downloads\Total_RP_2_1.027.zip
2014-06-24 12:10 - 2014-06-24 12:10 - 01774561 _____ () C:\Users\Askuras\Downloads\DBM-Core-5.4.15.zip
2014-06-23 18:44 - 2014-06-23 18:44 - 00000468 _____ () C:\Users\Askuras\Desktop\Julien Lloyd.vcs
2014-06-23 18:20 - 2014-06-23 18:44 - 00000593 _____ () C:\Users\Askuras\Desktop\Sokrates.vcs
2014-06-22 15:19 - 2014-07-05 17:30 - 00000000 ____D () C:\Users\Askuras\AppData\Local\Adobe
2014-06-21 23:52 - 2014-06-21 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 11:14 - 2014-06-21 11:14 - 03387258 _____ () C:\Users\Askuras\Downloads\WMV_Installer_v0706.exe
2014-06-21 11:14 - 2014-06-21 11:14 - 00001045 _____ () C:\Users\Askuras\Desktop\WoW Model Viewer.lnk
2014-06-21 11:14 - 2014-06-21 11:14 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WoW Model Viewer
2014-06-21 11:14 - 2014-06-21 11:14 - 00000000 ____D () C:\Program Files (x86)\WoWModelViewer
==================== One Month Modified Files and Folders =======
2014-07-17 14:29 - 2014-07-14 21:56 - 00021100 _____ () C:\Users\Askuras\Downloads\FRST.txt
2014-07-17 14:29 - 2014-07-14 21:55 - 00000000 ____D () C:\FRST
2014-07-17 14:28 - 2014-07-17 14:28 - 00050477 _____ () C:\Users\Askuras\Downloads\Defogger.exe
2014-07-17 14:28 - 2014-07-17 14:28 - 00000546 _____ () C:\Users\Askuras\Downloads\defogger_disable.log
2014-07-17 14:28 - 2014-07-17 14:28 - 00000168 _____ () C:\Users\Askuras\defogger_reenable
2014-07-17 14:28 - 2013-07-12 10:24 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\Skype
2014-07-17 14:28 - 2013-07-11 14:07 - 00000000 ____D () C:\Users\Askuras
2014-07-17 14:19 - 2014-06-02 14:13 - 00014848 ___SH () C:\Users\Askuras\Thumbs.db
2014-07-17 14:01 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 14:01 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 13:58 - 2013-07-11 14:07 - 01228026 _____ () C:\Windows\WindowsUpdate.log
2014-07-17 13:53 - 2013-07-23 02:21 - 00000000 ___RD () C:\Users\Askuras\Dropbox
2014-07-17 13:53 - 2013-07-23 02:19 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\Dropbox
2014-07-17 13:52 - 2014-05-14 21:13 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\DropboxMaster
2014-07-17 13:52 - 2014-02-02 20:15 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-17 13:51 - 2013-07-12 01:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-17 13:50 - 2014-07-17 09:35 - 00000392 _____ () C:\Windows\setupact.log
2014-07-17 13:50 - 2013-11-26 15:54 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-17 13:50 - 2013-07-11 14:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-17 13:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 13:11 - 2014-01-31 19:26 - 00000000 ____D () C:\Users\Askuras\AppData\Local\Battle.net
2014-07-17 12:39 - 2013-11-26 15:54 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-17 12:36 - 2013-08-08 11:15 - 00000000 ____D () C:\Users\Askuras\.gimp-2.8
2014-07-17 12:36 - 2013-07-12 12:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-17 12:01 - 2013-08-30 15:42 - 00000000 ____D () C:\Users\Askuras\Desktop\Lerckör3
2014-07-17 09:35 - 2014-07-17 09:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 17:39 - 2014-07-16 17:39 - 01452768 _____ () C:\Users\Askuras\Downloads\Player_Setup.exe
2014-07-16 11:58 - 2014-07-16 11:58 - 00009668 _____ () C:\Users\Askuras\AppData\Local\recently-used.xbel
2014-07-16 11:58 - 2013-08-26 20:58 - 00000000 ____D () C:\Users\Askuras\AppData\Local\gtk-2.0
2014-07-16 10:44 - 2013-11-26 15:54 - 00002123 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 10:44 - 2013-07-12 12:04 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-16 10:44 - 2013-07-12 12:04 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-16 09:46 - 2014-07-14 22:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 09:46 - 2014-02-02 20:15 - 00002010 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-15 09:22 - 2013-07-11 14:16 - 00069016 _____ () C:\Users\Askuras\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-15 09:19 - 2014-07-14 21:59 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-15 09:19 - 2009-07-14 06:45 - 00306296 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 23:00 - 2013-11-19 18:11 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\uTorrent
2014-07-14 23:00 - 2013-08-12 18:38 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\TS3Client
2014-07-14 22:54 - 2014-07-14 22:01 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\Panda Security
2014-07-14 22:54 - 2014-07-14 21:54 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-14 22:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-07-14 22:16 - 2014-07-14 22:16 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-14 22:16 - 2014-07-14 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 22:16 - 2014-07-14 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 22:16 - 2014-07-14 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-14 22:14 - 2014-07-14 22:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Askuras\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-14 22:08 - 2014-07-14 22:08 - 02347384 _____ (ESET) C:\Users\Askuras\Downloads\esetsmartinstaller_deu.exe
2014-07-14 22:04 - 2014-02-02 20:14 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-14 22:03 - 2014-07-14 22:03 - 54318536 _____ () C:\Users\Askuras\Downloads\CloudAntivirus (1).exe
2014-07-14 22:02 - 2014-07-14 22:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-14 22:02 - 2014-07-14 22:02 - 54318536 _____ () C:\Users\Askuras\Downloads\CloudAntivirus.exe
2014-07-14 22:02 - 2014-07-14 22:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-14 22:02 - 2014-02-02 20:15 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-14 22:02 - 2014-02-02 20:15 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-14 22:02 - 2014-02-02 20:15 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-14 22:02 - 2014-02-02 20:14 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-14 22:02 - 2014-02-02 20:14 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-14 22:02 - 2014-02-02 20:14 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-14 22:02 - 2014-02-02 20:14 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-14 21:57 - 2014-07-14 21:57 - 00033847 _____ () C:\Users\Askuras\Downloads\Addition.txt
2014-07-14 21:55 - 2014-07-14 21:55 - 02086912 _____ (Farbar) C:\Users\Askuras\Downloads\FRST64.exe
2014-07-14 21:54 - 2014-07-14 21:54 - 01369712 _____ () C:\Users\Askuras\Downloads\PandaCloud301Antivirus.exe
2014-07-14 18:35 - 2014-07-14 18:35 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 18:35 - 2014-04-29 18:21 - 00000000 ____D () C:\Program Files (x86)\Addon Enabler
2014-07-14 16:41 - 2014-07-14 16:41 - 00047408 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-12 18:40 - 2014-07-12 18:37 - 00000000 ____D () C:\Users\Askuras\Desktop\Neuer Ordner
2014-07-11 10:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 15:39 - 2013-11-26 22:10 - 00000000 ____D () C:\Users\Askuras\Desktop\Bewerbung
2014-07-10 10:50 - 2014-01-31 19:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-10 10:21 - 2014-05-06 22:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 10:21 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 10:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 10:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 00:35 - 2013-08-15 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 00:34 - 2013-07-11 20:49 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 20:36 - 2013-07-12 12:28 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 20:36 - 2013-07-12 12:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 20:36 - 2013-07-12 12:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 18:32 - 2013-07-23 02:16 - 00049152 ____H () C:\Users\Askuras\Desktop\photothumb.db
2014-07-06 15:00 - 2014-07-06 15:00 - 00079818 _____ () C:\Users\Askuras\Downloads\26797 (1)
2014-07-06 15:00 - 2014-07-06 15:00 - 00079818 _____ () C:\Users\Askuras\Downloads\26797
2014-07-06 10:47 - 2013-07-23 02:18 - 00000000 ____D () C:\Users\Askuras\Desktop\Originals
2014-07-05 18:18 - 2014-07-05 18:18 - 01627494 _____ () C:\Users\Askuras\Downloads\Flixster.air
2014-07-05 18:18 - 2014-07-05 18:18 - 00000000 ____D () C:\Program Files (x86)\Flixster
2014-07-05 18:18 - 2014-04-18 21:37 - 00000843 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flixster.lnk
2014-07-05 18:18 - 2014-04-18 21:37 - 00000831 _____ () C:\Users\Public\Desktop\Flixster.lnk
2014-07-05 17:30 - 2014-07-05 17:29 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Askuras\Downloads\AdobeAIRInstaller.exe
2014-07-05 17:30 - 2014-06-22 15:19 - 00000000 ____D () C:\Users\Askuras\AppData\Local\Adobe
2014-07-04 21:04 - 2013-07-23 02:15 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\PhotoScape
2014-07-01 02:06 - 2014-01-31 19:27 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-06-30 14:37 - 2014-06-28 00:48 - 00021619 _____ () C:\Users\Askuras\Desktop\Unbenannt 1.odt
2014-06-30 04:09 - 2014-07-09 21:10 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 21:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-24 23:34 - 2013-11-26 15:54 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-24 23:34 - 2013-11-26 15:54 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 12:11 - 2014-06-24 12:11 - 01794978 _____ () C:\Users\Askuras\Downloads\Total_RP_2_1.027 (1).zip
2014-06-24 12:11 - 2014-06-24 12:10 - 01794978 _____ () C:\Users\Askuras\Downloads\Total_RP_2_1.027.zip
2014-06-24 12:10 - 2014-06-24 12:10 - 01774561 _____ () C:\Users\Askuras\Downloads\DBM-Core-5.4.15.zip
2014-06-24 12:10 - 2014-02-15 20:10 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-23 18:44 - 2014-06-23 18:44 - 00000468 _____ () C:\Users\Askuras\Desktop\Julien Lloyd.vcs
2014-06-23 18:44 - 2014-06-23 18:20 - 00000593 _____ () C:\Users\Askuras\Desktop\Sokrates.vcs
2014-06-23 10:29 - 2013-07-12 12:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 23:52 - 2014-06-21 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 11:14 - 2014-06-21 11:14 - 03387258 _____ () C:\Users\Askuras\Downloads\WMV_Installer_v0706.exe
2014-06-21 11:14 - 2014-06-21 11:14 - 00001045 _____ () C:\Users\Askuras\Desktop\WoW Model Viewer.lnk
2014-06-21 11:14 - 2014-06-21 11:14 - 00000000 ____D () C:\Users\Askuras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WoW Model Viewer
2014-06-21 11:14 - 2014-06-21 11:14 - 00000000 ____D () C:\Program Files (x86)\WoWModelViewer
2014-06-20 22:14 - 2014-07-09 21:10 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 21:10 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 11:36 - 2014-02-27 11:41 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-06-19 14:47 - 2013-08-25 12:18 - 00000000 ____D () C:\Users\Askuras\dwhelper
2014-06-19 08:38 - 2014-03-22 09:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-19 08:38 - 2013-07-12 10:24 - 00000000 ____D () C:\ProgramData\Skype
2014-06-19 03:39 - 2014-07-09 21:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 21:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 21:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 21:10 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 21:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:42 - 2014-07-09 21:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:41 - 2014-07-09 21:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:41 - 2014-07-09 21:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:32 - 2014-07-09 21:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 21:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 21:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 21:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:24 - 2014-07-09 21:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:23 - 2014-07-09 21:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 21:10 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 21:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 21:10 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 21:10 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 21:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 21:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 21:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 21:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 21:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 21:10 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 21:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 21:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 21:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 21:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 21:10 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 21:10 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 21:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 21:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 21:10 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 21:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 21:10 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 21:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 21:10 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 21:10 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 21:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 21:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 21:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 21:10 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:58 - 2014-07-09 21:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:52 - 2014-07-09 21:10 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 21:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 21:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 21:10 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 21:10 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 21:10 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 21:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 21:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 21:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 21:10 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 21:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 15:08 - 2014-06-03 15:54 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1384003036
2014-06-18 15:08 - 2013-11-09 15:17 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-18 04:18 - 2014-07-09 21:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 21:10 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 03:48 - 2013-09-08 17:34 - 00000000 ____D () C:\Users\Askuras\Desktop\World of Warcraft
Files to move or delete:
====================
C:\ProgramData\hash.dat
Some content of TEMP:
====================
C:\Users\Askuras\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcaozv5.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-08 10:09
==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014 01
Ran by Askuras at 2014-07-17 14:34:03
Running from C:\Users\Askuras\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
3100_3200_3300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
3100_3200_3300trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
3300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
Assassin's Creed Liberation (HKLM-x32\...\Steam App 260210) (Version: - Ubisoft Sofia)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version: - Ubisoft Montreal)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Axxa's World of Warcraft Logo Creator v1.2 (HKLM-x32\...\Axxa's World of Warcraft Logo Creator v1.2) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Command & Conquer™ Alarmstufe Rot 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Command and Conquer: Red Alert 3 - Uprising (HKLM-x32\...\Steam App 24800) (Version: - EA Los Angeles)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Flixster (HKLM-x32\...\com.wb.DC2) (Version: 2.2.2 - Warner Bros. Entertainment, Inc.)
Flixster (x32 Version: 2.2.2 - Warner Bros. Entertainment, Inc.) Hidden
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version: - IO Interactive)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8438 - Intel(R) Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
MegaTrainer eXperience V1.2.1.0 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version: - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 German Language Pack (HKLM-x32\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Noggit SDL 1.3.166 (HKLM-x32\...\Noggit SDL 1.3.166) (Version: SDL 1.3.166 - Humanity)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version: - Three Rings)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellar Impact (HKLM-x32\...\Steam App 207150) (Version: - Tindalos Interactive)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Vampire Editor (HKLM-x32\...\Vampire Editor) (Version: - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
Warhammer® Mark of Chaos (HKLM-x32\...\{5F374D5D-DB43-4263-9C29-BAB2C93FEFE6}) (Version: 1.001.000 - NAMCO BANDAI Games)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
09-07-2014 22:32:49 Windows Update
10-07-2014 15:11:19 DirectX wurde installiert
10-07-2014 15:13:14 DirectX wurde installiert
14-07-2014 19:58:44 avast! antivirus system restore point
14-07-2014 20:48:10 Jasc Paint Shop Pro 9 wird entfernt
16-07-2014 07:50:40 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {058C9965-F27B-4E31-A0A5-730F65E9646B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {16CA0439-803A-45CE-B66B-F6219B5F05B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {17725669-94F7-4E94-A770-41AC3959AE11} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {24B994C7-6D9E-473D-894E-6A93D5BA44A6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {26A39720-183E-45DC-B196-FED38DD65B0D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {26D74E08-2B51-4397-8AB8-E9B08EDA88B4} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2813FED9-217A-45E3-BF64-E0EF7F72BEBB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {46262355-1933-463C-8E8F-B5A4A3A9F146} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {573BCE02-F6CF-4E26-8845-3B85A6EA8666} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {6BD2E3BC-CA3E-4F31-96BD-464EB73289B1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-14] (AVAST Software)
Task: {6CC36A8F-E15D-4237-B21A-F6D7473BF969} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {9E59EE20-94E7-418F-8F0F-98CE55FA4545} - System32\Tasks\Opera scheduled Autoupdate 1384003036 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {C9F800EA-6835-4F47-B2B6-5621B0C04E3F} - \Digital Sites No Task File <==== ATTENTION
Task: {CB0F0035-0BC8-428C-AA21-1364713EDE0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {CD87D4C7-469D-42A7-833D-FC4AF4E02012} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-07-12 00:41 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-26 15:00 - 2014-03-02 01:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-18 15:08 - 2014-06-18 15:08 - 01396344 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
2014-07-14 16:41 - 2014-07-14 16:41 - 00330544 _____ () C:\Program Files (x86)\Isis\isis.exe
2014-04-19 10:54 - 2014-03-26 13:44 - 00215744 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll
2014-04-19 10:54 - 2014-03-26 13:44 - 03111104 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\Intel.SBA.SmartConnect.UI.dll
2014-04-19 10:54 - 2014-03-26 13:44 - 02526912 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\Intel.SBA.ConnectCenter.UI.dll
2014-04-19 10:54 - 2014-03-26 13:44 - 00604352 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\Intel.SBA.AppUp.UI.dll
2014-04-19 10:54 - 2014-03-26 13:44 - 00152768 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\Intel.SBA.AntiTheft.UI.dll
2014-04-19 10:54 - 2014-03-26 13:43 - 00215744 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
2014-04-19 10:54 - 2014-03-26 13:43 - 00030912 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
2014-04-19 10:54 - 2014-03-26 13:43 - 00031424 _____ () C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\SbaCcf.dll
2014-07-14 22:01 - 2014-07-14 22:01 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-16 21:43 - 2014-07-16 21:43 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071601\algo.dll
2014-07-17 13:53 - 2014-07-17 13:53 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071700\algo.dll
2014-05-22 14:04 - 2014-07-12 02:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 17:39 - 2014-07-12 02:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-22 14:04 - 2014-07-12 02:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 20:35 - 2014-07-12 02:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-07-01 08:20 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 14:04 - 2014-07-12 02:53 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-22 14:04 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-07-09 17:56 - 2014-07-12 02:53 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-09 13:45 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-06-18 15:08 - 2014-06-18 15:08 - 00877688 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\libglesv2.dll
2014-06-18 15:08 - 2014-06-18 15:08 - 00135800 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\libegl.dll
2014-06-18 15:08 - 2014-06-18 15:08 - 00957048 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\ffmpegsumo.dll
2014-07-14 22:02 - 2014-07-14 22:02 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-04 10:25 - 2014-04-04 10:25 - 00102400 _____ () C:\Program Files (x86)\Isis\nfapi.dll
2014-06-05 06:41 - 2014-06-05 06:41 - 00331776 _____ () C:\Program Files (x86)\Isis\ProtocolFilters.dll
2014-07-17 13:52 - 2014-07-17 13:52 - 00043008 _____ () c:\users\askuras\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcaozv5.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Askuras\AppData\Roaming\Dropbox\bin\libcef.dll
2013-07-11 14:15 - 2013-03-12 22:20 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/17/2014 02:19:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/17/2014 01:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2014 09:36:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/16/2014 03:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/16/2014 10:44:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1a40
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/16/2014 09:56:44 AM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte)
Error: (07/16/2014 09:42:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 06:38:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 10:24:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 10:17:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (07/17/2014 09:42:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (07/16/2014 00:26:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (07/16/2014 09:47:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (07/15/2014 06:39:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Small Business Advantage" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/15/2014 06:39:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Small Business Advantage erreicht.
Error: (07/15/2014 10:29:08 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (07/14/2014 10:53:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (07/14/2014 10:30:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (07/14/2014 10:04:12 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (07/14/2014 10:01:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Microsoft Office Sessions:
=========================
Error: (07/17/2014 02:19:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Askuras\Downloads\esetsmartinstaller_deu.exe
Error: (07/17/2014 01:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2014 09:36:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/16/2014 03:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/16/2014 10:44:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b1a4001cfa0d22937dd4cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll6d00e37d-0cc5-11e4-9186-d43d7ebe1543
Error: (07/16/2014 09:56:44 AM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte)
Error: (07/16/2014 09:42:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 06:38:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 10:24:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 10:17:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Askuras\Downloads\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 8120.61 MB
Available physical RAM: 5055.92 MB
Total Pagefile: 16239.39 MB
Available Pagefile: 12761.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:429.2 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1A9706D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:35 on 17/07/2014 (Askuras)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-17 14:53:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_DT01ACA100 rev.MS2OA750 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Askuras\AppData\Local\Temp\kgtoiuog.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[676] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\services.exe[740] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\winlogon.exe[772] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\lsass.exe[792] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[908] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[980] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[1004] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Windows\system32\svchost.exe[328] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[628] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[456] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1056] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1084] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1184] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1272] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1492] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[1500] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1712] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1740] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1832] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Windows\SysWOW64\svchost.exe[1880] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[1920] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe[1964] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe[1988] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Windows\System32\svchost.exe[1356] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\taskhost.exe[2260] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\Dwm.exe[2336] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\taskeng.exe[2380] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\Explorer.EXE[2420] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2584] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[2788] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[2828] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000074ab1a22 2 bytes [AB, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000074ab1ad0 2 bytes [AB, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000074ab1b08 2 bytes [AB, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000074ab1bba 2 bytes [AB, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000074ab1bda 2 bytes [AB, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000768d1465 2 bytes [8D, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000768d14bb 2 bytes [8D, 76]
.text ... * 2
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[2964] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[3012] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2208] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\wbem\wmiprvse.exe[3064] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3136] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\conhost.exe[3148] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3220] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\conhost.exe[3228] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[3280] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[3404] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3632] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000768d1465 2 bytes [8D, 76]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000768d14bb 2 bytes [8D, 76]
.text ... * 2
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3764] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3664] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files (x86)\Steam\Steam.exe[4012] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Steam\Steam.exe[4012] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 00000000752754a9 5 bytes JMP 00000001000f0800
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[4864] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4364] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe[1064] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[4572] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075058791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[4572] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[4588] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Isis\isis.exe[4884] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Isis\isis.exe[4884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000768d1465 2 bytes [8D, 76]
.text C:\Program Files (x86)\Isis\isis.exe[4884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000768d14bb 2 bytes [8D, 76]
.text ... * 2
.text C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe[5148] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe[5200] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe[5200] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 00000000768d1465 2 bytes [8D, 76]
.text C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe[5200] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000768d14bb 2 bytes [8D, 76]
.text ... * 2
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe[5412] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe[5732] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe[5820] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[3380] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2244] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000768d1465 2 bytes [8D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000768d14bb 2 bytes [8D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[916] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[916] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000768d1465 2 bytes [8D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[916] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000768d14bb 2 bytes [8D, 76]
.text ... * 2
.text C:\Windows\system32\wbem\unsecapp.exe[4608] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe[876] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5080] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Windows\system32\taskeng.exe[3116] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007710ef8d 1 byte [62]
.text C:\Users\Askuras\Downloads\Gmer-19357.exe[1256] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007507a2fd 1 byte [62]
---- Threads - GMER 2.1 ----
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2456:2752] 000007fef666f5f8
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2456:2760] 000007fef612bc60
---- Processes - GMER 2.1 ----
Library C:\Users\Askuras\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe [5200](2014-01-03 01:09:26) 00000000040c0000
Library c:\users\askuras\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcaozv5.dll (*** suspicious ***) @ C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe [5200](2014-07-17 11:52:08) 0000000003e10000
Library C:\Users\Askuras\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe [5200](2013-08-23 19:01:44) 00000000620a0000
Library C:\Users\Askuras\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Askuras\AppData\Roaming\Dropbox\bin\Dropbox.exe [5200] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42) 0000000061710000
---- EOF - GMER 2.1 ----
|
So funktioniert es:
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
