| Majestic12 | 29.07.2014 12:47 |
Hallo Timo,
zunächst danke für die schnelle Rückmeldung. Anbei die beiden Logfiles: FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Majestic12 (administrator) on MAJESTIC12-PC on 29-07-2014 13:32:24
Running from C:\Users\Majestic12\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1794048 2008-10-28] (AVM Berlin)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1304340154-3728848748-4111075504-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKU\S-1-5-21-1304340154-3728848748-4111075504-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1304340154-3728848748-4111075504-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1304340154-3728848748-4111075504-1000\...\MountPoints2: {3e731f1b-19e3-11e1-ba61-df66beb6e41d} - F:\pushinst.exe
HKU\S-1-5-21-1304340154-3728848748-4111075504-1000\...\MountPoints2: {52552288-8e01-11e1-a014-001f3f049688} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\index.html
HKU\S-1-5-21-1304340154-3728848748-4111075504-1000\...\MountPoints2: {8f8beecb-2c13-11e3-86b9-001f3f049688} - E:\Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: 118.97.164.75:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7E3F571415D3CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A0D4EB2-2C26-42b2-A87A-AFB929B00D65} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_28_ff&cd=2XzuyEtN2Y1L1QzutC0CyC0FyCyD0A0F0EtBzz0FyE0B0FzytN0D0Tzu0SzytByEtN1L2XzutBtFtBtCtFtCyEtFtBtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StD0Fzyzzzy0DtD0AtGyB0EzyzztG0EyBzyyBtGzyzy0FtCtGtCtDtBzyzzyEtBzzyEyEyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyE0DyDyDtBtD0DtG0CyD0C0AtG0D0D0F0CtGzz0Bzy0BtGtD0EyBtA0FyByEtA0DtA0B0C2Q&cr=465940798&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A0D4EB2-2C26-42b2-A87A-AFB929B00D65} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_28_ff&cd=2XzuyEtN2Y1L1QzutC0CyC0FyCyD0A0F0EtBzz0FyE0B0FzytN0D0Tzu0SzytByEtN1L2XzutBtFtBtCtFtCyEtFtBtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StD0Fzyzzzy0DtD0AtGyB0EzyzztG0EyBzyyBtGzyzy0FtCtGtCtDtBzyzzyEtBzzyEyEyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyE0DyDyDtBtD0DtG0CyD0C0AtG0D0D0F0CtGzz0Bzy0BtGtD0EyBtA0FyByEtA0DtA0B0C2Q&cr=465940798&ir=
SearchScopes: HKCU - {6EA030DC-E3C7-43C0-9DA6-E3FD859DF989} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {8BCD3EAB-3AF2-4eab-9766-ACDC8E1F9DBC} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_29\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Majestic12\AppData\Roaming\Mozilla\Firefox\Profiles\jgcho6mw.default
FF DefaultSearchEngine: WSE Rocket
FF SelectedSearchEngine: WSE Rocket
FF Homepage: www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre1.6.0_29\bin\npDeployJava1.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\Majestic12\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - C:\Users\Majestic12\AppData\Roaming\Mozilla\Firefox\Profiles\jgcho6mw.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-28]
FF Extension: YouTube High Definition - C:\Users\Majestic12\AppData\Roaming\Mozilla\Firefox\Profiles\jgcho6mw.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-10]
FF Extension: Adblock Plus - C:\Users\Majestic12\AppData\Roaming\Mozilla\Firefox\Profiles\jgcho6mw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-11]
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\Majestic12\AppData\Roaming\Mozilla\Firefox\Profiles\jgcho6mw.default\extensions\mail@shopping-preise.de
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-18] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [364544 2008-10-28] (AVM Berlin) [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-02-24] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-18] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-18] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-12-11] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2008-10-28] (AVM Berlin)
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [524928 2008-10-28] (AVM GmbH)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-12-11] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 TBPanel; No ImagePath
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U4 SR;
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 13:32 - 2014-07-29 13:32 - 00017418 _____ () C:\Users\Majestic12\Downloads\FRST.txt
2014-07-29 13:31 - 2014-07-29 13:32 - 00000000 ____D () C:\FRST
2014-07-29 13:31 - 2014-07-29 13:31 - 02093568 _____ (Farbar) C:\Users\Majestic12\Downloads\FRST64.exe
2014-07-24 16:57 - 2014-07-28 01:04 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\uTorrent
2014-07-20 20:23 - 2014-07-20 20:23 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Majestic12\Downloads\FreeYouTubeToMP3Converter(2).exe
2014-07-14 23:17 - 2014-07-14 23:17 - 11371783 _____ () C:\Users\Majestic12\Downloads\new(1).zip
2014-07-13 21:48 - 2014-07-13 21:48 - 00005072 _____ () C:\Users\Majestic12\Downloads\antivir-removal-tool_9106.log
2014-07-13 20:01 - 2014-07-13 20:01 - 08522753 _____ () C:\Users\Majestic12\Downloads\Beyond the future Deutsch (v 3)(1).7z
2014-07-13 20:01 - 2014-07-13 20:01 - 00000000 ____D () C:\Users\Majestic12\AppData\Local\Adobe
2014-07-13 19:58 - 2014-07-13 19:58 - 00004767 _____ () C:\Users\Majestic12\Downloads\tech_era_limit.zip
2014-07-13 18:08 - 2014-07-13 18:08 - 00363008 _____ (Avira GmbH) C:\Users\Majestic12\Downloads\antivir-removal-tool_9106.exe
2014-07-13 16:03 - 2014-07-13 16:07 - 00000000 ____D () C:\AdwCleaner
2014-07-13 15:50 - 2014-07-13 15:50 - 02347384 _____ (ESET) C:\Users\Majestic12\Downloads\esetsmartinstaller_deu.exe
2014-07-13 15:48 - 2014-07-13 15:48 - 01348263 _____ () C:\Users\Majestic12\Downloads\adwcleaner_3.215.exe
2014-07-13 12:48 - 2014-07-13 12:48 - 00000000 ____D () C:\Windows\pss
2014-07-13 11:28 - 2014-07-13 11:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-13 11:24 - 2014-07-29 13:24 - 00000308 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-13 11:24 - 2014-07-13 11:24 - 00003268 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-07-13 11:23 - 2014-07-29 13:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 11:23 - 2014-07-13 11:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Majestic12\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-13 11:23 - 2014-07-13 11:23 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-13 11:23 - 2014-07-13 11:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-13 11:23 - 2014-07-13 11:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-12 21:49 - 2014-07-12 21:51 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\Real
2014-07-12 21:49 - 2014-07-12 21:51 - 00000000 ____D () C:\Program Files (x86)\Real
2014-07-12 21:48 - 2014-07-12 21:51 - 00000000 ____D () C:\ProgramData\Real
2014-07-12 21:48 - 2014-07-12 21:48 - 01024720 _____ (RealNetworks, Inc.) C:\Users\Majestic12\Downloads\RealPlayerCloud_de.exe
2014-07-12 10:42 - 2014-07-12 10:42 - 00918952 _____ (Oracle Corporation) C:\Users\Majestic12\Downloads\jxpiinstall.exe
2014-07-12 01:01 - 2014-07-13 12:21 - 00000000 ____D () C:\ProgramData\ExyipUbuvq
2014-07-11 22:57 - 2014-07-11 22:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-07-11 00:09 - 2014-07-11 00:10 - 00292632 _____ () C:\Windows\Minidump\071114-26504-01.dmp
2014-07-10 23:11 - 2014-07-10 23:12 - 00056752 _____ () C:\Users\Majestic12\Downloads\Map Pack_0001.zip
2014-07-10 23:10 - 2014-07-10 23:10 - 00012572 _____ () C:\Users\Majestic12\Downloads\Vicious Isthmi.zip
2014-07-10 09:11 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 09:11 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 09:11 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 09:11 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 09:11 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 09:11 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 09:11 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 09:11 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 09:11 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 09:11 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 09:11 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 09:11 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 09:11 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 09:11 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 09:11 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 09:11 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 09:11 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 09:11 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 09:11 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 09:11 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 09:11 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 09:11 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 09:11 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 09:11 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 09:11 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 09:11 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 09:11 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 09:11 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 09:11 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 09:11 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 09:11 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 09:11 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 09:11 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 09:11 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 09:11 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 09:11 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 09:11 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 09:11 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 09:11 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 09:11 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 09:11 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 09:11 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 09:11 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 09:11 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 09:11 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 09:11 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 09:11 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 09:11 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 09:11 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 09:11 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 09:11 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 09:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 09:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 09:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 09:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 09:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 09:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 09:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 09:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 09:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 09:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 09:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 09:10 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 09:10 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 09:10 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 21:52 - 2014-07-06 21:52 - 00006119 _____ () C:\Users\Majestic12\Downloads\land_of_glory_v3.zip
2014-07-06 21:51 - 2014-07-06 21:51 - 00011875 _____ () C:\Users\Majestic12\Downloads\Tortured Rivers.zip
2014-07-06 21:51 - 2014-07-06 21:51 - 00003728 _____ () C:\Users\Majestic12\Downloads\New World.zip
2014-07-05 22:19 - 2014-07-05 22:19 - 00009703 _____ () C:\Users\Majestic12\Downloads\Rush7.zip
2014-07-05 22:13 - 2014-07-05 22:13 - 00120798 _____ () C:\Users\Majestic12\Downloads\Tower_Defense_Surv_FINAL(BLOO)v6.ees
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 13:32 - 2014-07-29 13:32 - 00017418 _____ () C:\Users\Majestic12\Downloads\FRST.txt
2014-07-29 13:32 - 2014-07-29 13:31 - 00000000 ____D () C:\FRST
2014-07-29 13:31 - 2014-07-29 13:31 - 02093568 _____ (Farbar) C:\Users\Majestic12\Downloads\FRST64.exe
2014-07-29 13:24 - 2014-07-13 11:24 - 00000308 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-29 13:17 - 2014-07-13 11:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 13:06 - 2013-10-26 19:49 - 00000000 ____D () C:\Program Files (x86)\Giraffic
2014-07-29 10:42 - 2011-11-28 18:18 - 01159498 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 09:12 - 2009-07-14 06:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 09:12 - 2009-07-14 06:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 09:09 - 2011-11-28 20:53 - 00742794 _____ () C:\Windows\system32\perfh010.dat
2014-07-29 09:09 - 2011-11-28 20:53 - 00152352 _____ () C:\Windows\system32\perfc010.dat
2014-07-29 09:09 - 2011-11-28 20:49 - 00693012 _____ () C:\Windows\system32\perfh00C.dat
2014-07-29 09:09 - 2011-11-28 20:49 - 00479980 _____ () C:\Windows\system32\perfh001.dat
2014-07-29 09:09 - 2011-11-28 20:49 - 00135646 _____ () C:\Windows\system32\perfc00C.dat
2014-07-29 09:09 - 2011-11-28 20:49 - 00099272 _____ () C:\Windows\system32\perfc001.dat
2014-07-29 09:09 - 2011-04-12 09:43 - 00710502 _____ () C:\Windows\system32\perfh007.dat
2014-07-29 09:09 - 2011-04-12 09:43 - 00154832 _____ () C:\Windows\system32\perfc007.dat
2014-07-29 09:09 - 2009-07-14 07:13 - 03952096 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-29 09:07 - 2013-10-26 19:49 - 00000000 ____D () C:\ProgramData\Giraffic
2014-07-29 09:05 - 2011-11-28 19:55 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-07-29 09:05 - 2011-11-28 19:49 - 00000144 _____ () C:\service.log
2014-07-29 09:05 - 2011-11-28 19:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-29 09:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-29 09:05 - 2009-07-14 06:51 - 00327476 _____ () C:\Windows\setupact.log
2014-07-29 00:58 - 2011-11-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-28 01:04 - 2014-07-24 16:57 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\uTorrent
2014-07-27 16:55 - 2010-11-21 05:47 - 00413906 _____ () C:\Windows\PFRO.log
2014-07-24 22:42 - 2013-02-05 19:25 - 00000000 ____D () C:\Users\Majestic12\Documents\UseNeXT
2014-07-24 22:42 - 2013-02-05 19:25 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\UseNeXT
2014-07-23 00:54 - 2013-04-19 01:33 - 00007168 ___SH () C:\Users\Majestic12\Documents\Thumbs.db
2014-07-22 00:43 - 2012-09-26 11:09 - 00000000 ____D () C:\Users\Majestic12\Desktop\ABI - Kopie
2014-07-20 20:30 - 2012-04-13 20:59 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\DVDVideoSoft
2014-07-20 20:29 - 2013-01-24 00:37 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-07-20 20:29 - 2012-04-13 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-07-20 20:23 - 2014-07-20 20:23 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Majestic12\Downloads\FreeYouTubeToMP3Converter(2).exe
2014-07-18 16:57 - 2013-12-12 01:48 - 00000000 ____D () C:\Users\Majestic12\AppData\Local\CrashDumps
2014-07-15 21:14 - 2012-07-13 12:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-15 19:11 - 2012-08-17 22:32 - 00000000 ____D () C:\Users\Majestic12\Documents\SimCity 4
2014-07-15 15:51 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-14 23:29 - 2014-06-05 16:03 - 00000000 ____D () C:\GOG Games
2014-07-14 23:17 - 2014-07-14 23:17 - 11371783 _____ () C:\Users\Majestic12\Downloads\new(1).zip
2014-07-13 21:48 - 2014-07-13 21:48 - 00005072 _____ () C:\Users\Majestic12\Downloads\antivir-removal-tool_9106.log
2014-07-13 20:01 - 2014-07-13 20:01 - 08522753 _____ () C:\Users\Majestic12\Downloads\Beyond the future Deutsch (v 3)(1).7z
2014-07-13 20:01 - 2014-07-13 20:01 - 00000000 ____D () C:\Users\Majestic12\AppData\Local\Adobe
2014-07-13 19:58 - 2014-07-13 19:58 - 00004767 _____ () C:\Users\Majestic12\Downloads\tech_era_limit.zip
2014-07-13 18:08 - 2014-07-13 18:08 - 00363008 _____ (Avira GmbH) C:\Users\Majestic12\Downloads\antivir-removal-tool_9106.exe
2014-07-13 16:07 - 2014-07-13 16:03 - 00000000 ____D () C:\AdwCleaner
2014-07-13 15:50 - 2014-07-13 15:50 - 02347384 _____ (ESET) C:\Users\Majestic12\Downloads\esetsmartinstaller_deu.exe
2014-07-13 15:48 - 2014-07-13 15:48 - 01348263 _____ () C:\Users\Majestic12\Downloads\adwcleaner_3.215.exe
2014-07-13 12:48 - 2014-07-13 12:48 - 00000000 ____D () C:\Windows\pss
2014-07-13 12:43 - 2013-11-26 17:59 - 00002212 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-13 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web
2014-07-13 12:21 - 2014-07-12 01:01 - 00000000 ____D () C:\ProgramData\ExyipUbuvq
2014-07-13 11:28 - 2014-07-13 11:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-13 11:25 - 2011-11-28 18:23 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-07-13 11:24 - 2014-07-13 11:24 - 00003268 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-07-13 11:23 - 2014-07-13 11:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Majestic12\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-13 11:23 - 2014-07-13 11:23 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-13 11:23 - 2014-07-13 11:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-13 11:23 - 2014-07-13 11:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-13 11:03 - 2011-11-28 18:51 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-07-13 00:13 - 2013-02-08 14:07 - 00000000 ____D () C:\Users\Majestic12\Desktop\Neuer Ordner
2014-07-12 21:51 - 2014-07-12 21:49 - 00000000 ____D () C:\Users\Majestic12\AppData\Roaming\Real
2014-07-12 21:51 - 2014-07-12 21:49 - 00000000 ____D () C:\Program Files (x86)\Real
2014-07-12 21:51 - 2014-07-12 21:48 - 00000000 ____D () C:\ProgramData\Real
2014-07-12 21:48 - 2014-07-12 21:48 - 01024720 _____ (RealNetworks, Inc.) C:\Users\Majestic12\Downloads\RealPlayerCloud_de.exe
2014-07-12 10:44 - 2013-10-16 09:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-12 10:42 - 2014-07-12 10:42 - 00918952 _____ (Oracle Corporation) C:\Users\Majestic12\Downloads\jxpiinstall.exe
2014-07-11 22:57 - 2014-07-11 22:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-07-11 00:10 - 2014-07-11 00:09 - 00292632 _____ () C:\Windows\Minidump\071114-26504-01.dmp
2014-07-11 00:09 - 2012-05-30 23:12 - 685760411 _____ () C:\Windows\MEMORY.DMP
2014-07-11 00:09 - 2012-05-30 23:12 - 00000000 ____D () C:\Windows\Minidump
2014-07-10 23:12 - 2014-07-10 23:11 - 00056752 _____ () C:\Users\Majestic12\Downloads\Map Pack_0001.zip
2014-07-10 23:10 - 2014-07-10 23:10 - 00012572 _____ () C:\Users\Majestic12\Downloads\Vicious Isthmi.zip
2014-07-10 21:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 19:21 - 2009-07-14 06:45 - 00305384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 16:22 - 2013-08-14 08:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 16:20 - 2011-11-28 21:00 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-06 21:52 - 2014-07-06 21:52 - 00006119 _____ () C:\Users\Majestic12\Downloads\land_of_glory_v3.zip
2014-07-06 21:51 - 2014-07-06 21:51 - 00011875 _____ () C:\Users\Majestic12\Downloads\Tortured Rivers.zip
2014-07-06 21:51 - 2014-07-06 21:51 - 00003728 _____ () C:\Users\Majestic12\Downloads\New World.zip
2014-07-05 22:19 - 2014-07-05 22:19 - 00009703 _____ () C:\Users\Majestic12\Downloads\Rush7.zip
2014-07-05 22:13 - 2014-07-05 22:13 - 00120798 _____ () C:\Users\Majestic12\Downloads\Tower_Defense_Surv_FINAL(BLOO)v6.ees
Some content of TEMP:
====================
C:\Users\Majestic12\AppData\Local\Temp\AutoRun.exe
C:\Users\Majestic12\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Majestic12\AppData\Local\Temp\AVG.exe
C:\Users\Majestic12\AppData\Local\Temp\BackupSetup.exe
C:\Users\Majestic12\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Majestic12\AppData\Local\Temp\drm_dyndata_7330014.dll
C:\Users\Majestic12\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Majestic12\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Majestic12\AppData\Local\Temp\DSETUP.dll
C:\Users\Majestic12\AppData\Local\Temp\dsetup32.dll
C:\Users\Majestic12\AppData\Local\Temp\DXSETUP.exe
C:\Users\Majestic12\AppData\Local\Temp\GdiPlus.dll
C:\Users\Majestic12\AppData\Local\Temp\genteert.dll
C:\Users\Majestic12\AppData\Local\Temp\gert0.exe
C:\Users\Majestic12\AppData\Local\Temp\InstallAX.exe
C:\Users\Majestic12\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Majestic12\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Majestic12\AppData\Local\Temp\install_helper.exe
C:\Users\Majestic12\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Majestic12\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Majestic12\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Majestic12\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Majestic12\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Majestic12\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Majestic12\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Majestic12\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Majestic12\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Majestic12\AppData\Local\Temp\nvStInst.exe
C:\Users\Majestic12\AppData\Local\Temp\patchw32.dll
C:\Users\Majestic12\AppData\Local\Temp\Quarantine.exe
C:\Users\Majestic12\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Majestic12\AppData\Local\Temp\stubhelper.dll
C:\Users\Majestic12\AppData\Local\Temp\tbedrs.dll
C:\Users\Majestic12\AppData\Local\Temp\TsuB0B5E6A8.dll
C:\Users\Majestic12\AppData\Local\Temp\uninstall-1.exe
C:\Users\Majestic12\AppData\Local\Temp\uttA8DF.tmp.exe
C:\Users\Majestic12\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Majestic12\AppData\Local\Temp\_is1BAB.exe
C:\Users\Majestic12\AppData\Local\Temp\_is34E5.exe
C:\Users\Majestic12\AppData\Local\Temp\_is41B1.exe
C:\Users\Majestic12\AppData\Local\Temp\_is46F2.exe
C:\Users\Majestic12\AppData\Local\Temp\_is4F38.exe
C:\Users\Majestic12\AppData\Local\Temp\_is57F2.exe
C:\Users\Majestic12\AppData\Local\Temp\_is5F01.exe
C:\Users\Majestic12\AppData\Local\Temp\_is6855.exe
C:\Users\Majestic12\AppData\Local\Temp\_is68EF.exe
C:\Users\Majestic12\AppData\Local\Temp\_is79B1.exe
C:\Users\Majestic12\AppData\Local\Temp\_isB28C.exe
C:\Users\Majestic12\AppData\Local\Temp\_isCE46.exe
C:\Users\Majestic12\AppData\Local\Temp\_isD8D1.exe
C:\Users\Majestic12\AppData\Local\Temp\_isF067.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:30] - 2871808 ____A (Microsoft Corporation) 5740B1555D51D56547043181789027A5
C:\Windows\SysWOW64\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:35] - 2616320 ____A (Microsoft Corporation) 88B413E78ADB75A062AB947C1BF6D49A
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-28 11:11
==================== End Of Log ============================
--- --- --- Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Majestic12 at 2014-07-29 13:33:08
Running from C:\Users\Majestic12\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1648 Vollversion (HKLM-x32\...\1648 Vollversion) (Version: - )
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
aerosoft's - Berliner S-Bahn Teil 1 (HKLM-x32\...\{2AEB2EFA-477F-4F3F-9864-356AC2141F45}) (Version: - )
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Barbarian Invasion (HKLM-x32\...\{4905C2C7-96CB-4DD9-A706-C427913DE5AE}) (Version: 1.4 - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version: - )
Berlin Subway (HKLM-x32\...\Berlin Subway) (Version: - )
Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.) <==== ATTENTION
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward - Sledgehammer Games)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3341 - CDBurnerXP)
Cities XL Platinum (HKLM-x32\...\Cities XL Platinum_is1) (Version: - )
Compi gräme Dich nicht (HKLM-x32\...\Compi gräme Dich nicht) (Version: - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EasySaver B9.1214.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
Eisenbahn-Skins 1.0 (HKLM-x32\...\Eisenbahn-Skins) (Version: 1.0 - oppie)
Emergency 2 (HKLM-x32\...\{874F0C23-7CA8-4639-9D77-E032E272A3FD}) (Version: 2.00.000 - )
Emergency 2013 (HKLM-x32\...\Emergency 2013) (Version: - Quadriga Games)
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - )
Empire Earth Gold Edition (HKLM-x32\...\GOGPACKEMPIREEARTHGOLD_is1) (Version: 2.0.0.14 - GOG.com)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
ERS Berlin (HKLM-x32\...\ERSBerlin_is1) (Version: 1.2.0.0 - ERS Berlin Team)
Euro-Straßentextur-Mod 4.0 deutsch (HKLM-x32\...\Euro-Straßentextur-Mod) (Version: 4.0 deutsch - frimi und Andreas)
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
Free YouTube Download version 3.1.42.1212 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.42.1212 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Game Booster (HKLM-x32\...\Game Booster_is1) (Version: 2.3.0.0 - IObit)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - GIGABYTE Technologies, Inc.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
High Speed Rail Project Beta v1 (HKLM-x32\...\High Speed Rail Project) (Version: Beta v1 - Das NAM Team)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java Packages (HKCU\...\Java Packages) (Version: - ) <==== ATTENTION
JV1 Jet Test Vehicle for MSTS v1.0 (HKLM-x32\...\JV1 Jet Test Vehicle for MSTS v1.0) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lazesoft Recover My Password version 3.4 Home Edition (HKLM-x32\...\LS-C4DC987A-47E2-487C-9F63-7E1DB5F88FC3_is1) (Version: 3.4 - Lazesoft)
MäD (HKLM-x32\...\ST6UNST #1) (Version: - )
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Points Generator 1.3 (HKLM-x32\...\Microsoft Points Generator) (Version: 1.3 - Msponlingenerator.info)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSTS Patch 1.7.0519 (HKLM-x32\...\{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}) (Version: 1.7.051922 - George)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.3 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3 - Multi Theft Auto)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NAM Hotfix Package 301 (13 April 2012) (HKCU\...\NAM Hotfix Package) (Version: 301 (13 April 2012) - The NAM Team)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Neighbours From Hell (HKLM-x32\...\{09920072-6923-4E37-A150-5C6A3092DB7E}) (Version: 1.0 - JoWooD Studio Vienna)
Network Addon Mod Version 30 mit Essentials r132 (HKCU\...\Network Addon Mod) (Version: Version 30 mit Essentials r132 - Das NAM Team)
NVIDIA 3D Vision Controller-Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PLATT! WM-Edition (HKLM-x32\...\PLATT! WM-Edition) (Version: - )
Protect Disc License Helper 1.0.125 (IE) (HKCU\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProTrain 10 - DELUXE - 1.0 (HKLM-x32\...\ProTrain 10 - DELUXE - 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 11 - DELUXE - 1.0 (HKLM-x32\...\ProTrain 11 - DELUXE - 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 14 - DELUXE - 1.0 (HKLM-x32\...\ProTrain 14 - DELUXE - 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 28 "Durch den Berliner Speckgürtel" 1.0 (HKLM-x32\...\ProTrain 28 "Durch den Berliner Speckgürtel" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 32 "Stuttgart - München" 1.0 (HKLM-x32\...\ProTrain 32 "Stuttgart - München" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 35 Erfurt-Halle 1.0 (HKLM-x32\...\ProTrain 35 Erfurt-Halle 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 36 1.0 (HKLM-x32\...\ProTrain 36 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 38 "Hannover-Kassel" 1.0 (HKLM-x32\...\ProTrain 38 "Hannover-Kassel" 1.0) (Version: 1.0 - BlueSky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.26.902.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket) <==== ATTENTION
Rome - Total War(TM) (HKLM-x32\...\InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}) (Version: 1.0 - Ihr Firmenname)
Rome - Total War(TM) (x32 Version: 1.0 - Ihr Firmenname) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick)
SAPDFR v4.0 (HKLM-x32\...\SAPDFR v4.0) (Version: - )
SBT-Assateague Lighthouse (HKCU\...\SBT-Assateague Lighthouse) (Version: - )
SFBT Street Tree Mod 1.0 (HKLM-x32\...\SFBT Street Tree Mod) (Version: 1.0 - Andreas Roth)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
shopping-preise.de - AddOn für Firefox (HKLM-x32\...\{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1) (Version: 2.81 - shopping-preise.de)
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.61 - Firaxis Games) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity 4 Rush Hour (HKLM-x32\...\{01339AE5-04D4-43F8-008E-13AD788DC4F7}) (Version: - )
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Street Addon Mod Beta v3 (HKLM-x32\...\Street Addon Mod) (Version: Beta v3 - Das NAM Team)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Test Drive Unlimited (HKLM-x32\...\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}) (Version: 0.10.0000 - Ihr Firmenname)
TmUnitedForever StarEdition (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Trackmania United pack track (HKLM-x32\...\Trackmania United pack track) (Version: 1.0 - )
Train Store (German Language Pack) (HKLM-x32\...\Train Store (German Language Pack)) (Version: - )
Train Store V3.2 (HKLM-x32\...\Train Store V3.2) (Version: - )
Tunatic (HKLM-x32\...\Tunatic) (Version: - )
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veoh Giraffic Video Accelerator (HKLM-x32\...\Giraffic) (Version: 0.86.412.230 - Giraffic)
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
VLC media player 1.1.10 (HKLM-x32\...\VLC media player) (Version: 1.1.10 - VideoLAN)
Vtune 7.16 (HKLM-x32\...\MySSID_is1) (Version: - )
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Subways Vol.2 (HKLM-x32\...\{0A902DF4-B767-49DB-98D3-D413E6F1E703}) (Version: 1.00 - TML-Studios)
Worms Ultimate Mayhem (HKLM-x32\...\Worms Ultimate Mayhem_is1) (Version: - )
XLNation User Interface Mod (HKLM-x32\...\{D58B29ED-DB85-4045-A56F-3265D4F58635}) (Version: 1.79.6 - Altiris)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-07-2014 14:18:38 Windows Update
12-07-2014 08:39:17 Removed Java(TM) 6 Update 29
12-07-2014 08:40:14 Removed Java(TM) 6 Update 29
12-07-2014 08:43:14 Installed Java 7 Update 60
13-07-2014 09:04:05 Removed Java 7 Update 60
13-07-2014 09:05:28 Removed Java(TM) 6 Update 29
20-07-2014 10:04:43 Geplanter Prüfpunkt
27-07-2014 10:12:31 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-29 10:13 - 2013-01-10 01:07 - 00001673 __RAH C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1482534C-935E-4AA2-8B60-510A8116E691} - \AppCloudUpdater No Task File <==== ATTENTION
Task: {1507C37E-2F93-4A30-9966-1DEE81C773C7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {327CCD10-7B0E-4143-9967-6222B5DE59A2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-18] (AVAST Software)
Task: {862743F9-BBB8-4D1F-8BB5-D549D5211FF5} - System32\Tasks\Rocket Updater => C:\Users\MAJEST~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {F254E0A8-035D-46F5-9D66-17CE3FEFB7C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\MAJEST~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE
==================== Loaded Modules (whitelisted) =============
2013-11-24 23:30 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-28 18:53 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-11-28 19:49 - 2009-08-24 15:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2011-11-28 19:53 - 2010-09-07 11:46 - 00072280 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2011-12-27 19:39 - 2012-02-24 19:08 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-28 20:52 - 2014-07-28 20:52 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14072802\algo.dll
2011-11-28 19:49 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:�DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:�SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Majestic12\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Majestic12\AppData\Roaming:NT
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: TBPanel => C:\Program Files (x86)\Vtune\TBPanel.exe /A
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/29/2014 09:07:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2014 01:12:47 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (07/28/2014 08:52:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 03:23:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 10:00:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 08:57:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 06:20:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (07/27/2014 04:57:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 10:41:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2014 10:59:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/29/2014 09:05:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (07/29/2014 09:05:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/28/2014 08:51:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (07/28/2014 08:50:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/28/2014 03:21:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (07/28/2014 03:21:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/28/2014 09:59:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (07/28/2014 09:58:48 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/27/2014 08:55:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (07/27/2014 08:55:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
Error: (07/29/2014 09:07:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2014 01:12:47 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (07/28/2014 08:52:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 03:23:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 10:00:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 08:57:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 06:20:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (07/27/2014 04:57:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 10:41:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2014 10:59:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-04-18 08:32:42.268
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-18 08:32:42.143
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:07:48.315
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:07:48.268
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:07:42.942
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:07:42.898
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:06:47.167
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:06:47.120
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:06:43.361
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-06-24 01:06:43.314
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 8189.55 MB
Available physical RAM: 6463.54 MB
Total Pagefile: 16377.29 MB
Available Pagefile: 14643.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:548.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CF4DDFDF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
Hinweis: 
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
