Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Steam SCR. Virus?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.01.2015, 20:53   #1
Ohrmann
 
Steam SCR. Virus? - Standard

Steam SCR. Virus?



Hallo,

ich bin grad in steam on gegangen und habe ein kommentar auf mein profil bekommen. Da war dann ein link mit nem angeblichen Bild. Habs dann gedownloadet und dann habe ich aber bemerkt dass es gar kein png datei war sondern eine scr. Dann versuchte ich sie zu öffnen, erst mit notepad da kam dann eine Fehlermeldung hab sie mir net durchgelesen und das ding wieder geschlossen. Anschließend habe ich bei den Eigenschaften nachgeschaut und dann habe ich versucht es zu öffnen. Windows sagte aber dass es gefährlich sein könnte, also habe ich es gelassen. Habe ich nun ein Virus auf meinem rechner? Bzw. hat jemand mein Steam acc gehackt? Hab das Passwort au wieder geändert.


MFG Ohrmann.

Alt 20.01.2015, 21:27   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Steam SCR. Virus? - Standard

Steam SCR. Virus?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 20.01.2015, 21:30   #3
Ohrmann
 
Steam SCR. Virus? - Standard

Steam SCR. Virus?



Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
Ich scanne grad meinen PC mit Norton, ist das ok wenn ich das mit FRST danach mache?

Edit: Hab jetzt FRST scannen lassen.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Orhan (administrator) on BIT-SHOP-PC on 20-01-2015 23:24:16
Running from C:\Users\Admin\Downloads\Programs
Loaded Profiles: Orhan (Available profiles: Orhan)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
() C:\Windows\System32\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2015-01-12] (Overwolf LTD)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-13] (Tonec Inc.)
IFEO\CNC3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
IFEO\CNC3EP1.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
IFEO\generals.exe: [Debugger] 
IFEO\RA3.exe: [Debugger] 
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3589104308-3585437864-706008238-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=bdt3&ocid=bdt3dhp&dt=110213
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> DefaultScope {566EBE84-1B55-42B6-A2B3-8597AB30C73B} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=Solo&Lan=&q={searchTerms}&gu=701a8589e27c4635a4d2278d3bcd274c&tu=11Ih0009v1B0001&sku=&tstsId=&ver=&&r=109
SearchScopes: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> {566EBE84-1B55-42B6-A2B3-8597AB30C73B} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=Solo&Lan=&q={searchTerms}&gu=701a8589e27c4635a4d2278d3bcd274c&tu=11Ih0009v1B0001&sku=&tstsId=&ver=&&r=109
SearchScopes: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll (Check Point Software Technologies LTD)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll (Check Point Software Technologies LTD)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Download videos and MP3s from YouTube - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-30]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-01-20]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.8.0.14\coFFFw
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-17]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-30]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2015-01-18]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-04]
CHR Extension: (Norton Identity Safe) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-04]
CHR Extension: (Norton Security Toolbar) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-17]
CHR Extension: (Norton™ Family) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2013-11-01]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-05]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-25] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-12] ()
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [175136 2014-09-13] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-12] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-11-17] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-11-11] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-12] (Symantec Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150119.001\IDSvia64.sys [668888 2015-01-14] (Symantec Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150119.023\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150119.023\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-15] (Symantec Corporation)
S1 SymIM; C:\Windows\system32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 23:23 - 2015-01-20 23:24 - 00000000 ____D () C:\FRST
2015-01-19 20:23 - 2015-01-19 22:10 - 01141760 _____ () C:\Users\Admin\Desktop\Musik Stimuliert 10B (1).ppt
2015-01-19 20:23 - 2015-01-19 20:23 - 00026624 _____ () C:\Users\Admin\Desktop\Musik Stimuliert 10B.ppt
2015-01-18 02:56 - 2015-01-18 02:56 - 04623243 _____ () C:\Users\Admin\Desktop\Deadlock- The Journey Begins.zip
2015-01-18 01:25 - 2015-01-18 01:25 - 01580443 _____ () C:\Users\Admin\Downloads\1.8flowshd (1).zip.opdownload
2015-01-18 01:22 - 2015-01-20 20:45 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-01-18 01:22 - 2015-01-18 01:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\IDM
2015-01-18 01:22 - 2015-01-18 01:22 - 00001036 _____ () C:\Users\Admin\Desktop\Internet Download Manager.lnk
2015-01-18 01:22 - 2015-01-18 01:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-18 01:22 - 2015-01-18 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-18 01:19 - 2015-01-18 01:25 - 09091528 _____ () C:\Users\Admin\Downloads\FlowsHD-1.7.rar.opdownload
2015-01-18 01:17 - 2015-01-18 01:25 - 00539578 _____ () C:\Users\Admin\Downloads\1.7.10_flows_hd_64x.zip.opdownload
2015-01-18 01:16 - 2015-01-18 01:25 - 19556526 _____ () C:\Users\Admin\Downloads\1.8flowshd.zip.opdownload
2015-01-18 00:58 - 2015-01-18 02:56 - 00000000 ____D () C:\Users\Admin\Desktop\MC A
2015-01-18 00:56 - 2015-01-18 00:56 - 15087273 _____ () C:\Users\Admin\Desktop\The Idol and the Golden City v1.3.zip
2015-01-16 13:21 - 2015-01-16 13:21 - 00000000 ____D () C:\Users\Admin\Desktop\2015_01_16
2015-01-16 13:17 - 2015-01-16 13:17 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2015-01-14 13:37 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 13:37 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 13:37 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 13:37 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 13:37 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 13:37 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 13:37 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 13:37 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 13:37 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 13:37 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 13:37 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 13:37 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 13:37 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 13:37 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 13:37 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 13:37 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 13:37 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 13:37 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 13:37 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 13:37 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 13:37 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-13 13:36 - 2014-11-29 01:37 - 00180648 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2015-01-11 22:07 - 2015-01-14 16:14 - 00000113 _____ () C:\Users\Admin\Desktop\CS AIM.txt
2015-01-11 20:07 - 2015-01-11 20:07 - 00000219 _____ () C:\Users\Admin\Desktop\Counter-Strike Global Offensive.url
2015-01-05 01:16 - 2013-11-26 18:59 - 01258712 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bcmwlhigh664.sys
2015-01-05 01:16 - 2013-07-31 21:33 - 00096560 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmwlcoi.dll
2015-01-05 01:16 - 2013-07-31 19:01 - 03566592 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll
2015-01-05 01:16 - 2013-07-31 19:00 - 03900928 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvsrv64.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\Packet.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00053299 _____ () C:\WINDOWS\SysWOW64\pthreadVC.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2015-01-05 01:13 - 2015-01-05 01:14 - 82282786 _____ () C:\Users\Admin\Desktop\WNA3100_V2.2.0.2.zip
2015-01-04 22:05 - 2015-01-04 22:05 - 00000000 ____D () C:\ProgramData\Riot Games
2015-01-04 22:04 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-01-04 22:04 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-01-04 22:04 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-01-04 22:02 - 2015-01-04 22:02 - 30668968 _____ (Riot Games) C:\Users\Admin\Desktop\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-01-04 17:43 - 2015-01-04 17:44 - 06694568 _____ () C:\Users\Admin\Desktop\Monolith Pack Version 3 Ausf. B2.zip
2015-01-04 15:57 - 2015-01-04 15:57 - 00001076 _____ () C:\Users\Public\Desktop\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
2015-01-04 15:55 - 2013-09-25 09:44 - 08390656 _____ () C:\Users\Admin\Desktop\P8Z77-M-ASUS-2105.CAP
2015-01-04 15:30 - 2015-01-04 15:30 - 04467037 _____ () C:\Users\Admin\Desktop\P8Z77-M-ASUS-2105.zip
2015-01-04 04:18 - 2015-01-04 04:18 - 00000900 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-01-04 04:15 - 2015-01-04 04:55 - 01243184 _____ ( ) C:\Users\Admin\Downloads\cpu-z_1.71-setup-en (1).exe.opdownload
2015-01-04 04:14 - 2015-01-04 04:14 - 01577512 _____ ( ) C:\Users\Admin\Desktop\cpu-z_1.71-setup-en.exe
2015-01-04 00:40 - 2015-01-04 00:40 - 00042214 _____ () C:\Users\Admin\Downloads\CUDA Shaders v4.2 Ultra.zip
2015-01-03 23:27 - 2015-01-12 21:45 - 00000000 ____D () C:\Users\Admin\Desktop\Schulkram
2015-01-03 23:23 - 2015-01-03 23:23 - 03077905 _____ () C:\Users\Admin\Desktop\forge-1.7.10-10.13.2.1230-installer.jar
2015-01-03 23:22 - 2015-01-04 17:46 - 00000000 ____D () C:\Users\Admin\Desktop\MCFMF
2015-01-03 20:37 - 2015-01-04 03:09 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-03 20:37 - 2015-01-03 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-01-03 20:24 - 2015-01-03 20:24 - 00001492 _____ () C:\Users\Admin\Desktop\Battle.net Launcher - Verknüpfung.lnk
2015-01-03 20:00 - 2015-01-03 21:46 - 01110951 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (3).exe.opdownload
2015-01-03 19:59 - 2015-01-03 21:46 - 01100927 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (1).exe.opdownload
2015-01-03 19:59 - 2015-01-03 21:46 - 00750087 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (2).exe.opdownload
2015-01-03 19:58 - 2015-01-03 21:46 - 00397815 _____ () C:\Users\Admin\Downloads\CNCFalloutV02.exe.opdownload
2015-01-01 21:15 - 2015-01-20 23:15 - 00000308 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2015-01-01 21:15 - 2015-01-01 21:15 - 00472336 _____ (Zone Labs Inc.) C:\WINDOWS\SysWOW64\ssleay32.dll
2015-01-01 21:14 - 2015-01-20 20:49 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder
2015-01-01 21:14 - 2015-01-17 21:14 - 00000316 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-01-01 21:14 - 2015-01-15 16:26 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2015-01-01 21:14 - 2015-01-04 04:07 - 00000300 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-01-01 21:14 - 2015-01-03 21:14 - 00003042 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2015-01-01 21:14 - 2015-01-03 21:14 - 00003028 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2015-01-01 21:14 - 2015-01-01 21:14 - 00001100 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2015-01-01 21:14 - 2015-01-01 21:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dll-files.com
2015-01-01 21:14 - 2015-01-01 21:14 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-01 21:14 - 2015-01-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2015-01-01 21:14 - 2014-06-10 12:27 - 00019392 _____ (Dll-Files.com) C:\WINDOWS\system32\roboot64.exe
2015-01-01 21:12 - 2015-01-01 21:12 - 00002955 _____ () C:\Users\Admin\Desktop\C&C Online.lnk
2015-01-01 21:12 - 2015-01-01 21:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNCOnline
2015-01-01 21:12 - 2015-01-01 21:12 - 00000000 ____D () C:\Program Files (x86)\Revora
2015-01-01 00:40 - 2015-01-01 00:41 - 313570567 _____ () C:\Users\Admin\Desktop\TiberiumEssence_beta16 (1).zip
2015-01-01 00:39 - 2015-01-01 00:43 - 08303896 _____ () C:\Users\Admin\Downloads\TiberiumEssence_beta16.zip.opdownload
2015-01-01 00:28 - 2015-01-01 00:33 - 00000000 ____D () C:\Users\Admin\Desktop\PRIME95 (1)
2014-12-29 01:49 - 2014-12-29 01:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-12-29 01:48 - 2014-12-29 01:48 - 00001098 _____ () C:\Users\Admin\Desktop\TEMP MESSEN.lnk
2014-12-29 01:48 - 2014-12-29 01:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-12-29 00:21 - 2014-12-29 00:21 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\java
2014-12-29 00:17 - 2014-12-29 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2014-12-29 00:17 - 2014-12-29 00:17 - 00000000 ____D () C:\Program Files (x86)\HWiNFO32
2014-12-28 19:56 - 2014-12-28 19:56 - 01689384 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Admin\Desktop\GPU-Z.0.8.0.exe
2014-12-28 17:42 - 2014-12-30 16:26 - 00000168 _____ () C:\Users\Admin\Desktop\local.txt
2014-12-28 17:37 - 2014-12-28 17:37 - 05378177 _____ () C:\Users\Admin\Downloads\p95v285.win64.zip
2014-12-28 15:58 - 2015-01-20 21:29 - 00000000 _____ () C:\WINDOWS\Path.idx
2014-12-28 15:56 - 2014-12-28 15:56 - 00000000 _____ () C:\WINDOWS\SysWOW64\Drivers\1043_ASUSTeK_P8Z77-M.alu
2014-12-28 15:53 - 2015-01-20 20:48 - 01048576 _____ () C:\WINDOWS\PE_Rom.dll
2014-12-28 15:46 - 2014-12-28 15:46 - 00000000 ____D () C:\Program Files\ASUS
2014-12-28 15:45 - 2014-12-28 15:45 - 00007678 _____ () C:\WINDOWS\DPINST.LOG
2014-12-28 15:45 - 2014-12-28 15:45 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-12-28 15:45 - 2012-05-17 11:57 - 00026136 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2014-12-28 15:45 - 2011-09-20 05:25 - 00046152 ____R (MCCI Corporation) C:\WINDOWS\SysWOW64\Drivers\ASUSFILTER.sys
2014-12-28 15:44 - 2012-05-31 04:06 - 00032400 ____R (NT Kernel Resources) C:\WINDOWS\system32\Drivers\ndisrd.sys
2014-12-28 15:43 - 2014-12-28 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-28 15:43 - 2012-09-14 03:06 - 00014464 ____R () C:\WINDOWS\SysWOW64\Drivers\AsUpIO.sys
2014-12-28 15:43 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll
2014-12-28 15:42 - 2015-01-04 15:19 - 00000000 ____D () C:\WINDOWS\System32\Tasks\ASUS
2014-12-28 15:42 - 2014-12-28 15:42 - 00000000 ____D () C:\ProgramData\ASUS
2014-12-28 15:41 - 2015-01-04 15:13 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-28 15:41 - 2014-12-28 15:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\Drivers\MFDLL
2014-12-28 15:41 - 2012-08-22 10:54 - 00015232 ____R () C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2014-12-28 15:41 - 2010-06-29 08:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2014-12-28 15:41 - 2008-01-04 06:34 - 00011832 ____N () C:\WINDOWS\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-28 15:41 - 2008-01-04 06:34 - 00010216 ____N () C:\WINDOWS\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-28 15:35 - 2014-12-28 15:36 - 02699320 _____ (Martin Malík - REALiX ) C:\Users\Admin\Downloads\hw64_448.exe
2014-12-28 15:31 - 2014-12-28 15:31 - 01190544 _____ ( ) C:\Users\Admin\Downloads\hwmonitor_1.26-setup.exe
2014-12-27 22:27 - 2014-12-27 22:27 - 00000222 _____ () C:\Users\Admin\Desktop\PRIME95 (2).url
2014-12-27 17:58 - 2014-12-27 17:59 - 31815495 _____ () C:\Users\Admin\Downloads\Coop-24_CustomCampaigns.exe.opdownload
2014-12-26 17:13 - 2014-12-26 17:13 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-22 00:14 - 2014-12-22 00:14 - 00000000 ____D () C:\Users\Admin\Desktop\1370176054_gtaivvmi_v1.5_setup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 23:16 - 2013-10-23 16:16 - 01624099 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-20 23:02 - 2013-09-04 14:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-20 23:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-20 22:50 - 2013-10-13 01:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-20 22:37 - 2014-01-20 14:57 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-20 21:31 - 2014-10-02 18:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-20 21:04 - 2013-09-30 05:14 - 00005640 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-20 21:04 - 2013-09-30 04:56 - 02290080 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-20 21:04 - 2013-09-30 04:56 - 00631878 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-20 20:58 - 2014-01-24 22:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-01-20 20:58 - 2013-08-22 15:46 - 00352584 _____ () C:\WINDOWS\setupact.log
2015-01-20 20:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-20 20:46 - 2014-12-17 21:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Raptr
2015-01-20 20:45 - 2014-01-20 14:57 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-20 20:45 - 2013-09-29 20:04 - 00494668 _____ () C:\WINDOWS\PFRO.log
2015-01-20 20:45 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-20 01:17 - 2014-10-28 01:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DMCache
2015-01-20 01:06 - 2014-02-16 17:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2015-01-19 21:27 - 2014-09-24 15:27 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-18 22:17 - 2014-04-24 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Battle.net
2015-01-18 02:57 - 2014-08-24 22:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2015-01-18 01:43 - 2013-09-04 12:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-01-18 01:37 - 2013-09-02 08:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3589104308-3585437864-706008238-1001
2015-01-17 01:43 - 2014-11-04 19:59 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 22:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-16 20:31 - 2013-09-02 08:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 20:08 - 2013-09-02 08:42 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-16 13:21 - 2013-09-11 17:45 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-15 22:14 - 2014-09-24 15:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Overwolf
2015-01-15 22:07 - 2014-08-29 14:15 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-01-15 16:48 - 2013-09-02 08:09 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2015-01-14 16:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-14 14:25 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-14 13:50 - 2013-10-13 01:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-11 21:55 - 2013-09-04 12:36 - 00512046 _____ () C:\WINDOWS\DirectX.log
2015-01-06 13:35 - 2013-11-22 14:27 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-06 01:08 - 2014-07-10 11:41 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-07-10 11:41 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-05 01:16 - 2013-09-02 13:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-05 01:14 - 2014-01-14 10:53 - 40673376 _____ (Macrovision Corporation) C:\Users\Admin\Desktop\Setup.exe
2015-01-05 00:49 - 2013-09-20 21:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2015-01-04 23:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-04 22:04 - 2013-10-23 18:35 - 00000000 ____D () C:\Riot Games
2015-01-04 16:21 - 2014-10-05 17:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-04 15:57 - 2013-09-02 13:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-04 15:57 - 2013-09-02 13:31 - 00000000 ____D () C:\Program Files\Intel
2015-01-04 15:08 - 2013-09-02 13:26 - 00043013 _____ () C:\WINDOWS\Ascd_log.ini
2015-01-04 15:02 - 2013-09-02 13:25 - 00032324 _____ () C:\WINDOWS\Ascd_tmp.ini
2015-01-04 04:18 - 2014-10-05 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-01-04 04:18 - 2014-10-05 16:35 - 00000000 ____D () C:\Program Files\CPUID
2015-01-04 04:03 - 2013-10-23 16:20 - 00000000 ____D () C:\Users\Admin
2015-01-04 01:00 - 2013-09-04 12:05 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 01:00 - 2013-09-04 12:05 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-03 23:30 - 2013-09-02 16:52 - 00000000 ____D () C:\Users\Admin\Desktop\Bilder
2015-01-03 20:24 - 2014-04-24 16:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-01-01 01:17 - 2013-09-04 22:05 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-01 00:11 - 2013-09-02 14:08 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 02:31 - 2013-09-04 22:05 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-30 23:01 - 2014-04-23 12:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\DayZ
2014-12-30 20:50 - 2013-09-04 12:06 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-30 16:48 - 2013-09-21 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2014-12-30 16:10 - 2014-10-05 15:59 - 00001274 _____ () C:\Users\Admin\Desktop\PRIME95 (1).ini
2014-12-30 02:10 - 2014-10-05 17:02 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-12-30 00:14 - 2014-10-08 15:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-30 00:14 - 2013-09-04 12:00 - 00000000 ____D () C:\ProgramData\Skype
2014-12-29 02:01 - 2013-09-04 22:19 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-29 01:49 - 2014-04-13 20:29 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-12-29 01:49 - 2014-04-13 20:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-12-28 17:47 - 2013-09-02 14:20 - 00007597 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-12-28 15:45 - 2013-09-02 13:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-28 15:36 - 2014-10-05 17:21 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2014-12-28 15:36 - 2014-10-05 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-12-28 15:36 - 2014-10-05 17:21 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-12-28 15:34 - 2014-10-05 16:35 - 00000946 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-12-28 00:43 - 2014-02-16 17:43 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client

==================== Files in the root of some directories =======
2014-03-31 18:54 - 2001-06-11 01:45 - 0005536 _____ () C:\Program Files (x86)\12_bit_dither_pf.ex_
2014-03-31 18:54 - 2001-06-07 03:49 - 0000407 _____ () C:\Program Files (x86)\Africa.w_
2014-03-31 18:54 - 2001-03-11 14:58 - 0004090 _____ () C:\Program Files (x86)\Alpha_Grow_pm.ex_
2014-03-31 18:54 - 2001-03-11 14:54 - 0004108 _____ () C:\Program Files (x86)\Alpha_Shrink_pm.ex_
2014-03-31 18:54 - 2003-10-28 07:42 - 0003942 _____ () C:\Program Files (x86)\antique1.gr_
2014-03-31 18:54 - 2003-10-28 07:43 - 0004058 _____ () C:\Program Files (x86)\antique2.gr_
2014-03-31 18:54 - 2001-12-31 07:17 - 0066388 _____ () C:\Program Files (x86)\Artmap.da_
2014-03-31 18:54 - 1997-05-19 07:08 - 0074553 _____ () C:\Program Files (x86)\AsycFilt.dl_
2014-03-31 18:54 - 2002-02-09 07:53 - 0004837 _____ () C:\Program Files (x86)\AverageFrames_pm.ex_
2014-03-31 18:54 - 2001-04-25 22:33 - 0008507 _____ () C:\Program Files (x86)\BEVELBOX.OC_
2014-03-31 18:54 - 2000-11-04 23:05 - 0006253 _____ () C:\Program Files (x86)\bmp_load_pb.ex_
2014-03-31 18:54 - 2000-11-05 08:54 - 0004817 _____ () C:\Program Files (x86)\bmp_save_pb.ex_
2014-03-31 18:54 - 2003-05-01 21:40 - 0012121 _____ () C:\Program Files (x86)\Brainy.op_
2014-03-31 18:54 - 2002-01-30 08:08 - 0011613 _____ () C:\Program Files (x86)\Brocolly_Trails.op_
2014-03-31 18:54 - 2002-01-25 13:36 - 0004462 _____ () C:\Program Files (x86)\cellular_pf.ex_
2014-03-31 18:54 - 2002-12-29 14:29 - 0003913 _____ () C:\Program Files (x86)\ChangeDPI_px.ex_
2014-03-31 18:54 - 2002-09-03 03:27 - 0005735 _____ () C:\Program Files (x86)\Clipboard_Export_pb.ex_
2014-03-31 18:54 - 2002-11-10 14:13 - 0005499 _____ () C:\Program Files (x86)\Clipboard_Import_pb.ex_
2014-03-31 18:54 - 1998-02-27 15:28 - 0000267 _____ () C:\Program Files (x86)\Close.IC_
2014-03-31 18:54 - 2001-06-07 03:27 - 0000393 _____ () C:\Program Files (x86)\CloudySky.w_
2014-03-31 18:54 - 1996-10-31 00:00 - 0010146 _____ () C:\Program Files (x86)\ComCat.dl_
2014-03-31 18:54 - 2000-05-21 23:00 - 0315877 _____ () C:\Program Files (x86)\COMCTL32.OC_
2014-03-31 18:54 - 1999-05-06 23:00 - 0074707 _____ () C:\Program Files (x86)\COMDLG32.OC_
2014-03-31 18:54 - 2001-08-14 17:35 - 0011040 _____ () C:\Program Files (x86)\copying.tx_
2014-03-31 18:54 - 2001-06-07 03:22 - 0000383 _____ () C:\Program Files (x86)\Countryside.w_
2014-03-31 18:54 - 2002-01-22 17:18 - 0004697 _____ () C:\Program Files (x86)\Crystalize_pf.ex_
2014-03-31 18:54 - 1996-08-20 23:00 - 0015600 _____ () C:\Program Files (x86)\Ctl3d32.dl_
2014-03-31 18:54 - 2001-06-08 04:59 - 0000405 _____ () C:\Program Files (x86)\Daisys.w_
2014-03-31 18:54 - 2001-04-18 00:48 - 0003969 _____ () C:\Program Files (x86)\Def_Gradient.gr_
2014-03-31 18:54 - 2002-08-23 03:04 - 0066779 _____ () C:\Program Files (x86)\def_mdiform_bitmap.jp_
2014-03-31 18:54 - 2003-12-20 12:48 - 0000389 _____ () C:\Program Files (x86)\Def_Res.tx_
2014-03-31 18:54 - 2002-08-21 07:41 - 0017460 _____ () C:\Program Files (x86)\Def_Wallpaper.bm_
2014-03-31 18:54 - 2001-05-13 17:22 - 0000452 _____ () C:\Program Files (x86)\Def_well.w_
2014-03-31 18:54 - 2004-01-29 15:40 - 1533663 _____ () C:\Program Files (x86)\dogwaffle.ex_
2014-03-31 18:54 - 2003-10-27 08:53 - 0001363 _____ () C:\Program Files (x86)\DogWeb.ht_
2014-03-31 18:54 - 2003-06-22 15:33 - 0012575 _____ () C:\Program Files (x86)\DogWillow.op_
2014-03-31 18:54 - 2003-11-04 12:22 - 0017663 _____ () C:\Program Files (x86)\drbrush.dl_
2014-03-31 18:54 - 2003-11-04 10:45 - 0045953 _____ () C:\Program Files (x86)\drfilter.dl_
2014-03-31 18:54 - 2003-10-26 10:15 - 0013880 _____ () C:\Program Files (x86)\drFloodfill.dl_
2014-03-31 18:54 - 2004-01-02 22:59 - 0023230 _____ () C:\Program Files (x86)\Drpaint.dl_
2014-03-31 18:54 - 2001-07-13 02:22 - 0022094 _____ () C:\Program Files (x86)\DR_BUTTON_CONTROLL.OC_
2014-03-31 18:54 - 2001-06-12 23:02 - 0023327 _____ () C:\Program Files (x86)\DR_MX_BUTTON_CONTROLL.OC_
2014-03-31 18:54 - 2002-03-29 11:45 - 0000469 _____ () C:\Program Files (x86)\Earthy.w_
2014-03-31 18:54 - 2004-01-03 12:28 - 0003276 _____ () C:\Program Files (x86)\ExploreTempDir_pm.ex_
2014-03-31 18:54 - 2003-05-01 21:50 - 0012113 _____ () C:\Program Files (x86)\Fancyful.op_
2014-03-31 18:54 - 2001-06-07 03:35 - 0000366 _____ () C:\Program Files (x86)\ForestGreens.w_
2014-03-31 18:54 - 2002-02-08 11:06 - 0004986 _____ () C:\Program Files (x86)\FrameFromClipboard_pm.ex_
2014-03-31 18:54 - 2003-06-22 18:10 - 0012008 _____ () C:\Program Files (x86)\Garland.op_
2014-03-31 18:54 - 2001-04-08 10:33 - 0005395 _____ () C:\Program Files (x86)\Globe_pf.ex_
2014-03-31 18:54 - 2001-06-09 06:20 - 0000422 _____ () C:\Program Files (x86)\GoldenAge_well.w_
2014-03-31 18:54 - 2001-05-27 15:33 - 0004098 _____ () C:\Program Files (x86)\Gradient_To_VB_pm.ex_
2014-03-31 18:54 - 2003-06-23 19:42 - 0012712 _____ () C:\Program Files (x86)\Grass.op_
2014-03-31 18:54 - 2004-01-07 11:00 - 0005718 _____ () C:\Program Files (x86)\Grid_pm.ex_
2014-03-31 18:54 - 2002-10-08 13:33 - 0003969 _____ () C:\Program Files (x86)\GunMetals.gr_
2014-03-31 18:54 - 2003-05-01 21:44 - 0012118 _____ () C:\Program Files (x86)\Hivey.op_
2014-03-31 18:54 - 2001-07-13 02:00 - 0015303 _____ () C:\Program Files (x86)\HPROP.OC_
2014-03-31 18:54 - 2002-01-21 04:37 - 0005287 _____ () C:\Program Files (x86)\iff_px.ex_
2014-03-31 18:54 - 2001-02-09 14:57 - 0004964 _____ () C:\Program Files (x86)\IM_MOD_RL_histogram_.dl_
2014-03-31 18:54 - 2003-10-26 10:36 - 0002467 _____ () C:\Program Files (x86)\Keyboard_Document.rt_
2014-03-31 18:54 - 2002-11-01 14:11 - 0003383 _____ () C:\Program Files (x86)\KeyInvert_pb.ex_
2014-03-31 18:54 - 2002-11-01 14:10 - 0003675 _____ () C:\Program Files (x86)\KeyToBlack_pb.ex_
2014-03-31 18:54 - 2002-11-01 14:13 - 0003676 _____ () C:\Program Files (x86)\KeyToLuminance_pb.ex_
2014-03-31 18:54 - 2003-11-13 12:48 - 0005545 _____ () C:\Program Files (x86)\Key_Grow_pb.ex_
2014-03-31 18:54 - 2003-11-13 13:15 - 0005053 _____ () C:\Program Files (x86)\Key_Shrink_pb.ex_
2014-03-31 18:54 - 2002-01-24 18:19 - 0004619 _____ () C:\Program Files (x86)\Maximize_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:55 - 0005264 _____ () C:\Program Files (x86)\MaxMin_pf.ex_
2014-03-31 18:54 - 2002-01-21 03:42 - 0005684 _____ () C:\Program Files (x86)\Median_pf.ex_
2014-03-31 18:54 - 2001-04-18 15:33 - 0004534 _____ () C:\Program Files (x86)\Metals.gr_
2014-03-31 18:54 - 2001-06-07 03:23 - 0000382 _____ () C:\Program Files (x86)\Midnight.w_
2014-03-31 18:54 - 2002-01-24 18:20 - 0004409 _____ () C:\Program Files (x86)\Minimize_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:35 - 0006334 _____ () C:\Program Files (x86)\MinMax_pf.ex_
2014-03-31 18:54 - 2000-11-19 15:02 - 0004605 _____ () C:\Program Files (x86)\Mirrage_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:54 - 0004737 _____ () C:\Program Files (x86)\Mosaic_pf.ex_
2014-03-31 18:54 - 2002-09-23 10:29 - 0010655 _____ () C:\Program Files (x86)\MotionBlur_pf.ex_
2014-03-31 18:54 - 1998-11-03 10:45 - 0048479 _____ () C:\Program Files (x86)\MsStkPrp.dl_
2014-03-31 18:54 - 1999-12-07 12:00 - 0865616 _____ () C:\Program Files (x86)\MSVBVM50.dl_
2014-03-31 18:54 - 2002-01-24 18:25 - 0004981 _____ () C:\Program Files (x86)\Mysticvision_pf.ex_
2014-03-31 18:54 - 2001-06-07 03:56 - 0000371 _____ () C:\Program Files (x86)\OakBark.w_
2014-03-31 18:54 - 1997-05-19 07:08 - 0320739 _____ () C:\Program Files (x86)\OleAut32.dl_
2014-03-31 18:54 - 1997-05-19 07:08 - 0067142 _____ () C:\Program Files (x86)\OlePro32.dl_
2014-03-31 18:54 - 2001-06-11 01:54 - 0004987 _____ () C:\Program Files (x86)\OptimizedPaletteTest_pf.ex_
2014-03-31 18:54 - 2001-06-06 11:06 - 0005477 _____ () C:\Program Files (x86)\OptimizedPalette_pf.ex_
2014-03-31 18:54 - 2002-11-03 12:33 - 0006796 _____ () C:\Program Files (x86)\Paint_on_alpha_pm.ex_
2014-03-31 18:54 - 2001-06-09 06:18 - 0004906 _____ () C:\Program Files (x86)\PaletteToWells_pm.ex_
2014-03-31 18:54 - 2002-01-30 08:24 - 0012268 _____ () C:\Program Files (x86)\Pine_Branches.op_
2014-03-31 18:54 - 2002-11-03 12:24 - 0003826 _____ () C:\Program Files (x86)\printerPrefs_generic_px.ex_
2014-03-31 18:54 - 2002-09-20 03:40 - 0010701 _____ () C:\Program Files (x86)\print_generic_px.ex_
2014-03-31 18:54 - 2001-06-07 03:26 - 0000385 _____ () C:\Program Files (x86)\Pumpkin.w_
2014-03-31 18:54 - 2002-02-12 04:45 - 0001745 _____ () C:\Program Files (x86)\readme.rt_
2014-03-31 18:54 - 2002-11-13 16:34 - 0000243 _____ () C:\Program Files (x86)\ReadMe.tx_
2014-03-31 18:54 - 2002-10-08 13:53 - 0004885 _____ () C:\Program Files (x86)\Reds.gr_
2014-03-31 18:54 - 1997-01-13 00:00 - 0126780 _____ () C:\Program Files (x86)\RichEd32.dl_
2014-03-31 18:54 - 1998-06-23 23:00 - 0117028 _____ () C:\Program Files (x86)\RICHTX32.OC_
2014-03-31 18:54 - 2001-06-07 03:47 - 0000381 _____ () C:\Program Files (x86)\Sand.w_
2014-03-31 18:54 - 2002-09-20 03:11 - 0004207 _____ () C:\Program Files (x86)\ScaleAlpha_pm.ex_
2014-03-31 18:54 - 2003-10-06 18:07 - 0023758 _____ () C:\Program Files (x86)\screenshot2-300.jp_
2014-03-31 18:54 - 2003-12-20 14:49 - 0004287 _____ () C:\Program Files (x86)\Sepia_pf.ex_
2014-03-31 18:54 - 1997-01-16 00:00 - 0089600 _____ (Microsoft Corporation) C:\Program Files (x86)\SETUP.EXE
2014-03-31 18:54 - 2004-01-29 15:50 - 0017280 _____ () C:\Program Files (x86)\SETUP.LST
2014-03-31 18:54 - 1997-03-05 17:11 - 0073501 _____ () C:\Program Files (x86)\setup1.ex_
2014-03-31 18:54 - 2001-06-07 03:46 - 0000367 _____ () C:\Program Files (x86)\Sky.w_
2014-03-31 18:54 - 2002-10-08 14:06 - 0003188 _____ () C:\Program Files (x86)\Skys.gr_
2014-03-31 18:54 - 2003-05-01 21:37 - 0012178 _____ () C:\Program Files (x86)\Spiro.op_
2014-03-31 18:54 - 2004-01-27 17:49 - 0047473 _____ () C:\Program Files (x86)\Splash.jp_
2014-03-31 18:54 - 1997-01-16 00:00 - 0037850 _____ () C:\Program Files (x86)\ST5UNST.EX_
2014-03-31 18:54 - 1997-05-19 07:08 - 0007134 _____ () C:\Program Files (x86)\StdOle2.tl_
2014-03-31 18:54 - 2003-11-29 15:47 - 0023514 _____ () C:\Program Files (x86)\Store_Alpha_pm.ex_
2014-03-31 18:54 - 2002-09-05 03:01 - 0007260 _____ () C:\Program Files (x86)\Store_Brush_pb.ex_
2014-03-31 18:54 - 2002-09-05 01:44 - 0012899 _____ () C:\Program Files (x86)\Store_Buffer_pm.ex_
2014-03-31 18:54 - 2002-03-29 12:00 - 0000520 _____ () C:\Program Files (x86)\Study.w_
2014-03-31 18:54 - 2003-10-25 11:15 - 0000512 _____ () C:\Program Files (x86)\TabletSupport.rt_
2014-03-31 18:54 - 2002-08-09 05:44 - 0000520 _____ () C:\Program Files (x86)\Test1.w_
2014-03-31 18:54 - 2003-10-17 10:49 - 0025398 _____ () C:\Program Files (x86)\Thumb_Book.gi_
2014-03-31 18:54 - 2002-01-30 08:18 - 0012270 _____ () C:\Program Files (x86)\Trees.op_
2014-03-31 18:54 - 2001-06-07 03:43 - 0000400 _____ () C:\Program Files (x86)\Valencia.w_
2014-03-31 18:54 - 1997-01-16 00:00 - 0016457 _____ () C:\Program Files (x86)\VB5StKit.dl_
2014-03-31 18:54 - 2003-06-05 20:01 - 0097631 _____ () C:\Program Files (x86)\VBTablet.dl_
2014-03-31 18:54 - 2002-10-08 13:46 - 0003435 _____ () C:\Program Files (x86)\Vents.gr_
2014-03-31 18:54 - 2002-10-08 13:42 - 0002895 _____ () C:\Program Files (x86)\Warnings.gr_
2014-03-31 18:54 - 2003-06-23 19:49 - 0013491 _____ () C:\Program Files (x86)\WinterBranches.op_
2014-03-31 18:54 - 2003-11-25 13:25 - 0016674 _____ () C:\Program Files (x86)\Zoom_pf.ex_
2014-05-11 20:03 - 2014-05-11 20:16 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-05 02:21 - 2014-05-11 18:39 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe Targa-Format CC - Voreinstellungen
2014-05-16 21:31 - 2014-08-08 16:31 - 0000305 _____ () C:\Users\Admin\AppData\Roaming\BreakingPoint_Login.ini
2014-05-16 19:43 - 2014-08-08 18:00 - 0001579 _____ () C:\Users\Admin\AppData\Roaming\BreakingPoint_Options.ini
2014-04-06 21:04 - 2014-04-06 22:00 - 0001456 _____ () C:\Users\Admin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-04 19:59 - 2014-04-30 14:23 - 0005632 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-02 16:57 - 2014-04-02 16:57 - 0007691 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2013-09-02 14:20 - 2014-12-28 17:47 - 0007597 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-08-14 20:36 - 2014-08-14 20:36 - 0000040 _____ () C:\ProgramData\ra3.ini

Files to move or delete:
====================
C:\Users\Admin\12_bit_dither_pf.exe
C:\Users\Admin\Alpha_Grow_pm.exe
C:\Users\Admin\Alpha_Shrink_pm.exe
C:\Users\Admin\Artmap.dat
C:\Users\Admin\AverageFrames_pm.exe
C:\Users\Admin\bmp_load_pb.exe
C:\Users\Admin\bmp_save_pb.exe
C:\Users\Admin\cellular_pf.exe
C:\Users\Admin\ChangeDPI_px.exe
C:\Users\Admin\Clipboard_Export_pb.exe
C:\Users\Admin\Clipboard_Import_pb.exe
C:\Users\Admin\Crystalize_pf.exe
C:\Users\Admin\dogwaffle.exe
C:\Users\Admin\drbrush.dll
C:\Users\Admin\drfilter.dll
C:\Users\Admin\drFloodfill.dll
C:\Users\Admin\Drpaint.dll
C:\Users\Admin\ExploreTempDir_pm.exe
C:\Users\Admin\FrameFromClipboard_pm.exe
C:\Users\Admin\Globe_pf.exe
C:\Users\Admin\Gradient_To_VB_pm.exe
C:\Users\Admin\Grid_pm.exe
C:\Users\Admin\iff_px.exe
C:\Users\Admin\IM_MOD_RL_histogram_.dll
C:\Users\Admin\KeyInvert_pb.exe
C:\Users\Admin\KeyToBlack_pb.exe
C:\Users\Admin\KeyToLuminance_pb.exe
C:\Users\Admin\Key_Grow_pb.exe
C:\Users\Admin\Key_Shrink_pb.exe
C:\Users\Admin\Maximize_pf.exe
C:\Users\Admin\MaxMin_pf.exe
C:\Users\Admin\Median_pf.exe
C:\Users\Admin\Minimize_pf.exe
C:\Users\Admin\MinMax_pf.exe
C:\Users\Admin\Mirrage_pf.exe
C:\Users\Admin\Mosaic_pf.exe
C:\Users\Admin\MotionBlur_pf.exe
C:\Users\Admin\Mysticvision_pf.exe
C:\Users\Admin\OptimizedPaletteTest_pf.exe
C:\Users\Admin\OptimizedPalette_pf.exe
C:\Users\Admin\Paint_on_alpha_pm.exe
C:\Users\Admin\PaletteToWells_pm.exe
C:\Users\Admin\printerPrefs_generic_px.exe
C:\Users\Admin\print_generic_px.exe
C:\Users\Admin\ScaleAlpha_pm.exe
C:\Users\Admin\Sepia_pf.exe
C:\Users\Admin\Store_Alpha_pm.exe
C:\Users\Admin\Store_Brush_pb.exe
C:\Users\Admin\Store_Buffer_pm.exe
C:\Users\Admin\VBTablet.dll
C:\Users\Admin\Zoom_pf.exe


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\awesomium_setup.exe
C:\Users\Admin\AppData\Local\Temp\install_flashplayer13x32au_mssd_awb_aih_1.exe
C:\Users\Admin\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-18-g071d500-b2935jnks.dll
C:\Users\Admin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Admin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\raptrpatch.exe
C:\Users\Admin\AppData\Local\Temp\SETUP.EXE
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\sonarinst.exe
C:\Users\Admin\AppData\Local\Temp\ssleay32.dll
C:\Users\Admin\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Admin\AppData\Local\Temp\Uninstaller-3820.exe
C:\Users\Admin\AppData\Local\Temp\Uninstaller-5712.exe
C:\Users\Admin\AppData\Local\Temp\Uninstaller-7868.exe
C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Admin\AppData\Local\Temp\_is33FF.exe
C:\Users\Admin\AppData\Local\Temp\_is4D95.exe
C:\Users\Admin\AppData\Local\Temp\_is53B5.exe
C:\Users\Admin\AppData\Local\Temp\_isDAC5.exe
C:\Users\Admin\AppData\Local\Temp\_isECCB.exe
C:\Users\Admin\AppData\Local\Temp\_isF584.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-20 20:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Orhan at 2015-01-20 23:24:59
Running from C:\Users\Admin\Downloads\Programs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.03.01 - ASUSTeK Computer Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2 Army of The Czech Republic - Data cache removal (HKLM-x32\...\A2ACR Data cache removal) (Version:  - )
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version:  - )
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version:  - )
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.322.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
C&C:Online (HKLM-x32\...\{1298F091-2180-4779-BDA0-1176247252D0}) (Version: 2.0.7 - Revora)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{AC663F85-A421-4127-A507-8E24F64D4523}) (Version: 1.0.0.0 - Electronic Arts)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
Epoch Launcher (HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\de6ddf4941177887) (Version: 0.0.1.12 - Epoch Mod Team)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
Geeks3D FurMark 1.14.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
GTA IV Vehicle Mod Installer v1.5 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.5_is1) (Version:  - MobileD2)
Halo: Spartan Assault (HKLM-x32\...\Steam App 277430) (Version:  - Vanguard Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HWiNFO32 Version 4.48 (HKLM-x32\...\HWiNFO32_is1) (Version: 4.48 - Martin Malík - REALiX)
HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version:  - Big Huge Games)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.104.0 - Overwolf Ltd.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
project dogwaffle (c:\Users\Admin\) (HKLM-x32\...\ST5UNST #2) (Version:  - )
project dogwaffle (HKLM-x32\...\ST5UNST #1) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Sandboxie 4.06 (64-bit) (HKLM\...\Sandboxie) (Version: 4.06 - Sandboxie Holdings, LLC)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Torchlight 2 (HKLM-x32\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.9.2.1 - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Torchlight II GUTS (HKLM-x32\...\Steam App 223070) (Version:  - )
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 6.2 - fCoder Group, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Video Thumbnails Maker by Scorp (remove only) (HKLM-x32\...\Video Thumbnails Maker) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
War Thunder Launcher 1.0.1.361 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
ZoneAlarm Security Toolbar on IE and Chrome (HKLM-x32\...\ZoneAlarm Security Toolbar) (Version: 1.8.11.11 - Check Point Software Technologies LTD)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3589104308-3585437864-706008238-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589104308-3585437864-706008238-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589104308-3585437864-706008238-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589104308-3585437864-706008238-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

04-01-2015 15:12:44 Installed ASUS Product Register Program
11-01-2015 20:34:28 Geplanter Prüfpunkt
15-01-2015 16:38:53 Windows Update
18-01-2015 01:26:55 Removed League of Legends

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-04-01 15:46 - 00000889 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0106AE72-41DC-4B48-8722-0AAEBC18FCAC} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {04CD3988-8323-469F-9E33-8E14796C85DA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {08D29582-243D-434B-8E8D-CDC215373672} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {095FCA68-3604-4D8B-8C8F-2BA95588F66D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {09DFCCDB-A18E-4EA9-925D-18F82DE48FC8} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1CE7225B-CDCD-4D95-9E78-E386AB8EA3FF} - System32\Tasks\Norton Family\Norton Error Processor => C:\Program Files (x86)\Norton Family\Engine\3.2.0.14\SymErr.exe
Task: {47BF7231-B04F-4CB7-9263-B8FCAF476515} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {4DA2138D-729C-4A70-B4B8-48D436D31B8C} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {4ED2B2B0-2C0E-4A7E-98CA-C199AECBC773} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
Task: {576BF9D2-F6F9-4F74-92B2-37A72E74B537} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {5AC14F0B-7925-4701-8EAF-A83D0A3217E8} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {68FADA8C-C786-4CBE-978B-C028244B1759} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {701415FB-93EA-47CD-B4C2-6BBFF547CB05} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {7A3F0805-5320-4FBD-8CBF-52CD29E358B6} - System32\Tasks\Opera scheduled Autoupdate 1385126848 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {99EC49AD-2EE0-4AB3-B268-4EC8BBEB2B20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
Task: {A8D6B1A1-661E-4593-BF4B-3B656A161CF9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BE5C23A3-8C12-4BE7-824A-62C8A9956B0E} - System32\Tasks\Norton Family\Norton Error Analyzer => C:\Program Files (x86)\Norton Family\Engine\3.2.0.14\SymErr.exe
Task: {C40301AD-E7B6-4ADA-973A-96EC92DA9103} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-12] (Overwolf LTD)
Task: {E67B7FC7-61E1-4BAD-9DB1-481D9D579298} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {F196D298-986E-4DFB-80AD-1CEB8E25B6D2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-16] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-28 15:41 - 2012-06-01 10:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-09-11 17:46 - 2011-02-07 08:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-06-28 13:12 - 2014-11-17 21:22 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-03-20 10:24 - 2014-03-20 10:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-02-18 16:03 - 2014-02-18 16:03 - 04697968 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
2014-12-17 21:01 - 2014-12-17 21:01 - 00535160 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-28 15:41 - 2015-01-20 20:45 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-12-28 15:41 - 2010-06-29 03:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-03-18 22:22 - 2014-03-18 22:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-12-30 16:19 - 2012-05-17 11:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-12-30 16:19 - 2012-07-05 12:05 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-12-28 15:43 - 2011-07-12 19:14 - 00147456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-12-28 15:43 - 2010-10-05 08:22 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-12-28 15:43 - 2012-10-08 17:07 - 00972288 ____N () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-12-30 16:18 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-12-30 16:19 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-12-28 15:44 - 2012-08-14 11:14 - 01123840 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-12-30 16:19 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-12-28 15:43 - 2013-04-15 14:19 - 00883712 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-12-28 15:43 - 2012-05-28 21:27 - 01622528 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-12-28 15:43 - 2011-09-19 20:18 - 01243136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-12-28 15:43 - 2011-07-21 09:06 - 00846848 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-12-28 15:43 - 2012-08-29 18:09 - 00875520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-12-28 15:41 - 2010-08-23 03:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-12-28 15:43 - 2010-10-05 08:22 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-30 16:19 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2014-12-30 16:19 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2014-12-30 16:19 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2014-12-28 15:43 - 2009-08-12 20:15 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-10-26 17:27 - 2014-10-26 17:27 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\80a14cd14e9579821dba2282b4349fef\PSIClient.ni.dll
2013-09-02 13:31 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-17 21:01 - 2014-12-17 21:01 - 00156792 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\message_center_win8.dll
2014-12-17 21:01 - 2014-12-17 21:01 - 01358456 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libglesv2.dll
2014-12-17 21:01 - 2014-12-17 21:01 - 00219256 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libegl.dll
2014-12-17 21:01 - 2014-12-17 21:01 - 09312888 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\pdf.dll
2014-12-17 21:01 - 2014-12-17 21:01 - 00991352 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\ffmpegsumo.dll
2014-08-28 22:54 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 22:54 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 22:54 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 22:54 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2013-08-21 13:18 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 21:30 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-21 21:09 - 2015-01-19 19:49 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-19 21:30 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 21:30 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-28 22:54 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-08-28 12:47 - 2015-01-19 19:49 - 00696000 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-08-07 10:31 - 2015-01-16 00:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 02:12 - 2015-01-16 00:42 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\Admin:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Admin\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Admin\Cookies:gs5sys
AlternateDataStreams: C:\Users\Admin\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Admin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Admin\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Admin\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Admin\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Admin\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Admin\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Admin\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Admin\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\StartupApproved\Run: => "Prime95"
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\StartupApproved\Run: => "IDMan"

========================= Accounts: ==========================

Administrator (S-1-5-21-3589104308-3585437864-706008238-500 - Administrator - Disabled)
Gast (S-1-5-21-3589104308-3585437864-706008238-501 - Limited - Disabled)
Orhan (S-1-5-21-3589104308-3585437864-706008238-1001 - Administrator - Enabled) => C:\Users\Admin

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/20/2015 09:04:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/20/2015 09:04:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/20/2015 09:04:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/20/2015 09:00:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/20/2015 09:00:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/20/2015 09:00:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/20/2015 08:58:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/20/2015 08:58:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/20/2015 08:58:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/20/2015 08:51:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (01/20/2015 08:57:34 PM) (Source: DCOM) (EventID: 10010) (User: Bit-Shop-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/20/2015 08:57:04 PM) (Source: DCOM) (EventID: 10010) (User: Bit-Shop-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/20/2015 08:45:41 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "BIT-SHOP-PC" auf Transport "NetBT_Tcpip_{7CDC42D5-7572-42BE-BE70-F6B3F34D02D4}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (01/20/2015 08:45:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎20.‎01.‎2015 um 01:18:18 unerwartet heruntergefahren.

Error: (01/20/2015 08:44:43 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256845984126395302344

Error: (01/19/2015 09:18:33 PM) (Source: DCOM) (EventID: 10010) (User: Bit-Shop-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/19/2015 09:18:03 PM) (Source: DCOM) (EventID: 10010) (User: Bit-Shop-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/19/2015 08:44:10 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (01/19/2015 02:49:22 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (01/18/2015 00:08:00 AM) (Source: DCOM) (EventID: 10010) (User: Bit-Shop-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 8139.58 MB
Available physical RAM: 5240.53 MB
Total Pagefile: 10443.58 MB
Available Pagefile: 6565.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Festplattenmann) (Fixed) (Total:931.17 GB) (Free:461.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0F2AF5DD)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
__________________

Geändert von Ohrmann (20.01.2015 um 22:29 Uhr)

Alt 21.01.2015, 10:27   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Steam SCR. Virus? - Standard

Steam SCR. Virus?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.01.2015, 14:08   #5
Ohrmann
 
Steam SCR. Virus? - Standard

Steam SCR. Virus?




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Orhan (administrator) on BIT-SHOP-PC on 21-01-2015 15:05:23
Running from C:\Users\Admin\Downloads\Programs
Loaded Profiles: Orhan (Available profiles: Orhan)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
() C:\Windows\System32\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2015-01-12] (Overwolf LTD)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-13] (Tonec Inc.)
IFEO\CNC3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
IFEO\CNC3EP1.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
IFEO\generals.exe: [Debugger] 
IFEO\RA3.exe: [Debugger] 
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3589104308-3585437864-706008238-1001\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Download videos and MP3s from YouTube - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-30]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.8.0.14\coFFFw
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-17]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-30]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2015-01-18]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-04]
CHR Extension: (Norton Identity Safe) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-04]
CHR Extension: (IDM Integration Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-21]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-05]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-25] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-12] ()
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [175136 2014-09-13] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-12] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-11-17] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-11-11] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-12] (Symantec Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150120.001\IDSvia64.sys [668888 2015-01-14] (Symantec Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150120.019\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150120.019\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-15] (Symantec Corporation)
S1 SymIM; C:\Windows\system32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 15:01 - 2015-01-21 15:01 - 00001131 _____ () C:\Users\Admin\Desktop\JRT.txt
2015-01-21 14:57 - 2015-01-21 14:57 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-21 14:56 - 2015-01-21 14:56 - 01707939 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2015-01-21 14:52 - 2015-01-21 14:52 - 00007291 _____ () C:\Users\Admin\Desktop\AdwCleaner[S0].txt
2015-01-21 14:27 - 2015-01-21 14:49 - 00000000 ____D () C:\AdwCleaner
2015-01-21 14:23 - 2015-01-21 14:23 - 02186752 _____ () C:\Users\Admin\Desktop\AdwCleaner_4.108.exe
2015-01-21 14:22 - 2015-01-21 14:22 - 00001341 _____ () C:\Users\Admin\Desktop\mbam.txt
2015-01-21 13:56 - 2015-01-21 14:19 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 13:56 - 2015-01-21 13:56 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-21 13:56 - 2015-01-21 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-21 13:56 - 2015-01-21 13:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 13:56 - 2015-01-21 13:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-21 13:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-21 13:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-21 13:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-21 13:50 - 2015-01-21 13:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-20 23:23 - 2015-01-21 15:05 - 00000000 ____D () C:\FRST
2015-01-19 20:23 - 2015-01-19 22:10 - 01141760 _____ () C:\Users\Admin\Desktop\Musik Stimuliert 10B (1).ppt
2015-01-19 20:23 - 2015-01-19 20:23 - 00026624 _____ () C:\Users\Admin\Desktop\Musik Stimuliert 10B.ppt
2015-01-18 02:56 - 2015-01-18 02:56 - 04623243 _____ () C:\Users\Admin\Desktop\Deadlock- The Journey Begins.zip
2015-01-18 01:25 - 2015-01-18 01:25 - 01580443 _____ () C:\Users\Admin\Downloads\1.8flowshd (1).zip.opdownload
2015-01-18 01:22 - 2015-01-20 20:45 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-01-18 01:22 - 2015-01-18 01:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\IDM
2015-01-18 01:22 - 2015-01-18 01:22 - 00001036 _____ () C:\Users\Admin\Desktop\Internet Download Manager.lnk
2015-01-18 01:22 - 2015-01-18 01:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-18 01:22 - 2015-01-18 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-18 01:19 - 2015-01-18 01:25 - 09091528 _____ () C:\Users\Admin\Downloads\FlowsHD-1.7.rar.opdownload
2015-01-18 01:17 - 2015-01-18 01:25 - 00539578 _____ () C:\Users\Admin\Downloads\1.7.10_flows_hd_64x.zip.opdownload
2015-01-18 01:16 - 2015-01-18 01:25 - 19556526 _____ () C:\Users\Admin\Downloads\1.8flowshd.zip.opdownload
2015-01-18 00:58 - 2015-01-18 02:56 - 00000000 ____D () C:\Users\Admin\Desktop\MC A
2015-01-18 00:56 - 2015-01-18 00:56 - 15087273 _____ () C:\Users\Admin\Desktop\The Idol and the Golden City v1.3.zip
2015-01-16 13:21 - 2015-01-16 13:21 - 00000000 ____D () C:\Users\Admin\Desktop\2015_01_16
2015-01-16 13:17 - 2015-01-16 13:17 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2015-01-14 13:37 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 13:37 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 13:37 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 13:37 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 13:37 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 13:37 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 13:37 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 13:37 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 13:37 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 13:37 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 13:37 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 13:37 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 13:37 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 13:37 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 13:37 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 13:37 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 13:37 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 13:37 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 13:37 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 13:37 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 13:37 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-13 13:36 - 2014-11-29 01:37 - 00180648 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2015-01-11 22:07 - 2015-01-14 16:14 - 00000113 _____ () C:\Users\Admin\Desktop\CS AIM.txt
2015-01-11 20:07 - 2015-01-11 20:07 - 00000219 _____ () C:\Users\Admin\Desktop\Counter-Strike Global Offensive.url
2015-01-05 01:16 - 2013-11-26 18:59 - 01258712 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bcmwlhigh664.sys
2015-01-05 01:16 - 2013-07-31 21:33 - 00096560 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmwlcoi.dll
2015-01-05 01:16 - 2013-07-31 19:01 - 03566592 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll
2015-01-05 01:16 - 2013-07-31 19:00 - 03900928 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvsrv64.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\Packet.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00053299 _____ () C:\WINDOWS\SysWOW64\pthreadVC.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2015-01-05 01:13 - 2015-01-05 01:14 - 82282786 _____ () C:\Users\Admin\Desktop\WNA3100_V2.2.0.2.zip
2015-01-04 22:05 - 2015-01-04 22:05 - 00000000 ____D () C:\ProgramData\Riot Games
2015-01-04 22:04 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-01-04 22:04 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-01-04 22:04 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-01-04 22:02 - 2015-01-04 22:02 - 30668968 _____ (Riot Games) C:\Users\Admin\Desktop\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-01-04 17:43 - 2015-01-04 17:44 - 06694568 _____ () C:\Users\Admin\Desktop\Monolith Pack Version 3 Ausf. B2.zip
2015-01-04 15:57 - 2015-01-04 15:57 - 00001076 _____ () C:\Users\Public\Desktop\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
2015-01-04 15:55 - 2013-09-25 09:44 - 08390656 _____ () C:\Users\Admin\Desktop\P8Z77-M-ASUS-2105.CAP
2015-01-04 15:30 - 2015-01-04 15:30 - 04467037 _____ () C:\Users\Admin\Desktop\P8Z77-M-ASUS-2105.zip
2015-01-04 04:18 - 2015-01-04 04:18 - 00000900 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-01-04 04:15 - 2015-01-04 04:55 - 01243184 _____ ( ) C:\Users\Admin\Downloads\cpu-z_1.71-setup-en (1).exe.opdownload
2015-01-04 04:14 - 2015-01-04 04:14 - 01577512 _____ ( ) C:\Users\Admin\Desktop\cpu-z_1.71-setup-en.exe
2015-01-04 00:40 - 2015-01-04 00:40 - 00042214 _____ () C:\Users\Admin\Downloads\CUDA Shaders v4.2 Ultra.zip
2015-01-03 23:27 - 2015-01-12 21:45 - 00000000 ____D () C:\Users\Admin\Desktop\Schulkram
2015-01-03 23:23 - 2015-01-03 23:23 - 03077905 _____ () C:\Users\Admin\Desktop\forge-1.7.10-10.13.2.1230-installer.jar
2015-01-03 23:22 - 2015-01-04 17:46 - 00000000 ____D () C:\Users\Admin\Desktop\MCFMF
2015-01-03 20:37 - 2015-01-04 03:09 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-03 20:37 - 2015-01-03 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-01-03 20:24 - 2015-01-03 20:24 - 00001492 _____ () C:\Users\Admin\Desktop\Battle.net Launcher - Verknüpfung.lnk
2015-01-03 20:00 - 2015-01-03 21:46 - 01110951 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (3).exe.opdownload
2015-01-03 19:59 - 2015-01-03 21:46 - 01100927 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (1).exe.opdownload
2015-01-03 19:59 - 2015-01-03 21:46 - 00750087 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (2).exe.opdownload
2015-01-03 19:58 - 2015-01-03 21:46 - 00397815 _____ () C:\Users\Admin\Downloads\CNCFalloutV02.exe.opdownload
2015-01-01 21:15 - 2015-01-20 23:15 - 00000308 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2015-01-01 21:15 - 2015-01-01 21:15 - 00472336 _____ (Zone Labs Inc.) C:\WINDOWS\SysWOW64\ssleay32.dll
2015-01-01 21:14 - 2015-01-21 14:54 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder
2015-01-01 21:14 - 2015-01-01 21:14 - 00001100 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2015-01-01 21:14 - 2015-01-01 21:14 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-01 21:14 - 2015-01-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2015-01-01 21:12 - 2015-01-01 21:12 - 00002955 _____ () C:\Users\Admin\Desktop\C&C Online.lnk
2015-01-01 21:12 - 2015-01-01 21:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNCOnline
2015-01-01 21:12 - 2015-01-01 21:12 - 00000000 ____D () C:\Program Files (x86)\Revora
2015-01-01 00:40 - 2015-01-01 00:41 - 313570567 _____ () C:\Users\Admin\Desktop\TiberiumEssence_beta16 (1).zip
2015-01-01 00:39 - 2015-01-01 00:43 - 08303896 _____ () C:\Users\Admin\Downloads\TiberiumEssence_beta16.zip.opdownload
2015-01-01 00:28 - 2015-01-01 00:33 - 00000000 ____D () C:\Users\Admin\Desktop\PRIME95 (1)
2014-12-29 01:49 - 2014-12-29 01:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-12-29 01:48 - 2014-12-29 01:48 - 00001098 _____ () C:\Users\Admin\Desktop\TEMP MESSEN.lnk
2014-12-29 01:48 - 2014-12-29 01:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-12-29 00:21 - 2014-12-29 00:21 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\java
2014-12-29 00:17 - 2014-12-29 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2014-12-29 00:17 - 2014-12-29 00:17 - 00000000 ____D () C:\Program Files (x86)\HWiNFO32
2014-12-28 19:56 - 2014-12-28 19:56 - 01689384 _____ (techPowerUp (TechPowerUp)) C:\Users\Admin\Desktop\GPU-Z.0.8.0.exe
2014-12-28 17:42 - 2014-12-30 16:26 - 00000168 _____ () C:\Users\Admin\Desktop\local.txt
2014-12-28 17:37 - 2014-12-28 17:37 - 05378177 _____ () C:\Users\Admin\Downloads\p95v285.win64.zip
2014-12-28 15:58 - 2015-01-21 14:59 - 00000000 _____ () C:\WINDOWS\Path.idx
2014-12-28 15:56 - 2014-12-28 15:56 - 00000000 _____ () C:\WINDOWS\SysWOW64\Drivers\1043_ASUSTeK_P8Z77-M.alu
2014-12-28 15:53 - 2015-01-21 14:53 - 01048576 _____ () C:\WINDOWS\PE_Rom.dll
2014-12-28 15:46 - 2014-12-28 15:46 - 00000000 ____D () C:\Program Files\ASUS
2014-12-28 15:45 - 2014-12-28 15:45 - 00007678 _____ () C:\WINDOWS\DPINST.LOG
2014-12-28 15:45 - 2014-12-28 15:45 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-12-28 15:45 - 2012-05-17 11:57 - 00026136 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2014-12-28 15:45 - 2011-09-20 05:25 - 00046152 ____R (MCCI Corporation) C:\WINDOWS\SysWOW64\Drivers\ASUSFILTER.sys
2014-12-28 15:44 - 2012-05-31 04:06 - 00032400 ____R (NT Kernel Resources) C:\WINDOWS\system32\Drivers\ndisrd.sys
2014-12-28 15:43 - 2014-12-28 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-28 15:43 - 2012-09-14 03:06 - 00014464 ____R () C:\WINDOWS\SysWOW64\Drivers\AsUpIO.sys
2014-12-28 15:43 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll
2014-12-28 15:42 - 2015-01-04 15:19 - 00000000 ____D () C:\WINDOWS\System32\Tasks\ASUS
2014-12-28 15:42 - 2014-12-28 15:42 - 00000000 ____D () C:\ProgramData\ASUS
2014-12-28 15:41 - 2015-01-04 15:13 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-28 15:41 - 2014-12-28 15:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\Drivers\MFDLL
2014-12-28 15:41 - 2012-08-22 10:54 - 00015232 ____R () C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2014-12-28 15:41 - 2010-06-29 08:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2014-12-28 15:41 - 2008-01-04 06:34 - 00011832 ____N () C:\WINDOWS\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-28 15:41 - 2008-01-04 06:34 - 00010216 ____N () C:\WINDOWS\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-28 15:35 - 2014-12-28 15:36 - 02699320 _____ (Martin Malík - REALiX ) C:\Users\Admin\Downloads\hw64_448.exe
2014-12-28 15:31 - 2014-12-28 15:31 - 01190544 _____ ( ) C:\Users\Admin\Downloads\hwmonitor_1.26-setup.exe
2014-12-27 22:27 - 2014-12-27 22:27 - 00000222 _____ () C:\Users\Admin\Desktop\PRIME95 (2).url
2014-12-27 17:58 - 2014-12-27 17:59 - 31815495 _____ () C:\Users\Admin\Downloads\Coop-24_CustomCampaigns.exe.opdownload
2014-12-26 17:13 - 2014-12-26 17:13 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-22 00:14 - 2014-12-22 00:14 - 00000000 ____D () C:\Users\Admin\Desktop\1370176054_gtaivvmi_v1.5_setup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 15:03 - 2013-09-02 08:15 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3589104308-3585437864-706008238-1001
2015-01-21 15:00 - 2013-10-23 16:16 - 01825295 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-21 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-21 14:52 - 2014-12-17 21:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Raptr
2015-01-21 14:52 - 2014-01-20 14:57 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 14:51 - 2014-01-24 22:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-01-21 14:50 - 2013-10-13 01:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-21 14:50 - 2013-09-29 20:04 - 00495354 _____ () C:\WINDOWS\PFRO.log
2015-01-21 14:50 - 2013-08-22 15:46 - 00352815 _____ () C:\WINDOWS\setupact.log
2015-01-21 14:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-21 14:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-21 14:37 - 2014-01-20 14:57 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-21 14:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-21 14:25 - 2014-10-28 01:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DMCache
2015-01-21 14:21 - 2013-09-30 05:14 - 00005640 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-21 14:21 - 2013-09-30 04:56 - 02319164 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-21 14:21 - 2013-09-30 04:56 - 00640914 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-21 14:11 - 2013-09-04 14:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-21 00:30 - 2013-09-04 12:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-01-20 21:31 - 2014-10-02 18:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-20 20:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-20 01:06 - 2014-02-16 17:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2015-01-19 21:27 - 2014-09-24 15:27 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-18 22:17 - 2014-04-24 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Battle.net
2015-01-18 02:57 - 2014-08-24 22:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2015-01-17 01:43 - 2014-11-04 19:59 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 20:31 - 2013-09-02 08:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 20:08 - 2013-09-02 08:42 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-16 13:21 - 2013-09-11 17:45 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-15 22:14 - 2014-09-24 15:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Overwolf
2015-01-15 22:07 - 2014-08-29 14:15 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-01-15 16:48 - 2013-09-02 08:09 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2015-01-14 14:25 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-14 13:50 - 2013-10-13 01:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-11 21:55 - 2013-09-04 12:36 - 00512046 _____ () C:\WINDOWS\DirectX.log
2015-01-06 13:35 - 2013-11-22 14:27 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-06 01:08 - 2014-07-10 11:41 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-07-10 11:41 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-05 01:16 - 2013-09-02 13:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-05 01:14 - 2014-01-14 10:53 - 40673376 _____ (Macrovision Corporation) C:\Users\Admin\Desktop\Setup.exe
2015-01-05 00:49 - 2013-09-20 21:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2015-01-04 23:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-04 22:04 - 2013-10-23 18:35 - 00000000 ____D () C:\Riot Games
2015-01-04 16:21 - 2014-10-05 17:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-04 15:57 - 2013-09-02 13:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-04 15:57 - 2013-09-02 13:31 - 00000000 ____D () C:\Program Files\Intel
2015-01-04 15:08 - 2013-09-02 13:26 - 00043013 _____ () C:\WINDOWS\Ascd_log.ini
2015-01-04 15:02 - 2013-09-02 13:25 - 00032324 _____ () C:\WINDOWS\Ascd_tmp.ini
2015-01-04 04:18 - 2014-10-05 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-01-04 04:18 - 2014-10-05 16:35 - 00000000 ____D () C:\Program Files\CPUID
2015-01-04 04:03 - 2013-10-23 16:20 - 00000000 ____D () C:\Users\Admin
2015-01-04 01:00 - 2013-09-04 12:05 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 01:00 - 2013-09-04 12:05 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-03 23:30 - 2013-09-02 16:52 - 00000000 ____D () C:\Users\Admin\Desktop\Bilder
2015-01-03 20:24 - 2014-04-24 16:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-01-01 01:17 - 2013-09-04 22:05 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-01 00:11 - 2013-09-02 14:08 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 02:31 - 2013-09-04 22:05 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-30 23:01 - 2014-04-23 12:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\DayZ
2014-12-30 20:50 - 2013-09-04 12:06 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-30 16:48 - 2013-09-21 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2014-12-30 16:10 - 2014-10-05 15:59 - 00001274 _____ () C:\Users\Admin\Desktop\PRIME95 (1).ini
2014-12-30 02:10 - 2014-10-05 17:02 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-12-30 00:14 - 2014-10-08 15:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-30 00:14 - 2013-09-04 12:00 - 00000000 ____D () C:\ProgramData\Skype
2014-12-29 02:01 - 2013-09-04 22:19 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-29 01:49 - 2014-04-13 20:29 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-12-29 01:49 - 2014-04-13 20:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-12-28 17:47 - 2013-09-02 14:20 - 00007597 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-12-28 15:45 - 2013-09-02 13:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-28 15:36 - 2014-10-05 17:21 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2014-12-28 15:36 - 2014-10-05 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-12-28 15:36 - 2014-10-05 17:21 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-12-28 15:34 - 2014-10-05 16:35 - 00000946 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-12-28 00:43 - 2014-02-16 17:43 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client

==================== Files in the root of some directories =======
2014-03-31 18:54 - 2001-06-11 01:45 - 0005536 _____ () C:\Program Files (x86)\12_bit_dither_pf.ex_
2014-03-31 18:54 - 2001-06-07 03:49 - 0000407 _____ () C:\Program Files (x86)\Africa.w_
2014-03-31 18:54 - 2001-03-11 14:58 - 0004090 _____ () C:\Program Files (x86)\Alpha_Grow_pm.ex_
2014-03-31 18:54 - 2001-03-11 14:54 - 0004108 _____ () C:\Program Files (x86)\Alpha_Shrink_pm.ex_
2014-03-31 18:54 - 2003-10-28 07:42 - 0003942 _____ () C:\Program Files (x86)\antique1.gr_
2014-03-31 18:54 - 2003-10-28 07:43 - 0004058 _____ () C:\Program Files (x86)\antique2.gr_
2014-03-31 18:54 - 2001-12-31 07:17 - 0066388 _____ () C:\Program Files (x86)\Artmap.da_
2014-03-31 18:54 - 1997-05-19 07:08 - 0074553 _____ () C:\Program Files (x86)\AsycFilt.dl_
2014-03-31 18:54 - 2002-02-09 07:53 - 0004837 _____ () C:\Program Files (x86)\AverageFrames_pm.ex_
2014-03-31 18:54 - 2001-04-25 22:33 - 0008507 _____ () C:\Program Files (x86)\BEVELBOX.OC_
2014-03-31 18:54 - 2000-11-04 23:05 - 0006253 _____ () C:\Program Files (x86)\bmp_load_pb.ex_
2014-03-31 18:54 - 2000-11-05 08:54 - 0004817 _____ () C:\Program Files (x86)\bmp_save_pb.ex_
2014-03-31 18:54 - 2003-05-01 21:40 - 0012121 _____ () C:\Program Files (x86)\Brainy.op_
2014-03-31 18:54 - 2002-01-30 08:08 - 0011613 _____ () C:\Program Files (x86)\Brocolly_Trails.op_
2014-03-31 18:54 - 2002-01-25 13:36 - 0004462 _____ () C:\Program Files (x86)\cellular_pf.ex_
2014-03-31 18:54 - 2002-12-29 14:29 - 0003913 _____ () C:\Program Files (x86)\ChangeDPI_px.ex_
2014-03-31 18:54 - 2002-09-03 03:27 - 0005735 _____ () C:\Program Files (x86)\Clipboard_Export_pb.ex_
2014-03-31 18:54 - 2002-11-10 14:13 - 0005499 _____ () C:\Program Files (x86)\Clipboard_Import_pb.ex_
2014-03-31 18:54 - 1998-02-27 15:28 - 0000267 _____ () C:\Program Files (x86)\Close.IC_
2014-03-31 18:54 - 2001-06-07 03:27 - 0000393 _____ () C:\Program Files (x86)\CloudySky.w_
2014-03-31 18:54 - 1996-10-31 00:00 - 0010146 _____ () C:\Program Files (x86)\ComCat.dl_
2014-03-31 18:54 - 2000-05-21 23:00 - 0315877 _____ () C:\Program Files (x86)\COMCTL32.OC_
2014-03-31 18:54 - 1999-05-06 23:00 - 0074707 _____ () C:\Program Files (x86)\COMDLG32.OC_
2014-03-31 18:54 - 2001-08-14 17:35 - 0011040 _____ () C:\Program Files (x86)\copying.tx_
2014-03-31 18:54 - 2001-06-07 03:22 - 0000383 _____ () C:\Program Files (x86)\Countryside.w_
2014-03-31 18:54 - 2002-01-22 17:18 - 0004697 _____ () C:\Program Files (x86)\Crystalize_pf.ex_
2014-03-31 18:54 - 1996-08-20 23:00 - 0015600 _____ () C:\Program Files (x86)\Ctl3d32.dl_
2014-03-31 18:54 - 2001-06-08 04:59 - 0000405 _____ () C:\Program Files (x86)\Daisys.w_
2014-03-31 18:54 - 2001-04-18 00:48 - 0003969 _____ () C:\Program Files (x86)\Def_Gradient.gr_
2014-03-31 18:54 - 2002-08-23 03:04 - 0066779 _____ () C:\Program Files (x86)\def_mdiform_bitmap.jp_
2014-03-31 18:54 - 2003-12-20 12:48 - 0000389 _____ () C:\Program Files (x86)\Def_Res.tx_
2014-03-31 18:54 - 2002-08-21 07:41 - 0017460 _____ () C:\Program Files (x86)\Def_Wallpaper.bm_
2014-03-31 18:54 - 2001-05-13 17:22 - 0000452 _____ () C:\Program Files (x86)\Def_well.w_
2014-03-31 18:54 - 2004-01-29 15:40 - 1533663 _____ () C:\Program Files (x86)\dogwaffle.ex_
2014-03-31 18:54 - 2003-10-27 08:53 - 0001363 _____ () C:\Program Files (x86)\DogWeb.ht_
2014-03-31 18:54 - 2003-06-22 15:33 - 0012575 _____ () C:\Program Files (x86)\DogWillow.op_
2014-03-31 18:54 - 2003-11-04 12:22 - 0017663 _____ () C:\Program Files (x86)\drbrush.dl_
2014-03-31 18:54 - 2003-11-04 10:45 - 0045953 _____ () C:\Program Files (x86)\drfilter.dl_
2014-03-31 18:54 - 2003-10-26 10:15 - 0013880 _____ () C:\Program Files (x86)\drFloodfill.dl_
2014-03-31 18:54 - 2004-01-02 22:59 - 0023230 _____ () C:\Program Files (x86)\Drpaint.dl_
2014-03-31 18:54 - 2001-07-13 02:22 - 0022094 _____ () C:\Program Files (x86)\DR_BUTTON_CONTROLL.OC_
2014-03-31 18:54 - 2001-06-12 23:02 - 0023327 _____ () C:\Program Files (x86)\DR_MX_BUTTON_CONTROLL.OC_
2014-03-31 18:54 - 2002-03-29 11:45 - 0000469 _____ () C:\Program Files (x86)\Earthy.w_
2014-03-31 18:54 - 2004-01-03 12:28 - 0003276 _____ () C:\Program Files (x86)\ExploreTempDir_pm.ex_
2014-03-31 18:54 - 2003-05-01 21:50 - 0012113 _____ () C:\Program Files (x86)\Fancyful.op_
2014-03-31 18:54 - 2001-06-07 03:35 - 0000366 _____ () C:\Program Files (x86)\ForestGreens.w_
2014-03-31 18:54 - 2002-02-08 11:06 - 0004986 _____ () C:\Program Files (x86)\FrameFromClipboard_pm.ex_
2014-03-31 18:54 - 2003-06-22 18:10 - 0012008 _____ () C:\Program Files (x86)\Garland.op_
2014-03-31 18:54 - 2001-04-08 10:33 - 0005395 _____ () C:\Program Files (x86)\Globe_pf.ex_
2014-03-31 18:54 - 2001-06-09 06:20 - 0000422 _____ () C:\Program Files (x86)\GoldenAge_well.w_
2014-03-31 18:54 - 2001-05-27 15:33 - 0004098 _____ () C:\Program Files (x86)\Gradient_To_VB_pm.ex_
2014-03-31 18:54 - 2003-06-23 19:42 - 0012712 _____ () C:\Program Files (x86)\Grass.op_
2014-03-31 18:54 - 2004-01-07 11:00 - 0005718 _____ () C:\Program Files (x86)\Grid_pm.ex_
2014-03-31 18:54 - 2002-10-08 13:33 - 0003969 _____ () C:\Program Files (x86)\GunMetals.gr_
2014-03-31 18:54 - 2003-05-01 21:44 - 0012118 _____ () C:\Program Files (x86)\Hivey.op_
2014-03-31 18:54 - 2001-07-13 02:00 - 0015303 _____ () C:\Program Files (x86)\HPROP.OC_
2014-03-31 18:54 - 2002-01-21 04:37 - 0005287 _____ () C:\Program Files (x86)\iff_px.ex_
2014-03-31 18:54 - 2001-02-09 14:57 - 0004964 _____ () C:\Program Files (x86)\IM_MOD_RL_histogram_.dl_
2014-03-31 18:54 - 2003-10-26 10:36 - 0002467 _____ () C:\Program Files (x86)\Keyboard_Document.rt_
2014-03-31 18:54 - 2002-11-01 14:11 - 0003383 _____ () C:\Program Files (x86)\KeyInvert_pb.ex_
2014-03-31 18:54 - 2002-11-01 14:10 - 0003675 _____ () C:\Program Files (x86)\KeyToBlack_pb.ex_
2014-03-31 18:54 - 2002-11-01 14:13 - 0003676 _____ () C:\Program Files (x86)\KeyToLuminance_pb.ex_
2014-03-31 18:54 - 2003-11-13 12:48 - 0005545 _____ () C:\Program Files (x86)\Key_Grow_pb.ex_
2014-03-31 18:54 - 2003-11-13 13:15 - 0005053 _____ () C:\Program Files (x86)\Key_Shrink_pb.ex_
2014-03-31 18:54 - 2002-01-24 18:19 - 0004619 _____ () C:\Program Files (x86)\Maximize_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:55 - 0005264 _____ () C:\Program Files (x86)\MaxMin_pf.ex_
2014-03-31 18:54 - 2002-01-21 03:42 - 0005684 _____ () C:\Program Files (x86)\Median_pf.ex_
2014-03-31 18:54 - 2001-04-18 15:33 - 0004534 _____ () C:\Program Files (x86)\Metals.gr_
2014-03-31 18:54 - 2001-06-07 03:23 - 0000382 _____ () C:\Program Files (x86)\Midnight.w_
2014-03-31 18:54 - 2002-01-24 18:20 - 0004409 _____ () C:\Program Files (x86)\Minimize_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:35 - 0006334 _____ () C:\Program Files (x86)\MinMax_pf.ex_
2014-03-31 18:54 - 2000-11-19 15:02 - 0004605 _____ () C:\Program Files (x86)\Mirrage_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:54 - 0004737 _____ () C:\Program Files (x86)\Mosaic_pf.ex_
2014-03-31 18:54 - 2002-09-23 10:29 - 0010655 _____ () C:\Program Files (x86)\MotionBlur_pf.ex_
2014-03-31 18:54 - 1998-11-03 10:45 - 0048479 _____ () C:\Program Files (x86)\MsStkPrp.dl_
2014-03-31 18:54 - 1999-12-07 12:00 - 0865616 _____ () C:\Program Files (x86)\MSVBVM50.dl_
2014-03-31 18:54 - 2002-01-24 18:25 - 0004981 _____ () C:\Program Files (x86)\Mysticvision_pf.ex_
2014-03-31 18:54 - 2001-06-07 03:56 - 0000371 _____ () C:\Program Files (x86)\OakBark.w_
2014-03-31 18:54 - 1997-05-19 07:08 - 0320739 _____ () C:\Program Files (x86)\OleAut32.dl_
2014-03-31 18:54 - 1997-05-19 07:08 - 0067142 _____ () C:\Program Files (x86)\OlePro32.dl_
2014-03-31 18:54 - 2001-06-11 01:54 - 0004987 _____ () C:\Program Files (x86)\OptimizedPaletteTest_pf.ex_
2014-03-31 18:54 - 2001-06-06 11:06 - 0005477 _____ () C:\Program Files (x86)\OptimizedPalette_pf.ex_
2014-03-31 18:54 - 2002-11-03 12:33 - 0006796 _____ () C:\Program Files (x86)\Paint_on_alpha_pm.ex_
2014-03-31 18:54 - 2001-06-09 06:18 - 0004906 _____ () C:\Program Files (x86)\PaletteToWells_pm.ex_
2014-03-31 18:54 - 2002-01-30 08:24 - 0012268 _____ () C:\Program Files (x86)\Pine_Branches.op_
2014-03-31 18:54 - 2002-11-03 12:24 - 0003826 _____ () C:\Program Files (x86)\printerPrefs_generic_px.ex_
2014-03-31 18:54 - 2002-09-20 03:40 - 0010701 _____ () C:\Program Files (x86)\print_generic_px.ex_
2014-03-31 18:54 - 2001-06-07 03:26 - 0000385 _____ () C:\Program Files (x86)\Pumpkin.w_
2014-03-31 18:54 - 2002-02-12 04:45 - 0001745 _____ () C:\Program Files (x86)\readme.rt_
2014-03-31 18:54 - 2002-11-13 16:34 - 0000243 _____ () C:\Program Files (x86)\ReadMe.tx_
2014-03-31 18:54 - 2002-10-08 13:53 - 0004885 _____ () C:\Program Files (x86)\Reds.gr_
2014-03-31 18:54 - 1997-01-13 00:00 - 0126780 _____ () C:\Program Files (x86)\RichEd32.dl_
2014-03-31 18:54 - 1998-06-23 23:00 - 0117028 _____ () C:\Program Files (x86)\RICHTX32.OC_
2014-03-31 18:54 - 2001-06-07 03:47 - 0000381 _____ () C:\Program Files (x86)\Sand.w_
2014-03-31 18:54 - 2002-09-20 03:11 - 0004207 _____ () C:\Program Files (x86)\ScaleAlpha_pm.ex_
2014-03-31 18:54 - 2003-10-06 18:07 - 0023758 _____ () C:\Program Files (x86)\screenshot2-300.jp_
2014-03-31 18:54 - 2003-12-20 14:49 - 0004287 _____ () C:\Program Files (x86)\Sepia_pf.ex_
2014-03-31 18:54 - 1997-01-16 00:00 - 0089600 _____ (Microsoft Corporation) C:\Program Files (x86)\SETUP.EXE
2014-03-31 18:54 - 2004-01-29 15:50 - 0017280 _____ () C:\Program Files (x86)\SETUP.LST
2014-03-31 18:54 - 1997-03-05 17:11 - 0073501 _____ () C:\Program Files (x86)\setup1.ex_
2014-03-31 18:54 - 2001-06-07 03:46 - 0000367 _____ () C:\Program Files (x86)\Sky.w_
2014-03-31 18:54 - 2002-10-08 14:06 - 0003188 _____ () C:\Program Files (x86)\Skys.gr_
2014-03-31 18:54 - 2003-05-01 21:37 - 0012178 _____ () C:\Program Files (x86)\Spiro.op_
2014-03-31 18:54 - 2004-01-27 17:49 - 0047473 _____ () C:\Program Files (x86)\Splash.jp_
2014-03-31 18:54 - 1997-01-16 00:00 - 0037850 _____ () C:\Program Files (x86)\ST5UNST.EX_
2014-03-31 18:54 - 1997-05-19 07:08 - 0007134 _____ () C:\Program Files (x86)\StdOle2.tl_
2014-03-31 18:54 - 2003-11-29 15:47 - 0023514 _____ () C:\Program Files (x86)\Store_Alpha_pm.ex_
2014-03-31 18:54 - 2002-09-05 03:01 - 0007260 _____ () C:\Program Files (x86)\Store_Brush_pb.ex_
2014-03-31 18:54 - 2002-09-05 01:44 - 0012899 _____ () C:\Program Files (x86)\Store_Buffer_pm.ex_
2014-03-31 18:54 - 2002-03-29 12:00 - 0000520 _____ () C:\Program Files (x86)\Study.w_
2014-03-31 18:54 - 2003-10-25 11:15 - 0000512 _____ () C:\Program Files (x86)\TabletSupport.rt_
2014-03-31 18:54 - 2002-08-09 05:44 - 0000520 _____ () C:\Program Files (x86)\Test1.w_
2014-03-31 18:54 - 2003-10-17 10:49 - 0025398 _____ () C:\Program Files (x86)\Thumb_Book.gi_
2014-03-31 18:54 - 2002-01-30 08:18 - 0012270 _____ () C:\Program Files (x86)\Trees.op_
2014-03-31 18:54 - 2001-06-07 03:43 - 0000400 _____ () C:\Program Files (x86)\Valencia.w_
2014-03-31 18:54 - 1997-01-16 00:00 - 0016457 _____ () C:\Program Files (x86)\VB5StKit.dl_
2014-03-31 18:54 - 2003-06-05 20:01 - 0097631 _____ () C:\Program Files (x86)\VBTablet.dl_
2014-03-31 18:54 - 2002-10-08 13:46 - 0003435 _____ () C:\Program Files (x86)\Vents.gr_
2014-03-31 18:54 - 2002-10-08 13:42 - 0002895 _____ () C:\Program Files (x86)\Warnings.gr_
2014-03-31 18:54 - 2003-06-23 19:49 - 0013491 _____ () C:\Program Files (x86)\WinterBranches.op_
2014-03-31 18:54 - 2003-11-25 13:25 - 0016674 _____ () C:\Program Files (x86)\Zoom_pf.ex_
2014-05-11 20:03 - 2014-05-11 20:16 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-05 02:21 - 2014-05-11 18:39 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe Targa-Format CC - Voreinstellungen
2014-05-16 21:31 - 2014-08-08 16:31 - 0000305 _____ () C:\Users\Admin\AppData\Roaming\BreakingPoint_Login.ini
2014-05-16 19:43 - 2014-08-08 18:00 - 0001579 _____ () C:\Users\Admin\AppData\Roaming\BreakingPoint_Options.ini
2014-04-06 21:04 - 2014-04-06 22:00 - 0001456 _____ () C:\Users\Admin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-04 19:59 - 2014-04-30 14:23 - 0005632 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-02 16:57 - 2014-04-02 16:57 - 0007691 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2013-09-02 14:20 - 2014-12-28 17:47 - 0007597 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-08-14 20:36 - 2014-08-14 20:36 - 0000040 _____ () C:\ProgramData\ra3.ini

Files to move or delete:
====================
C:\Users\Admin\12_bit_dither_pf.exe
C:\Users\Admin\Alpha_Grow_pm.exe
C:\Users\Admin\Alpha_Shrink_pm.exe
C:\Users\Admin\Artmap.dat
C:\Users\Admin\AverageFrames_pm.exe
C:\Users\Admin\bmp_load_pb.exe
C:\Users\Admin\bmp_save_pb.exe
C:\Users\Admin\cellular_pf.exe
C:\Users\Admin\ChangeDPI_px.exe
C:\Users\Admin\Clipboard_Export_pb.exe
C:\Users\Admin\Clipboard_Import_pb.exe
C:\Users\Admin\Crystalize_pf.exe
C:\Users\Admin\dogwaffle.exe
C:\Users\Admin\drbrush.dll
C:\Users\Admin\drfilter.dll
C:\Users\Admin\drFloodfill.dll
C:\Users\Admin\Drpaint.dll
C:\Users\Admin\ExploreTempDir_pm.exe
C:\Users\Admin\FrameFromClipboard_pm.exe
C:\Users\Admin\Globe_pf.exe
C:\Users\Admin\Gradient_To_VB_pm.exe
C:\Users\Admin\Grid_pm.exe
C:\Users\Admin\iff_px.exe
C:\Users\Admin\IM_MOD_RL_histogram_.dll
C:\Users\Admin\KeyInvert_pb.exe
C:\Users\Admin\KeyToBlack_pb.exe
C:\Users\Admin\KeyToLuminance_pb.exe
C:\Users\Admin\Key_Grow_pb.exe
C:\Users\Admin\Key_Shrink_pb.exe
C:\Users\Admin\Maximize_pf.exe
C:\Users\Admin\MaxMin_pf.exe
C:\Users\Admin\Median_pf.exe
C:\Users\Admin\Minimize_pf.exe
C:\Users\Admin\MinMax_pf.exe
C:\Users\Admin\Mirrage_pf.exe
C:\Users\Admin\Mosaic_pf.exe
C:\Users\Admin\MotionBlur_pf.exe
C:\Users\Admin\Mysticvision_pf.exe
C:\Users\Admin\OptimizedPaletteTest_pf.exe
C:\Users\Admin\OptimizedPalette_pf.exe
C:\Users\Admin\Paint_on_alpha_pm.exe
C:\Users\Admin\PaletteToWells_pm.exe
C:\Users\Admin\printerPrefs_generic_px.exe
C:\Users\Admin\print_generic_px.exe
C:\Users\Admin\ScaleAlpha_pm.exe
C:\Users\Admin\Sepia_pf.exe
C:\Users\Admin\Store_Alpha_pm.exe
C:\Users\Admin\Store_Brush_pb.exe
C:\Users\Admin\Store_Buffer_pm.exe
C:\Users\Admin\VBTablet.dll
C:\Users\Admin\Zoom_pf.exe


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\awesomium_setup.exe
C:\Users\Admin\AppData\Local\Temp\install_flashplayer13x32au_mssd_awb_aih_1.exe
C:\Users\Admin\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-18-g071d500-b2935jnks.dll
C:\Users\Admin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Admin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\raptrpatch.exe
C:\Users\Admin\AppData\Local\Temp\SETUP.EXE
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\sonarinst.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\ssleay32.dll
C:\Users\Admin\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Admin\AppData\Local\Temp\Uninstaller-3820.exe
C:\Users\Admin\AppData\Local\Temp\Uninstaller-5712.exe
C:\Users\Admin\AppData\Local\Temp\Uninstaller-7868.exe
C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Admin\AppData\Local\Temp\_is33FF.exe
C:\Users\Admin\AppData\Local\Temp\_is4D95.exe
C:\Users\Admin\AppData\Local\Temp\_is53B5.exe
C:\Users\Admin\AppData\Local\Temp\_isDAC5.exe
C:\Users\Admin\AppData\Local\Temp\_isECCB.exe
C:\Users\Admin\AppData\Local\Temp\_isF584.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-21 14:31

==================== End Of Log ============================
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.108 - Bericht erstellt am 21/01/2015 um 14:49:50
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-18.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Orhan - BIT-SHOP-PC
# Gestartet von : C:\Users\Admin\Desktop\AdwCleaner_4.108.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Check Point Software Technologies LTD
Ordner Gelöscht : C:\Users\Admin\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{566EBE84-1B55-42B6-A2B3-8597AB30C73B}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v27.0.1 (de)


-\\ Google Chrome v39.0.2171.99


-\\ Chromium v


-\\ Opera v26.0.1656.60


*************************

AdwCleaner[R0].txt - [7636 octets] - [21/01/2015 14:27:18]
AdwCleaner[S0].txt - [7123 octets] - [21/01/2015 14:49:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7183 octets] ##########
         
--- --- ---JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Orhan on 21.01.2015 at 14:57:50,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
Successfully deleted: [File] C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\zngerbaq.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.01.2015 at 15:01:12,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 21.01.2015
Suchlauf-Zeit: 13:57:35
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.21.06
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Orhan

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 385306
Verstrichene Zeit: 12 Min, 24 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-3589104308-3585437864-706008238-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, In Quarantäne, [937748b2c4c5f93db452f08b54af3dc3],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)


Alt 21.01.2015, 16:38   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Steam SCR. Virus? - Standard

Steam SCR. Virus?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Steam SCR. Virus?

Alt 22.01.2015, 21:08   #7
Ohrmann
 
Steam SCR. Virus? - Standard

Steam SCR. Virus?



ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b0b86a2ac357dc409dcbe8b64b613b49
# engine=22097
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-22 08:55:09
# local_time=2015-01-22 09:55:09 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 714741 184556694 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6046154 46180594 0 0
# scanned=451772
# found=9
# cleaned=0
# scan_time=8754
sh=95BA16E8DC56509B7FE6FECAE01788B371884D54 ft=1 fh=2ab1e7309520311b vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\escortShld.dll.vir"
sh=4CD483AE1ADF0BD259C612CD356D19B3315A73AF ft=1 fh=69773bfd872c2fda vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\uninstall.exe.vir"
sh=8E79492D89D79726BBF7A3012DD0F6F1EAEDE34F ft=1 fh=c71c0011e5827a74 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmApp.dll.vir"
sh=AE638A448B587E19589F749E9CDCB2C6282B5C7F ft=1 fh=fb95174cb413b8bf vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmEng.dll.vir"
sh=2C7E92DBF6A14DE89382CCC9C9E2807B5EB3F906 ft=1 fh=d7cdf3a9bac82201 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmsrv.exe.vir"
sh=1D1FAB6A160F93255902ADD821CA8CE9E32CA3B6 ft=1 fh=ea5abdb1c4cea4fa vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll.vir"
sh=952297929B36D1F23B0543AAD65417E6BF052C33 ft=1 fh=3be06046f2abc5bc vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll.vir"
sh=91DC006B84C4F51ADCADC1BB498E3376FC40130E ft=1 fh=c3b5952672b90e6f vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"
sh=30457F7CFBCDA8749B9CD92F573741C817F1503F ft=1 fh=28278fd3183d6da2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Temp\DMR\dmr_72.exe"

Results of screen317's Security Check version 0.99.93
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 25
Java version 32-bit out of Date!
Adobe Flash Player 16.0.0.287
Adobe Reader XI
Mozilla Firefox 27.0.1 Firefox out of Date!
Google Chrome (39.0.2171.95)
Google Chrome (39.0.2171.99)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Orhan (administrator) on BIT-SHOP-PC on 22-01-2015 22:04:05
Running from C:\Users\Admin\Desktop
Loaded Profiles: Orhan (Available profiles: Orhan)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
() C:\Windows\System32\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2015-01-12] (Overwolf LTD)
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-13] (Tonec Inc.)
IFEO\CNC3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
IFEO\CNC3EP1.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
IFEO\generals.exe: [Debugger] 
IFEO\RA3.exe: [Debugger] 
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3589104308-3585437864-706008238-1001\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland
HKU\S-1-5-21-3589104308-3585437864-706008238-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3589104308-3585437864-706008238-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Download videos and MP3s from YouTube - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-30]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zngerbaq.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.8.0.14\coFFFw
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-17]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-30]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2015-01-18]
FF HKU\S-1-5-21-3589104308-3585437864-706008238-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-04]
CHR Extension: (Norton Identity Safe) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-04]
CHR Extension: (IDM Integration Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-21]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-05]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-25] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-12] ()
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [175136 2014-09-13] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-12] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-11-17] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-11-11] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-12] (Symantec Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150121.001\IDSvia64.sys [668888 2015-01-14] (Symantec Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150121.009\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150121.009\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-15] (Symantec Corporation)
S1 SymIM; C:\Windows\system32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 22:04 - 2015-01-22 22:04 - 00026111 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-01-22 21:58 - 2015-01-22 21:58 - 00852504 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2015-01-22 19:50 - 2015-01-22 19:50 - 03353776 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-01-22 19:13 - 2015-01-22 19:13 - 02347384 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe
2015-01-21 15:01 - 2015-01-21 15:01 - 00001131 _____ () C:\Users\Admin\Desktop\JRT.txt
2015-01-21 14:57 - 2015-01-21 14:57 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-21 14:56 - 2015-01-21 14:56 - 01707939 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2015-01-21 14:52 - 2015-01-21 14:52 - 00007291 _____ () C:\Users\Admin\Desktop\AdwCleaner[S0].txt
2015-01-21 14:27 - 2015-01-21 14:49 - 00000000 ____D () C:\AdwCleaner
2015-01-21 14:22 - 2015-01-21 14:22 - 00001341 _____ () C:\Users\Admin\Desktop\mbam.txt
2015-01-21 13:56 - 2015-01-21 14:19 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 13:56 - 2015-01-21 13:56 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-21 13:56 - 2015-01-21 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-21 13:56 - 2015-01-21 13:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 13:56 - 2015-01-21 13:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-21 13:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-21 13:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-21 13:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-20 23:23 - 2015-01-22 22:04 - 00000000 ____D () C:\FRST
2015-01-20 23:22 - 2015-01-20 23:22 - 02126848 _____ (Farbar) C:\Users\Admin\Desktop\frst64.exe
2015-01-19 20:23 - 2015-01-19 22:10 - 01141760 _____ () C:\Users\Admin\Desktop\Musik Stimuliert 10B (1).ppt
2015-01-19 20:23 - 2015-01-19 20:23 - 00026624 _____ () C:\Users\Admin\Desktop\Musik Stimuliert 10B.ppt
2015-01-18 02:56 - 2015-01-18 02:56 - 04623243 _____ () C:\Users\Admin\Desktop\Deadlock- The Journey Begins.zip
2015-01-18 01:25 - 2015-01-18 01:25 - 01580443 _____ () C:\Users\Admin\Downloads\1.8flowshd (1).zip.opdownload
2015-01-18 01:22 - 2015-01-20 20:45 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-01-18 01:22 - 2015-01-18 01:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\IDM
2015-01-18 01:22 - 2015-01-18 01:22 - 00001036 _____ () C:\Users\Admin\Desktop\Internet Download Manager.lnk
2015-01-18 01:22 - 2015-01-18 01:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-18 01:22 - 2015-01-18 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-18 01:19 - 2015-01-18 01:25 - 09091528 _____ () C:\Users\Admin\Downloads\FlowsHD-1.7.rar.opdownload
2015-01-18 01:17 - 2015-01-18 01:25 - 00539578 _____ () C:\Users\Admin\Downloads\1.7.10_flows_hd_64x.zip.opdownload
2015-01-18 01:16 - 2015-01-18 01:25 - 19556526 _____ () C:\Users\Admin\Downloads\1.8flowshd.zip.opdownload
2015-01-18 00:58 - 2015-01-18 02:56 - 00000000 ____D () C:\Users\Admin\Desktop\MC A
2015-01-18 00:56 - 2015-01-18 00:56 - 15087273 _____ () C:\Users\Admin\Desktop\The Idol and the Golden City v1.3.zip
2015-01-16 13:21 - 2015-01-16 13:21 - 00000000 ____D () C:\Users\Admin\Desktop\2015_01_16
2015-01-16 13:17 - 2015-01-16 13:17 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2015-01-14 13:37 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 13:37 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 13:37 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 13:37 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 13:37 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 13:37 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 13:37 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 13:37 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 13:37 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 13:37 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 13:37 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 13:37 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 13:37 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 13:37 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 13:37 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 13:37 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 13:37 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 13:37 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 13:37 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 13:37 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 13:37 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 13:37 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 13:37 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-13 13:36 - 2014-11-29 01:37 - 00180648 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2015-01-11 22:07 - 2015-01-14 16:14 - 00000113 _____ () C:\Users\Admin\Desktop\CS AIM.txt
2015-01-05 01:16 - 2013-11-26 18:59 - 01258712 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bcmwlhigh664.sys
2015-01-05 01:16 - 2013-07-31 21:33 - 00096560 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmwlcoi.dll
2015-01-05 01:16 - 2013-07-31 19:01 - 03566592 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll
2015-01-05 01:16 - 2013-07-31 19:00 - 03900928 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvsrv64.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\Packet.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00053299 _____ () C:\WINDOWS\SysWOW64\pthreadVC.dll
2015-01-05 01:16 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2015-01-05 01:13 - 2015-01-05 01:14 - 82282786 _____ () C:\Users\Admin\Desktop\WNA3100_V2.2.0.2.zip
2015-01-04 22:05 - 2015-01-04 22:05 - 00000000 ____D () C:\ProgramData\Riot Games
2015-01-04 22:04 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-01-04 22:04 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-01-04 22:04 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-01-04 17:43 - 2015-01-04 17:44 - 06694568 _____ () C:\Users\Admin\Desktop\Monolith Pack Version 3 Ausf. B2.zip
2015-01-04 15:57 - 2015-01-04 15:57 - 00001076 _____ () C:\Users\Public\Desktop\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
2015-01-04 15:55 - 2013-09-25 09:44 - 08390656 _____ () C:\Users\Admin\Desktop\P8Z77-M-ASUS-2105.CAP
2015-01-04 15:30 - 2015-01-04 15:30 - 04467037 _____ () C:\Users\Admin\Desktop\P8Z77-M-ASUS-2105.zip
2015-01-04 04:18 - 2015-01-04 04:18 - 00000900 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-01-04 04:15 - 2015-01-04 04:55 - 01243184 _____ ( ) C:\Users\Admin\Downloads\cpu-z_1.71-setup-en (1).exe.opdownload
2015-01-04 04:14 - 2015-01-04 04:14 - 01577512 _____ ( ) C:\Users\Admin\Desktop\cpu-z_1.71-setup-en.exe
2015-01-04 00:40 - 2015-01-04 00:40 - 00042214 _____ () C:\Users\Admin\Downloads\CUDA Shaders v4.2 Ultra.zip
2015-01-03 23:27 - 2015-01-12 21:45 - 00000000 ____D () C:\Users\Admin\Desktop\Schulkram
2015-01-03 23:23 - 2015-01-03 23:23 - 03077905 _____ () C:\Users\Admin\Desktop\forge-1.7.10-10.13.2.1230-installer.jar
2015-01-03 23:22 - 2015-01-04 17:46 - 00000000 ____D () C:\Users\Admin\Desktop\MCFMF
2015-01-03 20:37 - 2015-01-04 03:09 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-03 20:37 - 2015-01-03 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-01-03 20:24 - 2015-01-03 20:24 - 00001492 _____ () C:\Users\Admin\Desktop\Battle.net Launcher - Verknüpfung.lnk
2015-01-03 20:00 - 2015-01-03 21:46 - 01110951 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (3).exe.opdownload
2015-01-03 19:59 - 2015-01-03 21:46 - 01100927 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (1).exe.opdownload
2015-01-03 19:59 - 2015-01-03 21:46 - 00750087 _____ () C:\Users\Admin\Downloads\CNCFalloutV02 (2).exe.opdownload
2015-01-03 19:58 - 2015-01-03 21:46 - 00397815 _____ () C:\Users\Admin\Downloads\CNCFalloutV02.exe.opdownload
2015-01-01 21:15 - 2015-01-20 23:15 - 00000308 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2015-01-01 21:15 - 2015-01-01 21:15 - 00472336 _____ (Zone Labs Inc.) C:\WINDOWS\SysWOW64\ssleay32.dll
2015-01-01 21:14 - 2015-01-21 14:54 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder
2015-01-01 21:14 - 2015-01-01 21:14 - 00001100 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2015-01-01 21:14 - 2015-01-01 21:14 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-01 21:14 - 2015-01-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2015-01-01 21:12 - 2015-01-01 21:12 - 00002955 _____ () C:\Users\Admin\Desktop\C&C Online.lnk
2015-01-01 21:12 - 2015-01-01 21:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNCOnline
2015-01-01 21:12 - 2015-01-01 21:12 - 00000000 ____D () C:\Program Files (x86)\Revora
2015-01-01 00:40 - 2015-01-01 00:41 - 313570567 _____ () C:\Users\Admin\Desktop\TiberiumEssence_beta16 (1).zip
2015-01-01 00:39 - 2015-01-01 00:43 - 08303896 _____ () C:\Users\Admin\Downloads\TiberiumEssence_beta16.zip.opdownload
2015-01-01 00:28 - 2015-01-01 00:33 - 00000000 ____D () C:\Users\Admin\Desktop\PRIME95 (1)
2014-12-29 01:49 - 2014-12-29 01:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-12-29 01:48 - 2014-12-29 01:48 - 00001098 _____ () C:\Users\Admin\Desktop\TEMP MESSEN.lnk
2014-12-29 01:48 - 2014-12-29 01:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-12-29 00:21 - 2014-12-29 00:21 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\java
2014-12-29 00:17 - 2014-12-29 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2014-12-29 00:17 - 2014-12-29 00:17 - 00000000 ____D () C:\Program Files (x86)\HWiNFO32
2014-12-28 19:56 - 2014-12-28 19:56 - 01689384 _____ (techPowerUp (TechPowerUp)) C:\Users\Admin\Desktop\GPU-Z.0.8.0.exe
2014-12-28 17:42 - 2014-12-30 16:26 - 00000168 _____ () C:\Users\Admin\Desktop\local.txt
2014-12-28 17:37 - 2014-12-28 17:37 - 05378177 _____ () C:\Users\Admin\Downloads\p95v285.win64.zip
2014-12-28 15:58 - 2015-01-22 19:12 - 00000000 _____ () C:\WINDOWS\Path.idx
2014-12-28 15:56 - 2014-12-28 15:56 - 00000000 _____ () C:\WINDOWS\SysWOW64\Drivers\1043_ASUSTeK_P8Z77-M.alu
2014-12-28 15:53 - 2015-01-22 19:06 - 01048576 _____ () C:\WINDOWS\PE_Rom.dll
2014-12-28 15:46 - 2014-12-28 15:46 - 00000000 ____D () C:\Program Files\ASUS
2014-12-28 15:45 - 2014-12-28 15:45 - 00007678 _____ () C:\WINDOWS\DPINST.LOG
2014-12-28 15:45 - 2014-12-28 15:45 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-12-28 15:45 - 2012-05-17 11:57 - 00026136 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2014-12-28 15:45 - 2011-09-20 05:25 - 00046152 ____R (MCCI Corporation) C:\WINDOWS\SysWOW64\Drivers\ASUSFILTER.sys
2014-12-28 15:44 - 2012-05-31 04:06 - 00032400 ____R (NT Kernel Resources) C:\WINDOWS\system32\Drivers\ndisrd.sys
2014-12-28 15:43 - 2014-12-28 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-28 15:43 - 2012-09-14 03:06 - 00014464 ____R () C:\WINDOWS\SysWOW64\Drivers\AsUpIO.sys
2014-12-28 15:43 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll
2014-12-28 15:42 - 2015-01-04 15:19 - 00000000 ____D () C:\WINDOWS\System32\Tasks\ASUS
2014-12-28 15:42 - 2014-12-28 15:42 - 00000000 ____D () C:\ProgramData\ASUS
2014-12-28 15:41 - 2015-01-04 15:13 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-28 15:41 - 2014-12-28 15:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\Drivers\MFDLL
2014-12-28 15:41 - 2012-08-22 10:54 - 00015232 ____R () C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2014-12-28 15:41 - 2010-06-29 08:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2014-12-28 15:41 - 2008-01-04 06:34 - 00011832 ____N () C:\WINDOWS\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-28 15:41 - 2008-01-04 06:34 - 00010216 ____N () C:\WINDOWS\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-28 15:35 - 2014-12-28 15:36 - 02699320 _____ (Martin Malík - REALiX ) C:\Users\Admin\Downloads\hw64_448.exe
2014-12-28 15:31 - 2014-12-28 15:31 - 01190544 _____ ( ) C:\Users\Admin\Downloads\hwmonitor_1.26-setup.exe
2014-12-27 17:58 - 2014-12-27 17:59 - 31815495 _____ () C:\Users\Admin\Downloads\Coop-24_CustomCampaigns.exe.opdownload
2014-12-26 17:13 - 2014-12-26 17:13 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-22 21:57 - 2013-10-23 16:16 - 01957912 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-22 21:50 - 2013-10-13 01:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-22 21:37 - 2014-01-20 14:57 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-22 20:48 - 2014-10-02 18:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-22 19:50 - 2013-10-13 01:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-22 19:26 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-22 19:25 - 2013-09-02 08:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3589104308-3585437864-706008238-1001
2015-01-22 19:20 - 2013-09-04 14:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-22 19:16 - 2014-11-02 23:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Notepad++
2015-01-22 19:16 - 2014-11-02 23:58 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-01-22 19:04 - 2014-12-17 21:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Raptr
2015-01-22 19:04 - 2014-01-20 14:57 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 14:51 - 2014-01-24 22:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-01-21 14:50 - 2013-09-29 20:04 - 00495354 _____ () C:\WINDOWS\PFRO.log
2015-01-21 14:50 - 2013-08-22 15:46 - 00352815 _____ () C:\WINDOWS\setupact.log
2015-01-21 14:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-21 14:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-21 14:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-21 14:25 - 2014-10-28 01:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DMCache
2015-01-21 14:21 - 2013-09-30 05:14 - 00005640 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-21 14:21 - 2013-09-30 04:56 - 02319164 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-21 14:21 - 2013-09-30 04:56 - 00640914 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-21 00:30 - 2013-09-04 12:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-01-20 20:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-20 01:06 - 2014-02-16 17:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2015-01-19 22:32 - 2014-07-10 11:41 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-19 22:32 - 2014-07-10 11:41 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-19 21:27 - 2014-09-24 15:27 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-18 22:17 - 2014-04-24 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\Battle.net
2015-01-18 02:57 - 2014-08-24 22:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2015-01-17 01:43 - 2014-11-04 19:59 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 20:31 - 2013-09-02 08:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 20:08 - 2013-09-02 08:42 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-16 13:21 - 2013-09-11 17:45 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-15 22:14 - 2014-09-24 15:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Overwolf
2015-01-15 22:07 - 2014-08-29 14:15 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-01-15 16:48 - 2013-09-02 08:09 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2015-01-11 21:55 - 2013-09-04 12:36 - 00512046 _____ () C:\WINDOWS\DirectX.log
2015-01-06 13:35 - 2013-11-22 14:27 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-05 01:16 - 2013-09-02 13:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-05 01:14 - 2014-01-14 10:53 - 40673376 _____ (Macrovision Corporation) C:\Users\Admin\Desktop\Setup.exe
2015-01-05 00:49 - 2013-09-20 21:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2015-01-04 23:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-04 22:04 - 2013-10-23 18:35 - 00000000 ____D () C:\Riot Games
2015-01-04 16:21 - 2014-10-05 17:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-04 15:57 - 2013-09-02 13:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-04 15:57 - 2013-09-02 13:31 - 00000000 ____D () C:\Program Files\Intel
2015-01-04 15:08 - 2013-09-02 13:26 - 00043013 _____ () C:\WINDOWS\Ascd_log.ini
2015-01-04 15:02 - 2013-09-02 13:25 - 00032324 _____ () C:\WINDOWS\Ascd_tmp.ini
2015-01-04 04:18 - 2014-10-05 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-01-04 04:18 - 2014-10-05 16:35 - 00000000 ____D () C:\Program Files\CPUID
2015-01-04 04:03 - 2013-10-23 16:20 - 00000000 ____D () C:\Users\Admin
2015-01-04 01:00 - 2013-09-04 12:05 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 01:00 - 2013-09-04 12:05 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-03 23:30 - 2013-09-02 16:52 - 00000000 ____D () C:\Users\Admin\Desktop\Bilder
2015-01-03 20:24 - 2014-04-24 16:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-01-01 01:17 - 2013-09-04 22:05 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-01 00:11 - 2013-09-02 14:08 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 02:31 - 2013-09-04 22:05 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-30 23:01 - 2014-04-23 12:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\DayZ
2014-12-30 20:50 - 2013-09-04 12:06 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-30 16:48 - 2013-09-21 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2014-12-30 16:10 - 2014-10-05 15:59 - 00001274 _____ () C:\Users\Admin\Desktop\PRIME95 (1).ini
2014-12-30 02:10 - 2014-10-05 17:02 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-12-30 00:14 - 2014-10-08 15:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-30 00:14 - 2013-09-04 12:00 - 00000000 ____D () C:\ProgramData\Skype
2014-12-29 02:01 - 2013-09-04 22:19 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-29 01:49 - 2014-04-13 20:29 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-12-29 01:49 - 2014-04-13 20:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-12-28 17:47 - 2013-09-02 14:20 - 00007597 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-12-28 15:45 - 2013-09-02 13:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-28 15:36 - 2014-10-05 17:21 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2014-12-28 15:36 - 2014-10-05 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-12-28 15:36 - 2014-10-05 17:21 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-12-28 15:34 - 2014-10-05 16:35 - 00000946 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-12-28 00:43 - 2014-02-16 17:43 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client

==================== Files in the root of some directories =======
2014-03-31 18:54 - 2001-06-11 01:45 - 0005536 _____ () C:\Program Files (x86)\12_bit_dither_pf.ex_
2014-03-31 18:54 - 2001-06-07 03:49 - 0000407 _____ () C:\Program Files (x86)\Africa.w_
2014-03-31 18:54 - 2001-03-11 14:58 - 0004090 _____ () C:\Program Files (x86)\Alpha_Grow_pm.ex_
2014-03-31 18:54 - 2001-03-11 14:54 - 0004108 _____ () C:\Program Files (x86)\Alpha_Shrink_pm.ex_
2014-03-31 18:54 - 2003-10-28 07:42 - 0003942 _____ () C:\Program Files (x86)\antique1.gr_
2014-03-31 18:54 - 2003-10-28 07:43 - 0004058 _____ () C:\Program Files (x86)\antique2.gr_
2014-03-31 18:54 - 2001-12-31 07:17 - 0066388 _____ () C:\Program Files (x86)\Artmap.da_
2014-03-31 18:54 - 1997-05-19 07:08 - 0074553 _____ () C:\Program Files (x86)\AsycFilt.dl_
2014-03-31 18:54 - 2002-02-09 07:53 - 0004837 _____ () C:\Program Files (x86)\AverageFrames_pm.ex_
2014-03-31 18:54 - 2001-04-25 22:33 - 0008507 _____ () C:\Program Files (x86)\BEVELBOX.OC_
2014-03-31 18:54 - 2000-11-04 23:05 - 0006253 _____ () C:\Program Files (x86)\bmp_load_pb.ex_
2014-03-31 18:54 - 2000-11-05 08:54 - 0004817 _____ () C:\Program Files (x86)\bmp_save_pb.ex_
2014-03-31 18:54 - 2003-05-01 21:40 - 0012121 _____ () C:\Program Files (x86)\Brainy.op_
2014-03-31 18:54 - 2002-01-30 08:08 - 0011613 _____ () C:\Program Files (x86)\Brocolly_Trails.op_
2014-03-31 18:54 - 2002-01-25 13:36 - 0004462 _____ () C:\Program Files (x86)\cellular_pf.ex_
2014-03-31 18:54 - 2002-12-29 14:29 - 0003913 _____ () C:\Program Files (x86)\ChangeDPI_px.ex_
2014-03-31 18:54 - 2002-09-03 03:27 - 0005735 _____ () C:\Program Files (x86)\Clipboard_Export_pb.ex_
2014-03-31 18:54 - 2002-11-10 14:13 - 0005499 _____ () C:\Program Files (x86)\Clipboard_Import_pb.ex_
2014-03-31 18:54 - 1998-02-27 15:28 - 0000267 _____ () C:\Program Files (x86)\Close.IC_
2014-03-31 18:54 - 2001-06-07 03:27 - 0000393 _____ () C:\Program Files (x86)\CloudySky.w_
2014-03-31 18:54 - 1996-10-31 00:00 - 0010146 _____ () C:\Program Files (x86)\ComCat.dl_
2014-03-31 18:54 - 2000-05-21 23:00 - 0315877 _____ () C:\Program Files (x86)\COMCTL32.OC_
2014-03-31 18:54 - 1999-05-06 23:00 - 0074707 _____ () C:\Program Files (x86)\COMDLG32.OC_
2014-03-31 18:54 - 2001-08-14 17:35 - 0011040 _____ () C:\Program Files (x86)\copying.tx_
2014-03-31 18:54 - 2001-06-07 03:22 - 0000383 _____ () C:\Program Files (x86)\Countryside.w_
2014-03-31 18:54 - 2002-01-22 17:18 - 0004697 _____ () C:\Program Files (x86)\Crystalize_pf.ex_
2014-03-31 18:54 - 1996-08-20 23:00 - 0015600 _____ () C:\Program Files (x86)\Ctl3d32.dl_
2014-03-31 18:54 - 2001-06-08 04:59 - 0000405 _____ () C:\Program Files (x86)\Daisys.w_
2014-03-31 18:54 - 2001-04-18 00:48 - 0003969 _____ () C:\Program Files (x86)\Def_Gradient.gr_
2014-03-31 18:54 - 2002-08-23 03:04 - 0066779 _____ () C:\Program Files (x86)\def_mdiform_bitmap.jp_
2014-03-31 18:54 - 2003-12-20 12:48 - 0000389 _____ () C:\Program Files (x86)\Def_Res.tx_
2014-03-31 18:54 - 2002-08-21 07:41 - 0017460 _____ () C:\Program Files (x86)\Def_Wallpaper.bm_
2014-03-31 18:54 - 2001-05-13 17:22 - 0000452 _____ () C:\Program Files (x86)\Def_well.w_
2014-03-31 18:54 - 2004-01-29 15:40 - 1533663 _____ () C:\Program Files (x86)\dogwaffle.ex_
2014-03-31 18:54 - 2003-10-27 08:53 - 0001363 _____ () C:\Program Files (x86)\DogWeb.ht_
2014-03-31 18:54 - 2003-06-22 15:33 - 0012575 _____ () C:\Program Files (x86)\DogWillow.op_
2014-03-31 18:54 - 2003-11-04 12:22 - 0017663 _____ () C:\Program Files (x86)\drbrush.dl_
2014-03-31 18:54 - 2003-11-04 10:45 - 0045953 _____ () C:\Program Files (x86)\drfilter.dl_
2014-03-31 18:54 - 2003-10-26 10:15 - 0013880 _____ () C:\Program Files (x86)\drFloodfill.dl_
2014-03-31 18:54 - 2004-01-02 22:59 - 0023230 _____ () C:\Program Files (x86)\Drpaint.dl_
2014-03-31 18:54 - 2001-07-13 02:22 - 0022094 _____ () C:\Program Files (x86)\DR_BUTTON_CONTROLL.OC_
2014-03-31 18:54 - 2001-06-12 23:02 - 0023327 _____ () C:\Program Files (x86)\DR_MX_BUTTON_CONTROLL.OC_
2014-03-31 18:54 - 2002-03-29 11:45 - 0000469 _____ () C:\Program Files (x86)\Earthy.w_
2014-03-31 18:54 - 2004-01-03 12:28 - 0003276 _____ () C:\Program Files (x86)\ExploreTempDir_pm.ex_
2014-03-31 18:54 - 2003-05-01 21:50 - 0012113 _____ () C:\Program Files (x86)\Fancyful.op_
2014-03-31 18:54 - 2001-06-07 03:35 - 0000366 _____ () C:\Program Files (x86)\ForestGreens.w_
2014-03-31 18:54 - 2002-02-08 11:06 - 0004986 _____ () C:\Program Files (x86)\FrameFromClipboard_pm.ex_
2014-03-31 18:54 - 2003-06-22 18:10 - 0012008 _____ () C:\Program Files (x86)\Garland.op_
2014-03-31 18:54 - 2001-04-08 10:33 - 0005395 _____ () C:\Program Files (x86)\Globe_pf.ex_
2014-03-31 18:54 - 2001-06-09 06:20 - 0000422 _____ () C:\Program Files (x86)\GoldenAge_well.w_
2014-03-31 18:54 - 2001-05-27 15:33 - 0004098 _____ () C:\Program Files (x86)\Gradient_To_VB_pm.ex_
2014-03-31 18:54 - 2003-06-23 19:42 - 0012712 _____ () C:\Program Files (x86)\Grass.op_
2014-03-31 18:54 - 2004-01-07 11:00 - 0005718 _____ () C:\Program Files (x86)\Grid_pm.ex_
2014-03-31 18:54 - 2002-10-08 13:33 - 0003969 _____ () C:\Program Files (x86)\GunMetals.gr_
2014-03-31 18:54 - 2003-05-01 21:44 - 0012118 _____ () C:\Program Files (x86)\Hivey.op_
2014-03-31 18:54 - 2001-07-13 02:00 - 0015303 _____ () C:\Program Files (x86)\HPROP.OC_
2014-03-31 18:54 - 2002-01-21 04:37 - 0005287 _____ () C:\Program Files (x86)\iff_px.ex_
2014-03-31 18:54 - 2001-02-09 14:57 - 0004964 _____ () C:\Program Files (x86)\IM_MOD_RL_histogram_.dl_
2014-03-31 18:54 - 2003-10-26 10:36 - 0002467 _____ () C:\Program Files (x86)\Keyboard_Document.rt_
2014-03-31 18:54 - 2002-11-01 14:11 - 0003383 _____ () C:\Program Files (x86)\KeyInvert_pb.ex_
2014-03-31 18:54 - 2002-11-01 14:10 - 0003675 _____ () C:\Program Files (x86)\KeyToBlack_pb.ex_
2014-03-31 18:54 - 2002-11-01 14:13 - 0003676 _____ () C:\Program Files (x86)\KeyToLuminance_pb.ex_
2014-03-31 18:54 - 2003-11-13 12:48 - 0005545 _____ () C:\Program Files (x86)\Key_Grow_pb.ex_
2014-03-31 18:54 - 2003-11-13 13:15 - 0005053 _____ () C:\Program Files (x86)\Key_Shrink_pb.ex_
2014-03-31 18:54 - 2002-01-24 18:19 - 0004619 _____ () C:\Program Files (x86)\Maximize_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:55 - 0005264 _____ () C:\Program Files (x86)\MaxMin_pf.ex_
2014-03-31 18:54 - 2002-01-21 03:42 - 0005684 _____ () C:\Program Files (x86)\Median_pf.ex_
2014-03-31 18:54 - 2001-04-18 15:33 - 0004534 _____ () C:\Program Files (x86)\Metals.gr_
2014-03-31 18:54 - 2001-06-07 03:23 - 0000382 _____ () C:\Program Files (x86)\Midnight.w_
2014-03-31 18:54 - 2002-01-24 18:20 - 0004409 _____ () C:\Program Files (x86)\Minimize_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:35 - 0006334 _____ () C:\Program Files (x86)\MinMax_pf.ex_
2014-03-31 18:54 - 2000-11-19 15:02 - 0004605 _____ () C:\Program Files (x86)\Mirrage_pf.ex_
2014-03-31 18:54 - 2000-11-19 14:54 - 0004737 _____ () C:\Program Files (x86)\Mosaic_pf.ex_
2014-03-31 18:54 - 2002-09-23 10:29 - 0010655 _____ () C:\Program Files (x86)\MotionBlur_pf.ex_
2014-03-31 18:54 - 1998-11-03 10:45 - 0048479 _____ () C:\Program Files (x86)\MsStkPrp.dl_
2014-03-31 18:54 - 1999-12-07 12:00 - 0865616 _____ () C:\Program Files (x86)\MSVBVM50.dl_
2014-03-31 18:54 - 2002-01-24 18:25 - 0004981 _____ () C:\Program Files (x86)\Mysticvision_pf.ex_
2014-03-31 18:54 - 2001-06-07 03:56 - 0000371 _____ () C:\Program Files (x86)\OakBark.w_
2014-03-31 18:54 - 1997-05-19 07:08 - 0320739 _____ () C:\Program Files (x86)\OleAut32.dl_
2014-03-31 18:54 - 1997-05-19 07:08 - 0067142 _____ () C:\Program Files (x86)\OlePro32.dl_
2014-03-31 18:54 - 2001-06-11 01:54 - 0004987 _____ () C:\Program Files (x86)\OptimizedPaletteTest_pf.ex_
2014-03-31 18:54 - 2001-06-06 11:06 - 0005477 _____ () C:\Program Files (x86)\OptimizedPalette_pf.ex_
2014-03-31 18:54 - 2002-11-03 12:33 - 0006796 _____ () C:\Program Files (x86)\Paint_on_alpha_pm.ex_
2014-03-31 18:54 - 2001-06-09 06:18 - 0004906 _____ () C:\Program Files (x86)\PaletteToWells_pm.ex_
2014-03-31 18:54 - 2002-01-30 08:24 - 0012268 _____ () C:\Program Files (x86)\Pine_Branches.op_
2014-03-31 18:54 - 2002-11-03 12:24 - 0003826 _____ () C:\Program Files (x86)\printerPrefs_generic_px.ex_
2014-03-31 18:54 - 2002-09-20 03:40 - 0010701 _____ () C:\Program Files (x86)\print_generic_px.ex_
2014-03-31 18:54 - 2001-06-07 03:26 - 0000385 _____ () C:\Program Files (x86)\Pumpkin.w_
2014-03-31 18:54 - 2002-02-12 04:45 - 0001745 _____ () C:\Program Files (x86)\readme.rt_
2014-03-31 18:54 - 2002-11-13 16:34 - 0000243 _____ () C:\Program Files (x86)\ReadMe.tx_
2014-03-31 18:54 - 2002-10-08 13:53 - 0004885 _____ () C:\Program Files (x86)\Reds.gr_
2014-03-31 18:54 - 1997-01-13 00:00 - 0126780 _____ () C:\Program Files (x86)\RichEd32.dl_
2014-03-31 18:54 - 1998-06-23 23:00 - 0117028 _____ () C:\Program Files (x86)\RICHTX32.OC_
2014-03-31 18:54 - 2001-06-07 03:47 - 0000381 _____ () C:\Program Files (x86)\Sand.w_
2014-03-31 18:54 - 2002-09-20 03:11 - 0004207 _____ () C:\Program Files (x86)\ScaleAlpha_pm.ex_
2014-03-31 18:54 - 2003-10-06 18:07 - 0023758 _____ () C:\Program Files (x86)\screenshot2-300.jp_
2014-03-31 18:54 - 2003-12-20 14:49 - 0004287 _____ () C:\Program Files (x86)\Sepia_pf.ex_
2014-03-31 18:54 - 1997-01-16 00:00 - 0089600 _____ (Microsoft Corporation) C:\Program Files (x86)\SETUP.EXE
2014-03-31 18:54 - 2004-01-29 15:50 - 0017280 _____ () C:\Program Files (x86)\SETUP.LST
2014-03-31 18:54 - 1997-03-05 17:11 - 0073501 _____ () C:\Program Files (x86)\setup1.ex_
2014-03-31 18:54 - 2001-06-07 03:46 - 0000367 _____ () C:\Program Files (x86)\Sky.w_
2014-03-31 18:54 - 2002-10-08 14:06 - 0003188 _____ () C:\Program Files (x86)\Skys.gr_
2014-03-31 18:54 - 2003-05-01 21:37 - 0012178 _____ () C:\Program Files (x86)\Spiro.op_
2014-03-31 18:54 - 2004-01-27 17:49 - 0047473 _____ () C:\Program Files (x86)\Splash.jp_
2014-03-31 18:54 - 1997-01-16 00:00 - 0037850 _____ () C:\Program Files (x86)\ST5UNST.EX_
2014-03-31 18:54 - 1997-05-19 07:08 - 0007134 _____ () C:\Program Files (x86)\StdOle2.tl_
2014-03-31 18:54 - 2003-11-29 15:47 - 0023514 _____ () C:\Program Files (x86)\Store_Alpha_pm.ex_
2014-03-31 18:54 - 2002-09-05 03:01 - 0007260 _____ () C:\Program Files (x86)\Store_Brush_pb.ex_
2014-03-31 18:54 - 2002-09-05 01:44 - 0012899 _____ () C:\Program Files (x86)\Store_Buffer_pm.ex_
2014-03-31 18:54 - 2002-03-29 12:00 - 0000520 _____ () C:\Program Files (x86)\Study.w_
2014-03-31 18:54 - 2003-10-25 11:15 - 0000512 _____ () C:\Program Files (x86)\TabletSupport.rt_
2014-03-31 18:54 - 2002-08-09 05:44 - 0000520 _____ () C:\Program Files (x86)\Test1.w_
2014-03-31 18:54 - 2003-10-17 10:49 - 0025398 _____ () C:\Program Files (x86)\Thumb_Book.gi_
2014-03-31 18:54 - 2002-01-30 08:18 - 0012270 _____ () C:\Program Files (x86)\Trees.op_
2014-03-31 18:54 - 2001-06-07 03:43 - 0000400 _____ () C:\Program Files (x86)\Valencia.w_
2014-03-31 18:54 - 1997-01-16 00:00 - 0016457 _____ () C:\Program Files (x86)\VB5StKit.dl_
2014-03-31 18:54 - 2003-06-05 20:01 - 0097631 _____ () C:\Program Files (x86)\VBTablet.dl_
2014-03-31 18:54 - 2002-10-08 13:46 - 0003435 _____ () C:\Program Files (x86)\Vents.gr_
2014-03-31 18:54 - 2002-10-08 13:42 - 0002895 _____ () C:\Program Files (x86)\Warnings.gr_
2014-03-31 18:54 - 2003-06-23 19:49 - 0013491 _____ () C:\Program Files (x86)\WinterBranches.op_
2014-03-31 18:54 - 2003-11-25 13:25 - 0016674 _____ () C:\Program Files (x86)\Zoom_pf.ex_
2014-05-11 20:03 - 2014-05-11 20:16 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-05 02:21 - 2014-05-11 18:39 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe Targa-Format CC - Voreinstellungen
2014-05-16 21:31 - 2014-08-08 16:31 - 0000305 _____ () C:\Users\Admin\AppData\Roaming\BreakingPoint_Login.ini
2014-05-16 19:43 - 2014-08-08 18:00 - 0001579 _____ () C:\Users\Admin\AppData\Roaming\BreakingPoint_Options.ini
2014-04-06 21:04 - 2014-04-06 22:00 - 0001456 _____ () C:\Users\Admin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-04 19:59 - 2014-04-30 14:23 - 0005632 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-02 16:57 - 2014-04-02 16:57 - 0007691 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2013-09-02 14:20 - 2014-12-28 17:47 - 0007597 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-08-14 20:36 - 2014-08-14 20:36 - 0000040 _____ () C:\ProgramData\ra3.ini

Files to move or delete:
====================
C:\Users\Admin\12_bit_dither_pf.exe
C:\Users\Admin\Alpha_Grow_pm.exe
C:\Users\Admin\Alpha_Shrink_pm.exe
C:\Users\Admin\Artmap.dat
C:\Users\Admin\AverageFrames_pm.exe
C:\Users\Admin\bmp_load_pb.exe
C:\Users\Admin\bmp_save_pb.exe
C:\Users\Admin\cellular_pf.exe
C:\Users\Admin\ChangeDPI_px.exe
C:\Users\Admin\Clipboard_Export_pb.exe
C:\Users\Admin\Clipboard_Import_pb.exe
C:\Users\Admin\Crystalize_pf.exe
C:\Users\Admin\dogwaffle.exe
C:\Users\Admin\drbrush.dll
C:\Users\Admin\drfilter.dll
C:\Users\Admin\drFloodfill.dll
C:\Users\Admin\Drpaint.dll
C:\Users\Admin\ExploreTempDir_pm.exe
C:\Users\Admin\FrameFromClipboard_pm.exe
C:\Users\Admin\Globe_pf.exe
C:\Users\Admin\Gradient_To_VB_pm.exe
C:\Users\Admin\Grid_pm.exe
C:\Users\Admin\iff_px.exe
C:\Users\Admin\IM_MOD_RL_histogram_.dll
C:\Users\Admin\KeyInvert_pb.exe
C:\Users\Admin\KeyToBlack_pb.exe
C:\Users\Admin\KeyToLuminance_pb.exe
C:\Users\Admin\Key_Grow_pb.exe
C:\Users\Admin\Key_Shrink_pb.exe
C:\Users\Admin\Maximize_pf.exe
C:\Users\Admin\MaxMin_pf.exe
C:\Users\Admin\Median_pf.exe
C:\Users\Admin\Minimize_pf.exe
C:\Users\Admin\MinMax_pf.exe
C:\Users\Admin\Mirrage_pf.exe
C:\Users\Admin\Mosaic_pf.exe
C:\Users\Admin\MotionBlur_pf.exe
C:\Users\Admin\Mysticvision_pf.exe
C:\Users\Admin\OptimizedPaletteTest_pf.exe
C:\Users\Admin\OptimizedPalette_pf.exe
C:\Users\Admin\Paint_on_alpha_pm.exe
C:\Users\Admin\PaletteToWells_pm.exe
C:\Users\Admin\printerPrefs_generic_px.exe
C:\Users\Admin\print_generic_px.exe
C:\Users\Admin\ScaleAlpha_pm.exe
C:\Users\Admin\Sepia_pf.exe
C:\Users\Admin\Store_Alpha_pm.exe
C:\Users\Admin\Store_Brush_pb.exe
C:\Users\Admin\Store_Buffer_pm.exe
C:\Users\Admin\VBTablet.dll
C:\Users\Admin\Zoom_pf.exe


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\awesomium_setup.exe
C:\Users\Admin\AppData\Local\Temp\install_flashplayer13x32au_mssd_awb_aih_1.exe
C:\Users\Admin\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-18-g071d500-b2935jnks.dll
C:\Users\Admin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Admin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\raptrpatch.exe
C:\Users\Admin\AppData\Local\Temp\SETUP.EXE
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\sonarinst.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\ssleay32.dll
C:\Users\Admin\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Admin\AppData\Local\Temp\Uninstaller-3820.exe
C:\Users\Admin\AppData\Local\Temp\Uninstaller-5712.exe
C:\Users\Admin\AppData\Local\Temp\Uninstaller-7868.exe
C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Admin\AppData\Local\Temp\_is33FF.exe
C:\Users\Admin\AppData\Local\Temp\_is4D95.exe
C:\Users\Admin\AppData\Local\Temp\_is53B5.exe
C:\Users\Admin\AppData\Local\Temp\_isDAC5.exe
C:\Users\Admin\AppData\Local\Temp\_isECCB.exe
C:\Users\Admin\AppData\Local\Temp\_isF584.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-21 14:31

==================== End Of Log ============================
         
--- --- ---
Also Probleme gibts es grad keine, es gab nach dem link au net wirklich welche.

Ich hoffe es ist nicht schlimm dass ich den ESET scanner erst nach dem scan mit ScruityCheck gelöscht habe.

Alt 23.01.2015, 11:33   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Steam SCR. Virus? - Standard

Steam SCR. Virus?



passt schon.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.01.2015, 16:42   #9
Ohrmann
 
Steam SCR. Virus? - Standard

Steam SCR. Virus?



(Tut mir leid für die späte Antwort)

Es lief alles gut und ich habe auch ein paar deiner tipps die du mir am schluss gegeben hast ausgeführt. Danke für die Hilfe, hatte angst das was schlimmes passiert sei.

Alt 31.01.2015, 10:26   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Steam SCR. Virus? - Standard

Steam SCR. Virus?



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Steam SCR. Virus?
account, angebliche, angeblichen, datei, eigenschaften, fehlermeldung, gefährlich, gehackt, gen, hilfe, link, notepad, passwort, profil, rechner, schaf, schließe, steam, versuch, virus, virus?, windows, öffnen



Ähnliche Themen: Steam SCR. Virus?


  1. Windows 7: Steam Account durch Virus gehackt und entwendet, Steam infiziert : Win32:Malware-gen
    Log-Analyse und Auswertung - 14.09.2015 (16)
  2. DNS-Unlocker auf Steam
    Plagegeister aller Art und deren Bekämpfung - 06.09.2015 (4)
  3. Warschienlich Steam Virus gedownloadet .scr Datei
    Plagegeister aller Art und deren Bekämpfung - 26.08.2015 (14)
  4. .scr Datei (Virus?) über Steam erhalten, habe ich jetzt einen Virus (oder Passwortscanner, etc.)?
    Log-Analyse und Auswertung - 09.06.2015 (3)
  5. Steam Virus durch .src Datei?
    Plagegeister aller Art und deren Bekämpfung - 25.05.2015 (4)
  6. .scr Virus über Steam bekommen
    Plagegeister aller Art und deren Bekämpfung - 14.01.2015 (5)
  7. Externer Link bei Steam Chat für Handel -> nach öffnen : Virus
    Log-Analyse und Auswertung - 18.09.2014 (14)
  8. Steam Virus?
    Plagegeister aller Art und deren Bekämpfung - 03.05.2014 (2)
  9. Steam hl2.exe wird als Virus erkannt spiele können nicht mehr gestartet werden. (Gen:Variant.Zusy.22680)
    Plagegeister aller Art und deren Bekämpfung - 25.10.2012 (2)
  10. Sicherheitsrisiko Steam
    Nachrichten - 17.10.2012 (0)
  11. Steam App virus ?
    Plagegeister aller Art und deren Bekämpfung - 23.09.2012 (7)
  12. Steam und Origin Account plötzlich weg und Virus fund.
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  13. Steam(file2.exe) ohne das man Steam installiert hat
    Plagegeister aller Art und deren Bekämpfung - 21.02.2010 (1)
  14. Kaspkersky zeigt steam.exe als virus als potentiell gefährdetes programm an
    Log-Analyse und Auswertung - 03.03.2009 (3)
  15. Steam oO
    Netzwerk und Hardware - 02.03.2008 (4)
  16. 22.tmp, virus oder steam problem?
    Log-Analyse und Auswertung - 10.07.2007 (1)
  17. Probleme mit WoW und Steam!!!!
    Plagegeister aller Art und deren Bekämpfung - 06.06.2007 (2)

Zum Thema Steam SCR. Virus? - Hallo, ich bin grad in steam on gegangen und habe ein kommentar auf mein profil bekommen. Da war dann ein link mit nem angeblichen Bild. Habs dann gedownloadet und dann - Steam SCR. Virus?...
Archiv
Du betrachtest: Steam SCR. Virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.