Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Steam Virus durch .src Datei?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.05.2015, 08:13   #1
XZayaYT
 
Steam Virus durch .src Datei? - Standard

Steam Virus durch .src Datei?



Hallo,
Ich habe gestern einene Trade anfrage bei Steam bekommen, diese Person hat mir einen Link zu einem vermeintlich Bild geschickt, die Datei war aber eine .scr, ich habe sie durch Avast auf Viren geprüft, und habe sie dann geöffne. Es passierte nichts. Dadurch wurde ich verdächtig als nach 1min ich keine Fenster mehr öffnen konnte, war mir klar, daß es ein Virus sein wird. Wie kann ich vorgehen, ist es doch kein Virus? Ich habe schon gelesen das es ein Sohanda Virus sein könnte und daher auch schon ein Removal Tool gestartet (vom Netz getrennt und im Abgesicherten Modus). Meine Passwörter habe ich bereits geändert.


LG Moritz

Alt 25.05.2015, 10:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Steam Virus durch .src Datei? - Standard

Steam Virus durch .src Datei?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 25.05.2015, 11:15   #3
XZayaYT
 
Steam Virus durch .src Datei? - Standard

Steam Virus durch .src Datei?



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by Versa G1 (administrator) on VERSA-G1 on 25-05-2015 12:09:36
Running from C:\Users\Versa G1\Desktop
Loaded Profiles: Versa G1 (Available Profiles: Versa G1)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) F:\Programme\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) F:\Programme\Steam\Steam.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(Avast Software s.r.o.) F:\Programme\Avast\AvastUI.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Creative Technology Ltd.) C:\Windows\V0770Mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2015-02-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2015-02-08] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => F:\Programme\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [V0770Mon.exe] => C:\Windows\V0770Mon.exe [32884 2012-06-01] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1679186498-394166386-472630255-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1679186498-394166386-472630255-1001\...\Run: [Steam] => F:\Programme\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-1679186498-394166386-472630255-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => F:\Programme\Avast\ashShA64.dll [2015-05-23] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => F:\Programme\Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => F:\Programme\Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => F:\Programme\Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => F:\Programme\Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => F:\Programme\Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> F:\Programme\Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Programme\Avast\aswWebRepIE64.dll [2015-04-21] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Programme\Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Programme\Avast\aswWebRepIE.dll [2015-04-21] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> F:\PROGRA~1\Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - F:\Programme\Avast\WebRep\FF
FF Extension: Avast Online Security - F:\Programme\Avast\WebRep\FF [2015-02-09]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.youtube.com/feed/subscriptions
CHR StartupUrls: Default -> "https://www.google.de/webhp?rls=ig"
CHR Profile: C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-03-29]
CHR Extension: (Google Slides) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-22]
CHR Extension: (Google Docs) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-13]
CHR Extension: (YouTube) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Avast SafePrice) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-22]
CHR Extension: (Google Sheets) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-22]
CHR Extension: (Black & white theme) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2015-02-22]
CHR Extension: (Stopwatch) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2015-02-22]
CHR Extension: (Bookmark Manager) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Avast Online Security) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-22]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-02-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Gmail) - C:\Users\Versa G1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - F:\Programme\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - F:\Programme\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; F:\Programme\Avast\AvastSvc.exe [343336 2015-05-23] (Avast Software s.r.o.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) []
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) []
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) []
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 Microsoft SharePoint Workspace Audit Service; F:\Programme\Office\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation)
S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [1931632 2015-05-22] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-15] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 98C220B7; C:\Windows\System32\drivers\98C220B7.sys [457824 2015-05-25] (Kaspersky Lab ZAO)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-23] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-23] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-23] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 V0770Vid; C:\Windows\System32\DRIVERS\V0770Vid.sys [379776 2012-06-01] (Creative Technology Ltd.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-05-25] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 cpuz137; \??\C:\Users\VERSAG~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 12:09 - 2015-05-25 12:09 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-05-25 12:09 - 2015-05-25 12:09 - 00018143 _____ () C:\Users\Versa G1\Desktop\FRST.txt
2015-05-25 12:09 - 2015-05-25 12:09 - 00000000 ____D () C:\FRST
2015-05-25 12:09 - 2015-05-25 12:07 - 02108416 _____ (Farbar) C:\Users\Versa G1\Desktop\FRST64.exe
2015-05-25 02:21 - 2015-05-25 02:22 - 00000000 ____D () C:\KVRT_Data
2015-05-25 02:21 - 2015-05-25 02:21 - 00457824 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\98C220B7.sys
2015-05-25 01:14 - 2015-05-25 01:15 - 00004542 _____ () C:\Users\Versa G1\AppData\Roaming\data.zip
2015-05-25 00:53 - 2015-05-25 00:53 - 00000000 ____D () C:\Users\Versa G1\AppData\Local\Blizzard
2015-05-24 23:25 - 2015-05-24 23:36 - 00000000 ____D () C:\Program Files\Recuva
2015-05-24 23:25 - 2015-05-24 23:25 - 04426120 _____ (Piriform Ltd) C:\Users\Versa G1\Downloads\rcsetup152.exe
2015-05-24 23:25 - 2015-05-24 23:25 - 00001661 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-05-24 23:25 - 2015-05-24 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-05-24 23:12 - 2015-05-24 23:12 - 00011338 _____ () C:\Users\Versa G1\AppData\Local\recently-used.xbel
2015-05-24 22:23 - 2015-05-24 22:23 - 00000000 ____D () C:\ProgramData\NuGet
2015-05-24 22:23 - 2015-05-24 22:23 - 00000000 ____D () C:\Program Files (x86)\NuGet
2015-05-24 22:19 - 2015-05-24 22:19 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-05-24 22:19 - 2015-05-24 22:19 - 00000000 ____D () C:\Windows\SysWOW64\1031
2015-05-24 22:19 - 2015-05-24 22:19 - 00000000 ____D () C:\Windows\system32\1033
2015-05-24 22:19 - 2015-05-24 22:19 - 00000000 ____D () C:\Windows\system32\1031
2015-05-24 22:18 - 2015-05-24 22:20 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-05-24 22:18 - 2015-05-24 22:18 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-05-24 22:17 - 2015-05-24 22:17 - 14189886 _____ () C:\Users\Versa G1\Downloads\SFML-2.3-windows-vc11-32-bit.zip
2015-05-23 21:37 - 2015-05-23 21:37 - 40518200 _____ () C:\Users\libcef.dll
2015-05-23 21:37 - 2015-05-23 21:37 - 10490576 _____ () C:\Users\icudtl.dat
2015-05-23 21:37 - 2015-05-23 21:37 - 07168568 _____ (Spotify Ltd) C:\Users\Spotify.exe
2015-05-23 21:37 - 2015-05-23 21:37 - 05066068 _____ () C:\Users\devtools_resources.pak
2015-05-23 21:37 - 2015-05-23 21:37 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll
2015-05-23 21:37 - 2015-05-23 21:37 - 02314260 _____ () C:\Users\Apps\musixmatch-lyrics.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 02157551 _____ () C:\Users\Apps\glue-resources.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2015-05-23 21:37 - 2015-05-23 21:37 - 02020920 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe
2015-05-23 21:37 - 2015-05-23 21:37 - 01894102 _____ () C:\Users\cef.pak
2015-05-23 21:37 - 2015-05-23 21:37 - 01365560 _____ () C:\Users\libGLESv2.dll
2015-05-23 21:37 - 2015-05-23 21:37 - 00990776 _____ () C:\Users\ffmpegsumo.dll
2015-05-23 21:37 - 2015-05-23 21:37 - 00786242 _____ () C:\Users\Apps\zlink.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00778808 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe
2015-05-23 21:37 - 2015-05-23 21:37 - 00641130 _____ () C:\Users\Apps\browse.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00544454 _____ () C:\Users\cef_200_percent.pak
2015-05-23 21:37 - 2015-05-23 21:37 - 00532827 _____ () C:\Users\Apps\notification-center.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00523472 _____ () C:\Users\Apps\collection.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00499645 _____ () C:\Users\Apps\collection-artist.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00490705 _____ () C:\Users\Apps\genre.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00460102 _____ () C:\Users\Apps\collection-album.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00421742 _____ () C:\Users\Apps\article.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00406724 _____ () C:\Users\Apps\album.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00392015 _____ () C:\Users\cef_100_percent.pak
2015-05-23 21:37 - 2015-05-23 21:37 - 00370740 _____ () C:\Users\Apps\discover.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00359237 _____ () C:\Users\Apps\artist.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00359155 _____ () C:\Users\Apps\messages.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00356912 _____ () C:\Users\Apps\collection-songs.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00343647 _____ () C:\Users\Apps\buddy-list.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00341194 _____ () C:\Users\Apps\social-chart.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00339237 _____ () C:\Users\Apps\charts.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00334226 _____ () C:\Users\Apps\social-feed.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00316343 _____ () C:\Users\Apps\playlist-desktop.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00295101 _____ () C:\Users\Apps\radio.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00279292 _____ () C:\Users\Apps\profile.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00275408 _____ () C:\Users\Apps\folder.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00230599 _____ () C:\Users\Apps\chart.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00227514 _____ () C:\Users\Apps\share.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00219192 _____ () C:\Users\libEGL.dll
2015-05-23 21:37 - 2015-05-23 21:37 - 00191376 _____ () C:\Users\Apps\search.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00176991 _____ () C:\Users\Apps\suggest.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00175821 _____ () C:\Users\Apps\settings.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00162003 _____ () C:\Users\Apps\zlink-queue.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00158229 _____ () C:\Users\Apps\follow.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00147345 _____ () C:\Users\Apps\findfriends.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00124472 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe
2015-05-23 21:37 - 2015-05-23 21:37 - 00112286 _____ () C:\Users\Apps\zlogin.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00086213 _____ () C:\Users\Apps\about.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00073272 _____ () C:\Users\wow_helper.exe
2015-05-23 21:37 - 2015-05-23 21:37 - 00053532 _____ () C:\Users\Apps\ad.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00040253 _____ () C:\Users\Apps\licenses.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00038320 _____ () C:\Users\Apps\error.spa
2015-05-23 21:37 - 2015-05-23 21:37 - 00012316 _____ () C:\Users\locales\en-US.pak
2015-05-23 21:37 - 2015-05-23 21:37 - 00007047 _____ () C:\Users\locales\el.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00006945 _____ () C:\Users\locales\ru.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00006203 _____ () C:\Users\locales\ja.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00006086 _____ () C:\Users\locales\fr-CA.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00006079 _____ () C:\Users\locales\hu.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00006022 _____ () C:\Users\locales\fr.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00006007 _____ () C:\Users\locales\fi.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00006006 _____ () C:\Users\locales\pl.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005947 _____ () C:\Users\locales\es-419.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005914 _____ () C:\Users\locales\nl.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005872 _____ () C:\Users\locales\es.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005868 _____ () C:\Users\locales\zsm.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005868 _____ () C:\Users\locales\de.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005859 _____ () C:\Users\locales\tr.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005859 _____ () C:\Users\locales\it.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005858 _____ () C:\Users\locales\zh-Hant.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005852 _____ () C:\Users\locales\pt-BR.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005808 _____ () C:\Users\locales\sv.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005694 _____ () C:\Users\locales\arb.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00005623 _____ () C:\Users\locales\en.mo
2015-05-23 21:37 - 2015-05-23 21:37 - 00000020 _____ () C:\Users\inst_ver.dat
2015-05-23 21:37 - 2015-05-23 21:37 - 00000000 ____D () C:\Users\pdf.dll
2015-05-23 21:37 - 2015-05-23 21:37 - 00000000 ____D () C:\Users\locales
2015-05-23 17:01 - 2015-05-23 17:01 - 00000000 ____D () C:\Users\Versa G1\Documents\My Cheat Tables
2015-05-23 13:22 - 2015-05-23 13:22 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-23 13:22 - 2015-05-23 13:22 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-23 12:20 - 2015-05-23 12:20 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-05-23 11:00 - 2015-05-23 11:00 - 00000000 _____ () C:\Users\Versa G1\agent.log
2015-05-23 10:54 - 2015-05-25 12:09 - 00000336 _____ () C:\Windows\setupact.log
2015-05-23 10:54 - 2015-05-25 02:14 - 00011016 _____ () C:\Windows\PFRO.log
2015-05-23 10:54 - 2015-05-23 10:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-23 00:29 - 2015-05-23 00:29 - 00000000 ____D () C:\Users\Versa G1\Tracing
2015-05-23 00:09 - 2015-05-23 00:09 - 00000000 ____D () C:\Users\Versa G1\AppData\Local\Apps\2.0
2015-05-23 00:06 - 2015-05-23 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-05-23 00:05 - 2015-05-23 00:05 - 01359960 _____ (Microsoft Corporation) C:\Users\Versa G1\Downloads\VS2012.4 (2).exe
2015-05-22 23:35 - 2015-05-22 23:35 - 00000020 _____ () C:\Windows\øù@
2015-05-22 19:00 - 2015-05-22 19:00 - 00000000 ____D () C:\Windows\symbols
2015-05-22 18:58 - 2015-05-22 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-05-22 18:56 - 2015-05-24 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
2015-05-22 18:53 - 2015-05-24 22:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-05-21 20:14 - 2015-05-21 20:14 - 01359960 _____ (Microsoft Corporation) C:\Users\Versa G1\Downloads\VS2012.4 (1).exe
2015-05-21 19:58 - 2015-05-21 19:58 - 00937632 _____ (Microsoft Corporation) C:\Users\Versa G1\Downloads\wdexpress_full.exe
2015-05-20 22:59 - 2015-05-20 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheCoderTeam
2015-05-20 22:59 - 2015-05-20 22:59 - 00000000 ____D () C:\Program Files (x86)\TheCoderTeam
2015-05-20 22:58 - 2012-11-25 13:20 - 08556769 _____ () C:\Users\Versa G1\Desktop\setup.exe
2015-05-20 22:57 - 2015-05-20 22:57 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\NuGet
2015-05-20 22:21 - 2015-05-23 00:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-05-20 22:21 - 2015-05-20 22:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
2015-05-20 21:25 - 2015-05-20 21:26 - 02125824 _____ () C:\Users\Versa G1\Downloads\Microsoft.TeamFoundation.Git.Provider.msi
2015-05-20 21:14 - 2015-05-20 21:15 - 00995672 _____ (Microsoft Corporation) C:\Users\Versa G1\Downloads\vs_premium.exe
2015-05-20 21:14 - 2015-05-20 21:14 - 00888880 _____ (Microsoft Corporation) C:\Users\Versa G1\Downloads\vs_premium_download.exe
2015-05-20 20:54 - 2015-05-20 20:55 - 05119800 _____ () C:\Users\Versa G1\Downloads\GitSccProvider.vsix
2015-05-20 20:50 - 2015-05-20 20:50 - 01359960 _____ (Microsoft Corporation) C:\Users\Versa G1\Downloads\VS2012.4.exe
2015-05-20 20:37 - 2015-05-20 20:39 - 17935569 _____ (The Git Development Community ) C:\Users\Versa G1\Downloads\Git-1.9.5-preview20150319.exe
2015-05-16 21:24 - 2015-05-16 21:25 - 00000000 ____D () C:\Users\Versa G1\Desktop\Neuer Ordner
2015-05-16 18:25 - 2015-05-16 18:25 - 138475582 _____ () C:\Users\Versa G1\Desktop\TheBlob.zip
2015-05-16 18:23 - 2015-05-16 18:27 - 138477664 _____ () C:\Users\Versa G1\Downloads\TheBlob.zip
2015-05-16 17:36 - 2015-05-16 17:38 - 73509276 _____ () C:\Users\Versa G1\Downloads\Panda.zip
2015-05-16 17:25 - 2015-05-16 21:25 - 00016212 _____ () C:\Users\Versa G1\Downloads\installer.log
2015-05-16 17:24 - 2015-05-16 17:25 - 03289729 _____ () C:\Users\Versa G1\Downloads\forge-1.7.10-10.13.3.1403-1.7.10-installer.jar
2015-05-16 17:24 - 2015-05-16 17:24 - 02923820 _____ () C:\Users\Versa G1\Downloads\forge-1.7.10-10.13.3.1403-1.7.10-universal.jar
2015-05-16 17:19 - 2015-05-16 17:19 - 03068067 _____ () C:\Users\Versa G1\Downloads\magicalcrops-4.0.0_PUBLIC_BETA_3.jar
2015-05-16 16:19 - 2015-05-16 16:19 - 00867784 _____ () C:\Users\Versa G1\Downloads\OptiFine_1.7.10_HD_B7 (1).jar
2015-05-15 16:33 - 2015-05-15 16:33 - 04839104 _____ () C:\Users\Versa G1\Downloads\JuPa-Wahl.zip
2015-05-14 23:22 - 2015-05-14 23:22 - 00867784 _____ () C:\Users\Versa G1\Downloads\OptiFine_1.7.10_HD_B7.jar
2015-05-14 22:12 - 2015-05-01 17:22 - 06628862 _____ () C:\Users\Versa G1\Desktop\FTB_Launcher.exe
2015-05-14 08:27 - 2015-05-14 08:27 - 00370291 _____ () C:\Users\Versa G1\Downloads\OptiFine_1.4.6_HD_U_D5.zip
2015-05-13 18:52 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:52 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 17:27 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 17:27 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 17:27 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 17:27 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 17:27 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 17:27 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 17:27 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 17:27 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 17:27 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 17:27 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 17:27 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 17:27 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 17:27 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 17:27 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 17:27 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 17:27 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 17:27 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 17:27 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 17:27 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 17:27 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 17:27 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 17:27 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 17:27 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 17:27 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 17:27 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 17:27 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 17:27 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 17:27 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 17:27 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 17:27 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 17:27 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 17:27 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 17:27 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 17:27 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 17:27 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 17:27 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 17:27 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 17:27 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 17:27 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 17:27 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 17:27 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 17:27 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 17:27 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 17:27 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 17:27 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 17:27 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 17:27 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 17:27 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 17:27 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 17:27 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 17:27 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 17:27 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 17:27 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 17:27 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 17:27 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 17:27 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 17:27 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 17:27 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 17:27 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 17:27 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 17:27 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 17:27 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 17:27 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 17:27 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 17:24 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 17:24 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 17:24 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 17:24 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 17:24 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 17:24 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 17:24 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 17:24 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 17:24 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 17:24 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 17:24 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 17:24 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 17:24 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 17:24 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 17:24 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 17:24 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 17:24 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 17:24 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 17:24 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 17:24 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 17:24 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 17:24 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 17:24 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 17:24 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 17:24 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 17:24 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 17:24 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 17:24 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 17:24 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 17:24 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 17:24 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 17:24 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 17:24 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 17:24 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 17:24 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 17:24 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 17:24 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 17:24 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 17:24 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 17:24 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 17:24 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 17:24 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 17:24 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 17:24 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 17:24 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 17:24 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 17:24 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 17:24 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 17:24 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 17:24 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-12 18:58 - 2015-05-12 18:58 - 00000000 ____D () C:\Users\Versa G1\Desktop\Sever
2015-05-11 21:56 - 2015-05-11 21:56 - 02218504 _____ () C:\Users\Versa G1\Downloads\instspeedfan451.exe
2015-05-11 19:53 - 2015-05-11 20:06 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-11 19:53 - 2015-05-11 19:53 - 07970528 _____ (TeamViewer GmbH) C:\Users\Versa G1\Downloads\TeamViewer_Setup_de.exe
2015-05-11 19:53 - 2015-05-11 19:53 - 00001046 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-11 10:55 - 2015-05-11 10:55 - 00323266 _____ () C:\Users\Versa G1\Downloads\YamlDotNet2013Sep.unitypackage
2015-05-10 13:08 - 2015-05-10 13:08 - 06420600 _____ (Tim Kosse) C:\Users\Versa G1\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-05-09 21:51 - 2015-05-09 21:51 - 00360800 _____ () C:\Users\Versa G1\Downloads\OptiFineHDU1.4.7.zip
2015-05-06 21:52 - 2015-05-06 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2015-05-06 21:52 - 2015-05-06 21:52 - 00000000 ____D () C:\Program Files (x86)\Android
2015-05-06 21:41 - 2015-05-06 21:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-05-06 21:41 - 2014-06-16 08:01 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-05-06 21:41 - 2014-06-16 08:01 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2015-05-06 21:40 - 2015-05-06 21:40 - 00000000 ____D () C:\ProgramData\Samsung
2015-05-06 18:31 - 2015-05-06 18:31 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\stetic
2015-05-04 19:12 - 2015-05-04 19:12 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\ATI
2015-05-03 18:23 - 2015-05-16 17:01 - 00000000 ____D () C:\Users\Versa G1\AppData\Local\ftblauncher
2015-05-03 18:23 - 2015-05-03 18:23 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\ftblauncher
2015-05-03 02:33 - 2015-05-03 02:34 - 00003584 _____ () C:\Users\Versa G1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 17:20 - 2015-05-01 17:20 - 00000000 __SHD () C:\Users\Versa G1\AppData\Local\EmieUserList
2015-05-01 17:20 - 2015-05-01 17:20 - 00000000 __SHD () C:\Users\Versa G1\AppData\Local\EmieSiteList
2015-05-01 17:20 - 2015-05-01 17:20 - 00000000 __SHD () C:\Users\Versa G1\AppData\Local\EmieBrowserModeList
2015-04-26 01:28 - 2015-04-26 01:28 - 00000000 ____D () C:\Users\Versa G1\Desktop\GTA V Money
2015-04-26 01:22 - 2015-04-26 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-04-26 01:22 - 2015-04-26 01:22 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-04-25 22:19 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-25 22:19 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-04-25 22:19 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-25 22:19 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-04-25 22:19 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-25 22:19 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-25 09:02 - 2015-04-25 09:02 - 00000683 _____ () C:\Users\Versa G1\Desktop\Technic Launcher.lnk
2015-04-25 09:00 - 2015-04-25 09:00 - 00000665 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-04-25 08:57 - 2015-04-25 08:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-04-25 08:45 - 2015-04-25 08:49 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\MAGIX
2015-04-25 08:45 - 2015-04-25 08:45 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2015-04-25 08:45 - 2015-04-25 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-04-25 08:44 - 2015-04-25 08:49 - 00000000 ____D () C:\ProgramData\MAGIX
2015-04-25 08:44 - 2015-04-25 08:44 - 00000000 ___RD () C:\Users\Versa G1\Documents\MAGIX Software GmbH
2015-04-25 08:44 - 2015-04-25 08:44 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-04-25 08:44 - 2015-04-25 08:44 - 00000000 ____D () C:\Program Files (x86)\MAGIX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 12:09 - 2015-02-22 13:22 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\Skype
2015-05-25 12:09 - 2015-02-08 01:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 12:09 - 2015-02-08 01:20 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-05-25 12:09 - 2015-02-08 01:16 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-05-25 12:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 02:18 - 2015-02-08 10:02 - 00700130 _____ () C:\Windows\system32\perfh007.dat
2015-05-25 02:18 - 2015-02-08 10:02 - 00149768 _____ () C:\Windows\system32\perfc007.dat
2015-05-25 02:18 - 2009-07-14 07:13 - 01622706 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-25 01:19 - 2015-02-08 01:09 - 01355285 _____ () C:\Windows\WindowsUpdate.log
2015-05-25 01:10 - 2015-03-07 18:19 - 00000000 ____D () C:\Users\Versa G1\AppData\Local\Battle.net
2015-05-25 00:38 - 2015-02-08 01:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-25 00:30 - 2015-02-11 23:26 - 00000000 ____D () C:\ProgramData\Origin
2015-05-24 23:12 - 2015-02-24 16:41 - 00000000 ____D () C:\Users\Versa G1\AppData\Local\gtk-2.0
2015-05-24 23:12 - 2015-02-24 16:40 - 00000000 ____D () C:\Users\Versa G1\.gimp-2.8
2015-05-24 22:21 - 2015-02-27 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-05-24 22:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-24 22:19 - 2015-03-01 21:33 - 00000000 ____D () C:\Users\Versa G1\Desktop\Programmieren
2015-05-24 22:18 - 2015-02-15 02:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-24 22:18 - 2015-02-08 01:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-24 20:14 - 2015-02-22 16:32 - 00000000 ____D () C:\Users\Versa G1\AppData\Local\Spotify
2015-05-24 20:14 - 2015-02-22 16:30 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\Spotify
2015-05-24 20:02 - 2015-02-22 13:27 - 00000600 _____ () C:\Users\Versa G1\AppData\Local\PUTTY.RND
2015-05-24 19:55 - 2015-02-22 13:28 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\FileZilla
2015-05-24 19:29 - 2015-02-22 13:23 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\.minecraft
2015-05-24 17:47 - 2015-02-08 01:16 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-05-24 17:15 - 2009-07-14 06:45 - 00028304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-24 17:15 - 2009-07-14 06:45 - 00028304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-24 17:08 - 2015-02-09 22:49 - 00004144 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-23 22:13 - 2015-03-06 14:47 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\Audacity
2015-05-23 13:22 - 2015-02-09 22:49 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-23 13:22 - 2015-02-09 22:49 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-23 13:22 - 2015-02-09 22:49 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-23 13:22 - 2015-02-09 22:49 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-23 13:22 - 2015-02-09 22:49 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-23 13:22 - 2015-02-09 22:49 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-23 13:22 - 2015-02-09 22:49 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-23 13:21 - 2015-02-09 22:49 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-23 11:00 - 2015-02-22 13:22 - 00000000 ____D () C:\Users\Versa G1
2015-05-23 00:06 - 2015-02-27 19:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-05-22 23:32 - 2015-02-13 00:54 - 00000000 ____D () C:\Program Files\Java
2015-05-22 22:40 - 2015-03-06 13:11 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\OBS
2015-05-22 22:37 - 2015-02-08 02:09 - 00000000 ____D () C:\ProgramData\Skype
2015-05-22 18:56 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-21 19:27 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\MSBuild
2015-05-21 16:44 - 2009-07-14 06:45 - 00483664 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-20 22:30 - 2015-02-22 13:22 - 00150128 _____ () C:\Users\Versa G1\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-20 21:29 - 2015-02-27 20:01 - 00000000 ____D () C:\Users\Versa G1\Documents\Visual Studio 2012
2015-05-20 18:59 - 2015-04-04 10:29 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 18:59 - 2015-04-04 10:29 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-20 17:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-19 21:46 - 2015-04-18 05:56 - 00000000 ____D () C:\Users\Versa G1\Documents\TmForever
2015-05-15 16:49 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-15 13:33 - 2015-02-08 01:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 13:33 - 2015-02-08 01:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 19:58 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 18:58 - 2015-02-25 20:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 18:56 - 2015-02-14 17:21 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 18:53 - 2015-02-14 17:21 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-11 21:57 - 2015-03-06 13:08 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2015-05-11 10:50 - 2015-03-07 14:11 - 00000000 ____D () C:\Users\Versa G1\AppData\Local\Eclipse
2015-05-10 13:09 - 2015-02-08 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-05-08 22:11 - 2015-03-10 21:48 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-06 21:34 - 2015-02-13 00:54 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-05-06 21:33 - 2015-02-13 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-05-04 21:17 - 2015-02-08 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2015-05-01 16:47 - 2015-03-10 16:58 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\.technic
2015-04-29 21:15 - 2015-02-22 13:33 - 00000000 ____D () C:\Users\Versa G1\AppData\Roaming\AMD
2015-04-27 20:46 - 2015-03-01 21:35 - 00000000 ____D () C:\Users\Versa G1\Desktop\YouTube
2015-04-26 03:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-25 09:02 - 2015-03-29 21:46 - 00000000 ____D () C:\ProgramData\Freemake
2015-04-25 08:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

==================== Files in the root of some directories =======

2015-05-25 01:14 - 2015-05-25 01:15 - 0004542 _____ () C:\Users\Versa G1\AppData\Roaming\data.zip
2015-05-03 02:33 - 2015-05-03 02:34 - 0003584 _____ () C:\Users\Versa G1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-22 13:27 - 2015-05-24 20:02 - 0000600 _____ () C:\Users\Versa G1\AppData\Local\PUTTY.RND
2015-05-24 23:12 - 2015-05-24 23:12 - 0011338 _____ () C:\Users\Versa G1\AppData\Local\recently-used.xbel
2015-02-25 16:37 - 2015-02-25 16:37 - 0007604 _____ () C:\Users\Versa G1\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Versa G1\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 13:28

==================== End of log ============================
         
__________________

Alt 25.05.2015, 11:38   #4
XZayaYT
 
Steam Virus durch .src Datei? - Standard

Steam Virus durch .src Datei?



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by Versa G1 at 2015-05-25 12:09:58
Running from C:\Users\Versa G1\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1679186498-394166386-472630255-500 - Administrator - Disabled)
Gast (S-1-5-21-1679186498-394166386-472630255-501 - Limited - Disabled)
Versa G1 (S-1-5-21-1679186498-394166386-472630255-1001 - Administrator - Enabled) => C:\Users\Versa G1

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CINEMA 4D R14 (HKLM-x32\...\CINEMA 4D R14) (Version:  - ) <==== ATTENTION
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.01.28 - Creative Technology Ltd)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DiRT 3 Complete Edition (HKLM-x32\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version:  - Codemasters)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FlatOut2 (HKLM-x32\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Live! Cam Sync HD VF0770 Driver (1.00.02.00) (HKLM\...\Creative VF0770) (Version:  - Creative Technology Ltd.)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{24E1F036-7BA2-4827-B6CF-C45A22E29E0D}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Techno Edition 6 (HKLM-x32\...\MX.{1E7ACE78-2B65-412E-BEDB-ECFC39EB64C0}) (Version: 21.0.3.47 - MAGIX Software GmbH)
MAGIX Music Maker Techno Edition 6 (Version: 21.0.3.47 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Techno Edition 6 Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Rise of Venice (HKLM-x32\...\Steam App 227020) (Version:  - )
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1679186498-394166386-472630255-1001\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Vita Bass Machine (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-05-2015 00:53:22 Windows Update
23-05-2015 13:21:49 avast! antivirus system restore point
24-05-2015 22:18:23 Microsoft Visual Studio Express 2012 für Windows Desktop - DEU
24-05-2015 22:21:23 Update for Microsoft Visual Studio 2012 (KB3002339)
24-05-2015 22:21:55 Visual Studio 2012 Update 4 (KB2707250)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C6659F5-82EA-4626-9010-744576BE4F1B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {207161D5-3551-4CFE-9BB3-2B8794AE413A} - System32\Tasks\{CA22C2E8-6F18-46ED-B89F-A7E8CECC6E6C} => C:\Program Files (x86)\Electronic Piano 2.5\Piano25.exe
Task: {2981DD89-2CAE-43BD-9185-355B4CC503AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {6A6F3B89-2CBF-48BB-945D-92D7605B358B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B18B9EF8-4407-4794-AEA5-C773CEC2E66D} - System32\Tasks\avast! Emergency Update => F:\Programme\Avast\AvastEmUpdate.exe [2015-05-23] (Avast Software s.r.o.)
Task: {B212BD19-24B5-4D4A-8E33-55A1A03D0600} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {B3A152EE-2E48-4330-8261-086AF5DD10D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {DFF6E2E1-54CC-4F6A-BA56-DE6570EDB766} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {E01F1F3C-9DB1-4FD7-9CA2-25F4E8FB9BC5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (Whitelisted) ==============

2012-02-09 17:26 - 2012-02-09 17:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-02-15 00:48 - 2015-02-15 00:59 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-29 12:25 - 2015-03-29 12:25 - 00043480 _____ () F:\Programme\FileZilla FTP Client\fzshellext_64.dll
2012-04-16 15:45 - 2012-04-16 15:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2015-05-23 13:22 - 2015-05-23 13:22 - 00104400 _____ () F:\Programme\Avast\log.dll
2015-05-23 13:22 - 2015-05-23 13:22 - 00081728 _____ () F:\Programme\Avast\JsonRpcServer.dll
2015-05-24 22:20 - 2015-05-24 22:20 - 02931200 _____ () F:\Programme\Avast\defs\15052401\algo.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-04-16 12:37 - 2012-04-16 12:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2012-04-16 12:42 - 2012-04-16 12:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2012-04-16 12:41 - 2012-04-16 12:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 12:56 - 2012-04-16 12:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-04-16 12:38 - 2012-04-16 12:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2015-04-21 10:52 - 2015-04-21 10:52 - 40540672 _____ () F:\Programme\Avast\libcef.dll
2015-02-11 16:44 - 2010-06-22 14:50 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98C220B7.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98C220B7.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1679186498-394166386-472630255-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Versa G1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Versa G1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: FastAccess Web Alert => F:\Programme\Creative\Live! Central 3\FAInstaller\FATRY.exe
MSCONFIG\startupreg: Live! Central 3 => "F:\Programme\Creative\Live! Central 3\CTLVCentral3.exe" /mode2
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Spotify => "C:\Users\Versa G1\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{37469068-3AE1-4309-8005-254F27BE73F8}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{0EB3890F-689D-47FB-8C80-55D4B499EA73}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{B312DEF2-D502-4E0B-A902-B1F9501A79F7}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C1A7B08-A2F7-4FC5-8AE8-EFA5420BB0D3}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{BA515F49-CE61-46A9-AFBC-F2F4EB063197}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5AB3EF92-AC91-4586-8AE5-C82081946A3C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{EE72C341-3859-4779-9396-0335321CD1CB}] => (Allow) F:\Programme\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{ADDAAE0F-64F8-41B4-B348-4955212863F7}] => (Allow) F:\Programme\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{E7F51AF2-189D-4751-86A2-AEB56E986AA7}] => (Allow) F:\Programme\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{7EBC2240-6EA6-4A09-9235-CDF5FD6A9F83}] => (Allow) F:\Programme\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{136882FD-93A9-46E0-AE1D-3C8F1D66EFD5}] => (Allow) F:\Programme\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{DFA3A50A-98A0-4058-8CD2-55E3EA05ADBD}] => (Allow) F:\Programme\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{941A6EEE-D27D-48EA-976A-2348A9BC2651}] => (Allow) F:\Programme\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{FA715DB6-318C-4525-B798-310BB92DF0E9}] => (Allow) F:\Programme\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{A96DDE49-22AD-4035-A427-3B8B971689A8}] => (Allow) F:\Programme\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{8CE411C8-9422-4CC8-ADAA-DC88848FB338}] => (Allow) F:\Programme\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{D6EF716A-53FF-46BA-97AD-3217EDB1DDAD}] => (Allow) F:\Programme\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{D53849EE-14AB-4515-BA79-E99A2B2523CE}] => (Allow) F:\Programme\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{72C3A7D0-5A31-4726-8BEA-C5686FC02D9B}] => (Allow) F:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{2A6CF3E7-989A-4FFD-8B7F-3905E7EAA5E1}] => (Allow) F:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4C7D13C6-08F8-48C3-86D0-34712314B88E}] => (Allow) F:\Programme\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{6E180B62-EC61-402B-9F68-2644FED4083E}] => (Allow) F:\Programme\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{94B84E8F-0FE0-4980-9C19-C55580F2A4B3}] => (Allow) F:\Programme\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{81B8AEE7-2E44-455D-887D-4FD090A36DA8}] => (Allow) F:\Programme\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{239D402C-D318-46B2-96A6-B4B174DE49C3}] => (Allow) F:\Programme\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BF90C639-97B8-49FD-AAF0-847C545E545B}] => (Allow) F:\Programme\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{25E5ACF2-AAB4-4679-BC2C-6CC3D60AE704}] => (Allow) F:\Programme\Steam\steamapps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{D9DE4AC4-7611-4415-AB2E-702655DCD6A6}] => (Allow) F:\Programme\Steam\steamapps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{F5555D3C-EBBA-477C-AD41-3F9F7CC4217E}] => (Allow) F:\Programme\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{815A5E4E-CC0E-4C28-B268-4BBE2340A44C}] => (Allow) F:\Programme\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{B6CD5EF0-5B13-4B29-99E7-FCE740297458}] => (Allow) F:\Programme\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{FAD5D91A-ED68-4DED-94E4-8DADB1057155}] => (Allow) F:\Programme\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{A554F666-66C0-4108-9950-8778CCEE7303}] => (Allow) F:\Programme\Bnet\Battle.net\Battle.net.exe
FirewallRules: [{62D86D84-A242-48CE-BECF-21CAD4F04DCD}] => (Allow) F:\Programme\Bnet\Battle.net\Battle.net.exe
FirewallRules: [{8BF1B0AD-6DAB-4B49-A54A-C7077F7A2DB7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{48961922-9722-4F9E-89F3-C8BC1B0388A7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6365FEA8-B503-493A-AD41-61997E68F6FB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FF4E2F14-D558-4A70-B03A-A72460A5A1AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E5930060-8EFC-4862-9487-28FB04544E10}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{97EFF60F-EFE2-4330-8F0C-20F19F4770A8}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E888A415-12CC-4C22-9AF5-4F46B7F87262}] => (Allow) F:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{C619171F-80B5-4427-8E57-DC9DEB8E41B2}] => (Allow) F:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{B7B6AD9A-FE3A-4C0E-8DD9-58189EC29172}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FC330658-D751-47AB-B66B-B9FCF51F8E52}] => (Allow) LPort=2869
FirewallRules: [{5B91289B-2601-4CE3-A176-2E884D97E81D}] => (Allow) LPort=1900
FirewallRules: [{8CAC94FC-C4DE-4EA5-95EF-807848ECD97A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{978433C1-8E08-4AA7-9420-1D39B495D4FD}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{BC8A92C8-73A3-4EE6-930C-6B1BCC5F9303}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{476AAA0C-2565-47AB-81C9-14776D250C48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3C829E24-F2B5-4356-B9E8-D297BD2846B0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B263F15-383B-4EEC-AC97-31A747C5B0C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BDCA463A-13D7-44FB-80E3-C24BA1BE4CF9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A037E40E-FD5D-43EE-ADB7-C6D480A75EDC}] => (Allow) C:\Users\Versa G1\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{E067E746-8026-49F5-AEB0-77E01CDCE14E}] => (Allow) C:\Users\Versa G1\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D2247A78-ACA1-4031-ADB3-38C002472AA4}] => (Allow) F:\Programme\Office\Office14\GROOVE.EXE
FirewallRules: [{EB68035E-C7AE-4F85-B61C-08FA29EB3C1F}] => (Allow) F:\Programme\Office\Office14\GROOVE.EXE
FirewallRules: [{E54CE55D-1818-4B98-AB01-7B61A81B63F6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0E707393-C167-4B6A-8602-9F1EF7A78E4E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{42625CEF-3627-4C45-B1C0-42FC96F2FB83}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F99A0547-886D-48E0-93F7-44F10AF496CC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{7440CDA9-8D3D-43CE-8910-E17403C17C21}F:\programme\bnet\diablo iii\diablo iii.exe] => (Allow) F:\programme\bnet\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{C1F93976-092B-4D0A-8ACB-25E7250E0130}F:\programme\bnet\diablo iii\diablo iii.exe] => (Allow) F:\programme\bnet\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{98C5135D-CCBE-4D42-B304-6174DD3F71D3}F:\programme\bnet\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) F:\programme\bnet\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{871CFC1A-38A1-4B34-B711-C2D93CA49FC3}F:\programme\bnet\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) F:\programme\bnet\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{E4EF6944-9A1C-4152-BDF3-20E27C29690C}] => (Block) F:\programme\bnet\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{A6EC8031-F473-4408-9BDA-AA537C411E02}] => (Block) F:\programme\bnet\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{18A76F0F-1C5B-4425-A6B2-0930A720F1AF}] => (Allow) F:\Programme\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4F29F86E-2A3E-485E-9117-F6DD7B0D8963}] => (Allow) F:\Programme\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BB02196A-EEB2-426E-8F65-9AFF1C4EB614}] => (Allow) F:\Programme\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{8050FCBC-ABB7-4BB6-BC94-9D09161FFEF7}] => (Allow) F:\Programme\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{FB17466E-52A5-4BC3-8ACC-7CE7EB10B6E6}F:\programme\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\programme\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{6D4C676A-CC5A-4622-A863-6A9D231AD639}F:\programme\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\programme\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{D408F533-196F-424C-963D-26B39093781A}] => (Block) F:\programme\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{3F531685-410C-456F-A17B-EBE5C3334411}] => (Block) F:\programme\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{1B63DEA1-B1C4-4329-B278-A5649356E244}] => (Allow) F:\Programme\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{2E055B4C-B44A-4E16-9AF2-0EF8AF3F3607}] => (Allow) F:\Programme\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [TCP Query User{4E3E2063-2108-4516-BC53-C2808F4D672F}C:\program files (x86)\empire interactive\flatout2\flatout2.exe] => (Allow) C:\program files (x86)\empire interactive\flatout2\flatout2.exe
FirewallRules: [UDP Query User{313A729E-3992-43E4-8D2D-A358C74867FA}C:\program files (x86)\empire interactive\flatout2\flatout2.exe] => (Allow) C:\program files (x86)\empire interactive\flatout2\flatout2.exe
FirewallRules: [{607E4E22-2659-4E7C-98A4-B6C55838F4A4}] => (Block) C:\program files (x86)\empire interactive\flatout2\flatout2.exe
FirewallRules: [{75E47B3F-4859-4B03-8CBD-AF11F45C0701}] => (Block) C:\program files (x86)\empire interactive\flatout2\flatout2.exe
FirewallRules: [TCP Query User{51F1FED4-67E1-4416-A887-8B9CAA0583DC}F:\programme\ssb crusade v0.9 patch\crusadepatch2.exe] => (Allow) F:\programme\ssb crusade v0.9 patch\crusadepatch2.exe
FirewallRules: [UDP Query User{2093EF10-FB0B-4EAF-99A2-8FFAA91168A3}F:\programme\ssb crusade v0.9 patch\crusadepatch2.exe] => (Allow) F:\programme\ssb crusade v0.9 patch\crusadepatch2.exe
FirewallRules: [{DA2FD979-174B-4EBE-8D36-5D73E72B6426}] => (Block) F:\programme\ssb crusade v0.9 patch\crusadepatch2.exe
FirewallRules: [{4274D8C0-1C45-409C-9BD2-5114879E14D8}] => (Block) F:\programme\ssb crusade v0.9 patch\crusadepatch2.exe
FirewallRules: [TCP Query User{A66CDFC8-24FD-49DB-B819-5BBB4331B851}C:\users\spotify.exe] => (Allow) C:\users\spotify.exe
FirewallRules: [UDP Query User{0EEE7F38-DBD2-4FD9-BAE3-DB9C4E262A89}C:\users\spotify.exe] => (Allow) C:\users\spotify.exe
FirewallRules: [TCP Query User{7793E976-3E93-4054-A923-913A6A5A0715}C:\program files (x86)\minecraft\runtime\jre-x64\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{6027458D-F1A9-4E69-A156-AC3FEEB3798C}C:\program files (x86)\minecraft\runtime\jre-x64\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\jre7\bin\javaw.exe
FirewallRules: [{D83B476B-3E88-4688-848E-CD63E03D9769}] => (Allow) F:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9FF2AA39-417B-49A2-BA8A-B7B50D13315E}] => (Allow) F:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E98873E-6F99-4BF9-9F18-AAA5F7E7C597}] => (Allow) F:\Programme\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{C1709C7A-D1A4-4D5B-845B-DD920D668159}] => (Allow) F:\Programme\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{D1C14679-790F-4E13-B89B-8E6E5D9A3265}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{861A491B-84EA-4AC0-913C-B8D46E1FC2DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B34EFCB7-963F-4023-A71C-276F6C919D05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{242BDAFF-9D1A-443E-BF0D-7ADDFC6325ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{69194187-6C39-4A31-B22B-F9DA31B049A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9989AC2F-0B4E-45B7-A02E-15E72A0F1D8C}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{0B18A998-F774-439D-A0E3-5E4AB57A20DA}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{B47708B6-F2BA-47C0-A324-97D2F6711B0D}F:\Programme\tmnationsforever\tmforever.exe] => (Allow) F:\Programme\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{12990A95-7460-411C-8905-7B6C775739DE}F:\Programme\tmnationsforever\tmforever.exe] => (Allow) F:\Programme\tmnationsforever\tmforever.exe
FirewallRules: [{7098FAA4-82C1-41BC-93CD-B56ADFB69C88}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{843CDC12-A5EB-4D0E-9FB1-B816440A0F51}] => (Allow) C:\Users\Moritz\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{77B341D7-A7A6-406E-8E9D-8EBD4BBF0457}] => (Allow) C:\Users\Moritz\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{C89A89B3-277B-4758-A5C6-DD28DAA0A1F4}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{37F29AD5-FEA1-4AEF-B4C7-0D9DA6502968}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{DA7CA4A7-4E22-413F-87EA-C16CB5E96B05}] => (Allow) F:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{D179D39C-CF18-4EEE-A092-B146049FA99C}] => (Allow) F:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [TCP Query User{1A89B8C1-5A1A-41AF-8B01-92D5F8975BAD}F:\programme\bnet\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) F:\programme\bnet\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9A335605-576D-413D-A076-1A241575CBBE}F:\programme\bnet\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) F:\programme\bnet\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{98ABDD7C-5297-45C5-AA80-A1D1097D0625}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{3AAD2C7D-F5C5-4619-8D7C-710C7998A7C6}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B8A910E1-08DD-472C-99D1-6415175D4E96}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{8E890246-2837-43CD-A511-21706969DE10}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{CC6C4F65-34CE-41FA-988D-268602816B6C}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{51361D8C-EA5A-4302-BA3C-B7D3BF17AF74}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [TCP Query User{E8E9EFB8-4328-452A-96F6-330F1F5781D9}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{F58E358E-B9B5-4933-84B4-9E1E3BBDF5BC}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{C8315F1B-1834-4293-A92A-6151D39A9618}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{0240B6C3-B408-467E-B1B6-0437DF3F379F}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{FAB68FB9-A76D-4F53-8A3B-4E6AB026C6B7}C:\users\versa g1\unity\editor\unity.exe] => (Allow) C:\users\versa g1\unity\editor\unity.exe
FirewallRules: [UDP Query User{E99F7F4F-82E3-4367-A05F-A51364923364}C:\users\versa g1\unity\editor\unity.exe] => (Allow) C:\users\versa g1\unity\editor\unity.exe
FirewallRules: [TCP Query User{68F67A91-4C44-4409-B88C-395279C4460F}C:\users\versa g1\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\users\versa g1\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{18A58828-16DC-43B0-A093-0349743FE544}C:\users\versa g1\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\users\versa g1\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{08AAF1A2-E256-4FF6-9E44-B26DFEF4FEB9}F:\programme\bnet\hearthstone\hearthstone.exe] => (Allow) F:\programme\bnet\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{C5651D5D-C842-4C1D-8898-800F9620A39C}F:\programme\bnet\hearthstone\hearthstone.exe] => (Allow) F:\programme\bnet\hearthstone\hearthstone.exe

==================== Faulty Device Manager Devices =============

Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 00:09:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 00:09:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ee28
ID des fehlerhaften Prozesses: 0x4f8
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3

Error: (05/25/2015 00:09:03 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/25/2015 02:16:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 07:17:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\TF.exe . Error code = 0x80131f07

Error: (05/24/2015 07:17:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\TF.exe . Error code = 0x80131f07

Error: (05/24/2015 05:07:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 05:07:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ee28
ID des fehlerhaften Prozesses: 0x4e4
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3

Error: (05/24/2015 05:07:43 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/24/2015 01:04:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/25/2015 00:09:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%-2147467259

Error: (05/25/2015 00:09:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (05/25/2015 00:09:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎05.‎2015 um 02:18:28 unerwartet heruntergefahren.

Error: (05/25/2015 02:15:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/25/2015 02:14:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/25/2015 02:14:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/25/2015 02:14:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/25/2015 02:14:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/25/2015 02:14:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/25/2015 02:14:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office:
=========================
Error: (05/25/2015 00:09:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 00:09:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000000ee284f801d096d2d2aef575C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe1230dcc7-02c6-11e5-9cd0-d05099528a03

Error: (05/25/2015 00:09:03 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/25/2015 02:16:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 07:17:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\TF.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\TF.exe

Error: (05/24/2015 07:17:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\TF.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\TF.exe

Error: (05/24/2015 05:07:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 05:07:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000000ee284e401d09633615d115bC:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exea044ac9f-0226-11e5-92f9-d05099528a03

Error: (05/24/2015 05:07:43 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/24/2015 01:04:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 20%
Total physical RAM: 8078.39 MB
Available physical RAM: 6459.75 MB
Total Pagefile: 16155 MB
Available Pagefile: 14452.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:111.69 GB) (Free:42.58 GB) NTFS
Drive d: (R2D2) (Removable) (Total:7.6 GB) (Free:1.91 GB) FAT32
Drive f: (HDD) (Fixed) (Total:931.38 GB) (Free:648.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 51170C3A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0F9FD408)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 7.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================
         
Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
Habe nun alle Schritte befolgt!

Alt 25.05.2015, 19:34   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Steam Virus durch .src Datei? - Standard

Steam Virus durch .src Datei?



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    cinema 4d r14


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Steam Virus durch .src Datei?
abgesicherte, abgesicherten, anfrage, avast, bereits, bild, datei, fenster, frage, gestartet, gestern, konnte, link, min, modus, passwörter, removal, steam, tool, verdächtig, viren, virus, virus .scr steam trade sohanda, virus?, vorgehen, öffnen



Ähnliche Themen: Steam Virus durch .src Datei?


  1. Windows 7: Steam Account durch Virus gehackt und entwendet, Steam infiziert : Win32:Malware-gen
    Log-Analyse und Auswertung - 14.09.2015 (16)
  2. Warschienlich Steam Virus gedownloadet .scr Datei
    Plagegeister aller Art und deren Bekämpfung - 26.08.2015 (14)
  3. .scr Datei (Virus?) über Steam erhalten, habe ich jetzt einen Virus (oder Passwortscanner, etc.)?
    Log-Analyse und Auswertung - 09.06.2015 (3)
  4. Habe bei Steam eine .scr Datei geschickt bekommen dann gedownloaded... Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 13.03.2015 (12)
  5. Steam SCR. Virus?
    Plagegeister aller Art und deren Bekämpfung - 31.01.2015 (9)
  6. .scr Datei auf Steam erhalten/Windows hat ausführung geblockt/trotzdem in Gefahr?
    Plagegeister aller Art und deren Bekämpfung - 26.01.2015 (7)
  7. Steam-Nachricht mit .scr Datei
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (3)
  8. Windows 8: .scr-Datei Download per Link über Steam
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (11)
  9. Steam Nachricht von Freunde geöffnet mit einer .scr Datei drin
    Plagegeister aller Art und deren Bekämpfung - 17.12.2014 (3)
  10. Steam Inventory Hijacked durch ausführen einer .exe
    Plagegeister aller Art und deren Bekämpfung - 22.11.2014 (10)
  11. Kann ich durch eine unvollständig gedownloadete DLL Datei einen Virus haben?
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (1)
  12. Steam Virus?
    Plagegeister aller Art und deren Bekämpfung - 03.05.2014 (2)
  13. Steam Daten durch ein Programm geklaut !
    Plagegeister aller Art und deren Bekämpfung - 15.12.2012 (13)
  14. Virus durch das ÖFFNEN einer rar-datei mit Winrar einfangen?
    Plagegeister aller Art und deren Bekämpfung - 26.02.2011 (2)
  15. Steam(file2.exe) ohne das man Steam installiert hat
    Plagegeister aller Art und deren Bekämpfung - 21.02.2010 (1)
  16. Steam Datei befallen? Was tun?
    Plagegeister aller Art und deren Bekämpfung - 28.05.2009 (0)
  17. Virus Meldung durch nProtect bei online datei scan
    Log-Analyse und Auswertung - 17.04.2009 (1)

Zum Thema Steam Virus durch .src Datei? - Hallo, Ich habe gestern einene Trade anfrage bei Steam bekommen, diese Person hat mir einen Link zu einem vermeintlich Bild geschickt, die Datei war aber eine .scr, ich habe sie - Steam Virus durch .src Datei?...
Archiv
Du betrachtest: Steam Virus durch .src Datei? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.