Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: White Screen Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.05.2015, 21:39   #1
eltontv123
 
White Screen Virus - Standard

White Screen Virus



Hallo,
Mein Computer ist die letzte Zeit immer öfter am Überhitzen und es wird immer schlimmer. Als ich dann ein Video auf YouTube geschaut habe kam ein White Screen und ich konnte nichts mehr machen(musste dann den Computer mit dem Start Knopf ausmachen). Ich brauche jetzt eure Hilfe weil ich keine ahnung habe was ich bei sowas machen soll.

Betriebssystem: Windows 7 64bit Home Premium

Alt 01.06.2015, 05:18   #2
schrauber
/// the machine
/// TB-Ausbilder
 

White Screen Virus - Standard

White Screen Virus



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 01.06.2015, 14:43   #3
eltontv123
 
White Screen Virus - Standard

White Screen Virus



Frst.txt

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by User (administrator) on USER-PC on 01-06-2015 15:40:15
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Windows\DAODx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Mouse driver\mouse_driver.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Mouse driver\wh_exec.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613024 2010-09-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [uni mouse driver] => C:\Mouse driver\mouse_driver.exe [2972672 2011-11-09] ()
HKLM-x32\...\Run: [uni mouse driver tilt] => C:\Mouse driver\wh_exec.exe [147456 2010-10-05] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-04-30] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-23] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-23] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-04-30] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{857EEA3E-4B37-40EB-9965-61E87ADAF493}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\175vkymt.default
FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-02] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-04-30] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-04-30] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-04-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3928150652-2756980015-3035233101-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mystartsearch.xml [2015-03-18]
FF Extension: Fast Start - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\175vkymt.default\Extensions\istart_ffnt@gmail.com [2015-03-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\175vkymt.default\extensions\istart_ffnt@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-04-30]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1426710154&from=cvs&uid=WDCXWD20EADS-00S2B0_WD-WCAVY082851028510

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-30]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-16]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-30]
CHR Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-30]
CHR Extension: (Bookmark Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-10]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-30]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-09-27] (Atheros Commnucations) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-06] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-10-31] (EasyAntiCheat Ltd)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-25] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-04-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-04-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 L1c; C:\Windows\System32\DRIVERS\l1c51x64.sys [104600 2012-11-19] (Atheros Communications, Inc.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-09-25] (VIA Technologies, Inc.)
R3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2009-09-16] ()
R3 whfltr2k; C:\Windows\SysWOW64\DRIVERS\whfltr2k.sys [10368 2009-09-16] ()
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [296960 2013-09-25] (VIA Technologies, Inc.)
S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 15:40 - 2015-06-01 15:40 - 00025580 _____ () C:\Users\User\Desktop\FRST.txt
2015-06-01 15:39 - 2015-06-01 15:39 - 00014742 _____ () C:\Users\User\Downloads\Addition.txt
2015-06-01 15:39 - 2015-06-01 15:38 - 02108928 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-06-01 15:38 - 2015-06-01 15:40 - 00000000 ____D () C:\FRST
2015-06-01 15:38 - 2015-06-01 15:39 - 00062911 _____ () C:\Users\User\Downloads\FRST.txt
2015-06-01 15:38 - 2015-06-01 15:38 - 02108928 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-06-01 13:39 - 2015-06-01 13:39 - 00000000 ____D () C:\Users\User\AppData\Local\GWX
2015-05-31 16:07 - 2015-05-31 16:07 - 00000000 ___DC () C:\Program Files (x86)\AGEIA Technologies
2015-05-27 22:18 - 2015-05-27 22:18 - 00795332 _____ () C:\Users\User\Downloads\Launcher (1).rar
2015-05-27 22:09 - 2015-05-27 22:09 - 00795332 _____ () C:\Users\User\Downloads\Launcher.rar
2015-05-25 14:18 - 2015-05-25 14:31 - 41031833 _____ () C:\Users\User\Downloads\FS15_Don_680M.zip
2015-05-24 15:49 - 2015-05-24 15:49 - 10129654 _____ () C:\Users\User\Downloads\ets2mp_client (1).zip
2015-05-23 16:02 - 2015-05-23 16:03 - 10126899 _____ () C:\Users\User\Downloads\ets2mp_client.zip
2015-05-23 14:12 - 2015-05-23 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\GIANTSPackageRegistry
2015-05-23 14:12 - 2015-05-23 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\GIANTS Editor 64bit 6.0.3
2015-05-23 14:11 - 2015-05-23 14:11 - 00000000 ___DC () C:\Program Files\GIANTS Software
2015-05-23 14:11 - 2015-05-23 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIANTS Software
2015-05-23 14:10 - 2015-05-23 14:11 - 11264654 _____ () C:\Users\User\Downloads\Giants-Editor-6.0.3-34-64-bit_ModLandNet.zip
2015-05-23 14:05 - 2015-05-23 14:08 - 00000000 ____D () C:\Users\User\Desktop\meine_mod_map
2015-05-17 14:05 - 2015-05-31 18:48 - 00032768 _____ () C:\Windows\system32\persistent_q.db-shm
2015-05-17 14:05 - 2015-05-17 14:05 - 00012608 _____ () C:\Windows\system32\persistent_q.db-wal
2015-05-17 14:05 - 2015-05-17 14:05 - 00001024 _____ () C:\Windows\system32\persistent_q.db
2015-05-16 17:46 - 2015-05-16 17:46 - 00657408 _____ () C:\Users\User\Downloads\MicrosoftFixit50464.msi
2015-05-15 20:17 - 2015-05-15 20:18 - 00070085 _____ () C:\Users\User\Downloads\ZZZ_driveControl (1).zip
2015-05-15 20:14 - 2015-05-15 20:14 - 00025598 _____ () C:\Users\User\Downloads\AnimationMapTrigger.zip
2015-05-15 20:13 - 2015-05-15 20:13 - 00062272 _____ () C:\Users\User\Downloads\multiFruit LS15 V3_0 ENTPACKEN PLEASE UNPACK (1).rar
2015-05-15 17:19 - 2015-05-15 19:36 - 419608199 _____ () C:\Users\User\Downloads\Suedharz_Map_v1.zip
2015-05-13 22:52 - 2015-05-13 22:52 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 22:52 - 2015-05-13 22:52 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:20 - 2015-05-13 23:09 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:20 - 2015-05-13 23:09 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:20 - 2015-05-13 23:09 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:20 - 2015-05-13 23:09 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:19 - 2015-05-13 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:19 - 2015-05-13 23:08 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:19 - 2015-05-13 23:08 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:19 - 2015-05-13 23:08 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:19 - 2015-05-13 23:08 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:19 - 2015-05-13 23:08 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:19 - 2015-05-13 23:08 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:19 - 2015-05-13 23:08 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:19 - 2015-05-13 23:08 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:19 - 2015-05-13 23:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:19 - 2015-05-13 23:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:19 - 2015-05-13 23:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:18 - 2015-05-13 23:07 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:18 - 2015-05-13 23:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:18 - 2015-05-13 23:06 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 15:18 - 2015-05-13 23:06 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:18 - 2015-05-13 23:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 15:17 - 2015-05-14 12:21 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:17 - 2015-05-14 12:21 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:17 - 2015-05-13 23:04 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:17 - 2015-05-13 23:04 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:17 - 2015-05-13 23:04 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:17 - 2015-05-13 23:04 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:17 - 2015-05-13 23:04 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:17 - 2015-05-13 23:04 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:17 - 2015-05-13 22:55 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 15:17 - 2015-05-13 22:55 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 15:17 - 2015-05-13 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:17 - 2015-05-13 22:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:17 - 2015-05-13 22:49 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 15:17 - 2015-05-13 22:49 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:17 - 2015-05-13 22:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:17 - 2015-05-13 22:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:17 - 2015-05-13 22:49 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 15:17 - 2015-04-08 05:29 - 00024576 ____C (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 17:20 - 2015-05-12 17:20 - 00127862 _____ () C:\Users\User\Downloads\zzzAutoTractor.zip
2015-05-11 19:26 - 2015-05-11 19:26 - 00026269 _____ () C:\Users\User\Downloads\zzzKeyboardSteer.zip
2015-05-11 19:16 - 2015-05-11 19:16 - 00062272 _____ () C:\Users\User\Downloads\multiFruit LS15 V3_0 ENTPACKEN PLEASE UNPACK.rar
2015-05-10 13:08 - 2015-05-10 13:08 - 00122258 _____ () C:\Users\User\Downloads\FastSwitcher.zip
2015-05-08 20:08 - 2015-05-19 17:15 - 00070085 _____ () C:\Users\User\Downloads\ZZZ_driveControl.zip
2015-05-06 21:41 - 2015-05-06 21:41 - 00003743 _____ () C:\Users\User\Downloads\Baler_add_grass.zip
2015-05-06 20:01 - 2015-05-06 20:03 - 07399049 _____ () C:\Users\User\Downloads\Aguas_Tenias_Plataforma_2Ejes.zip
2015-05-05 19:11 - 2015-05-05 19:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\.technic
2015-05-04 19:54 - 2015-05-04 19:54 - 00000000 ____D () C:\ProgramData\WarThunder
2015-05-04 19:16 - 2015-05-04 19:31 - 00000000 ____D () C:\Users\User\Desktop\Neuer Ordner (2)
2015-05-04 18:10 - 2015-05-04 18:13 - 00001291 _____ () C:\Users\User\Desktop\Landwirtschafts Simulator 15 .lnk
2015-05-04 18:10 - 2015-05-04 18:13 - 00000000 ___DC () C:\Program Files (x86)\Landwirtschafts Simulator 2015
2015-05-04 18:10 - 2015-05-04 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015
2015-05-03 17:36 - 2015-05-03 17:36 - 00000000 ____D () C:\Users\User\Desktop\bergmoor

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 15:38 - 2015-02-24 22:02 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
2015-06-01 15:18 - 2014-10-31 17:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-06-01 15:11 - 2014-10-30 21:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-01 14:57 - 2014-11-19 19:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-01 14:44 - 2015-04-30 20:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-06-01 14:44 - 2014-10-30 21:04 - 00000000 ___DC () C:\Program Files (x86)\Steam
2015-06-01 14:28 - 2014-12-21 19:36 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn Hamachi
2015-06-01 14:27 - 2011-06-26 22:08 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-06-01 12:15 - 2009-07-14 06:45 - 00032976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 12:15 - 2009-07-14 06:45 - 00032976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 12:08 - 2011-05-25 04:18 - 01386053 _____ () C:\Windows\WindowsUpdate.log
2015-06-01 11:55 - 2015-04-06 19:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Raptr
2015-06-01 11:55 - 2014-11-22 17:05 - 00000000 ____D () C:\ProgramData\Origin
2015-06-01 11:54 - 2014-10-30 21:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-01 11:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-01 11:53 - 2009-07-14 06:51 - 00088700 _____ () C:\Windows\setupact.log
2015-05-31 16:07 - 2013-11-28 03:11 - 00000000 ___DC () C:\Program Files (x86)\NVIDIA Corporation
2015-05-30 17:17 - 2014-10-31 15:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\SpaceEngineers
2015-05-29 23:27 - 2014-10-30 15:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-26 18:17 - 2014-10-30 21:04 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-25 22:16 - 2014-11-05 22:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2015-05-25 20:55 - 2014-11-02 01:39 - 00000000 ____D () C:\Users\User\AppData\Local\Arma 3
2015-05-25 19:08 - 2014-10-31 17:52 - 00000000 __RDC () C:\Program Files (x86)\Skype
2015-05-25 19:08 - 2011-06-26 22:04 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2015-05-25 17:46 - 2014-12-14 20:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Factorio
2015-05-24 16:03 - 2014-10-30 17:10 - 00000000 ____D () C:\Users\User\Documents\Euro Truck Simulator 2
2015-05-24 15:51 - 2014-11-02 13:01 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-05-24 15:50 - 2014-12-19 19:31 - 00000000 ___DC () C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2015-05-24 15:50 - 2014-12-19 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2015-05-20 22:41 - 2015-04-04 23:30 - 00000000 __SDC () C:\Windows\SysWOW64\GWX
2015-05-20 22:41 - 2015-04-04 23:30 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-19 13:13 - 2015-04-06 19:53 - 00000000 ___DC () C:\Program Files (x86)\Raptr
2015-05-18 18:06 - 2014-10-30 21:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 18:06 - 2014-10-30 21:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 16:04 - 2015-03-19 20:45 - 00000000 ___DC () C:\Program Files (x86)\MSI Afterburner
2015-05-16 18:55 - 2014-11-25 16:01 - 00348672 ____C () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-05-16 18:55 - 2014-11-25 15:44 - 00348672 ____C () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-16 18:55 - 2014-11-25 15:44 - 00280904 ____C () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-05-16 18:50 - 2014-11-27 22:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\SpinTires
2015-05-16 17:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-16 16:28 - 2014-11-04 18:45 - 00000000 ____D () C:\Users\User\AppData\Local\Arma 3 Launcher
2015-05-14 12:25 - 2009-07-14 19:58 - 01906136 _____ () C:\Windows\system32\perfh007.dat
2015-05-14 12:25 - 2009-07-14 19:58 - 00524026 _____ () C:\Windows\system32\perfc007.dat
2015-05-14 12:25 - 2009-07-14 07:13 - 00006532 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-14 12:19 - 2009-07-14 06:45 - 00267816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 12:17 - 2009-07-14 20:18 - 00000000 ___DC () C:\Program Files\Windows Journal
2015-05-14 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 23:07 - 2013-04-02 10:12 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-13 23:03 - 2013-07-15 13:29 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 22:55 - 2013-07-14 17:33 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 22:51 - 2015-03-12 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 22:51 - 2015-03-12 19:59 - 00000000 ___DC () C:\Program Files\Microsoft Silverlight
2015-05-13 22:51 - 2015-03-12 19:59 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Silverlight
2015-05-06 22:02 - 2014-12-18 19:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2015-05-02 20:33 - 2014-11-25 16:01 - 00000000 ___DC () C:\Program Files (x86)\Battlelog Web Plugins

==================== Files in the root of some directories =======

2015-04-27 17:42 - 2015-04-27 17:42 - 0000000 ____H () C:\Users\User\AppData\Local\BITC81E.tmp
2014-10-31 15:23 - 2014-10-31 21:39 - 0007597 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2015-01-23 15:02 - 2015-01-23 15:03 - 0000000 _____ () C:\Users\User\AppData\Local\{0260A4A9-E305-428E-B640-139CACB037DB}
2015-01-10 18:52 - 2015-01-10 18:53 - 0000000 _____ () C:\Users\User\AppData\Local\{14E929BF-CCD1-4708-8CA3-35900B666099}
2015-04-27 17:42 - 2015-04-27 17:42 - 0000000 _____ () C:\Users\User\AppData\Local\{7D32E17D-F250-480E-BC3B-6461A8E5D6AB}
2015-01-08 22:01 - 2015-01-08 22:02 - 0000000 _____ () C:\Users\User\AppData\Local\{7FA96B41-E1BD-4A1E-BE80-EC85DA77C051}
2015-04-12 00:15 - 2015-04-12 00:15 - 0000000 _____ () C:\Users\User\AppData\Local\{B24468C7-DC55-4CA2-947D-BE290E8D6DBD}
2015-03-07 15:44 - 2015-03-07 15:44 - 0000000 _____ () C:\Users\User\AppData\Local\{DE936427-7E31-45CF-A2B2-22E7BE71AE10}

Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\User\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\User\AppData\Local\Temp\i4jdel0.exe
C:\Users\User\AppData\Local\Temp\i4jdel1.exe
C:\Users\User\AppData\Local\Temp\raptrpatch.exe
C:\Users\User\AppData\Local\Temp\raptr_stub.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\WdfCoInstaller01007.dll
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 16:44

==================== End of log ============================
         
Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by User at 2015-06-01 15:40:41
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3928150652-2756980015-3035233101-500 - Administrator - Disabled)
Gast (S-1-5-21-3928150652-2756980015-3035233101-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3928150652-2756980015-3035233101-1002 - Limited - Enabled)
User (S-1-5-21-3928150652-2756980015-3035233101-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.34 - Atheros Communications)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version:  - Double Action Factory)
Dragon Nest Europe (HKLM-x32\...\Steam App 258700) (Version:  - Eyedentity Games)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 2.2.1514.31 - Infernum Productions AG)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.7 R3 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.7 R3 Alpha - ETS2MP Team)
Factorio version 0.10.12 (HKLM\...\Factorio_is1) (Version:  - )
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIANTS Editor 6.0.3 64-bit (HKLM-x32\...\giants_editor_6.0.3_win64_is1) (Version: 6.0.3 - GIANTS Software GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2219 - Intel Corporation)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62608.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62608.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mouse driver v1.0 (HKLM-x32\...\uni mouse driver) (Version:  - )
Mozilla Firefox 4.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 4.0.1 (x86 de)) (Version: 4.0.1 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Train Fever (HKLM-x32\...\Steam App 304730) (Version:  - Urban Games)
Train Simulator 2015 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
Unity Web Player (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Unreal Development Kit (HKLM-x32\...\Steam App 13260) (Version:  - Epic Games)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-12-07 22:54 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {089BB75A-1DAE-441B-A9A1-424DF01148D7} - System32\Tasks\{4E8D6B85-1D8F-434B-A55A-8B94E063A32D} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23] (Skype Technologies S.A.)
Task: {08EA3AE2-DA81-4B05-BF05-155ADCAF2683} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-20] (Microsoft Corporation)
Task: {21B1F005-8405-484C-A734-BAFA294ED322} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {2A3253D7-F166-4EE1-ACA8-5AFFDF15C84F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-20] (Microsoft Corporation)
Task: {59562497-518B-44D1-B8C6-C70DD62D0667} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {5E411DAA-6C7C-49E1-A8CD-225E0EEC52C8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {787ADB35-D5A4-48A5-83D5-C11E776E29BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-20] (Microsoft Corporation)
Task: {7E4D0FC2-42BE-4385-9A3D-CE03404007F3} - System32\Tasks\{D096B453-3EE7-47C7-B1DE-A173C5CB9D27} => pcalua.exe -a C:\Users\User\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=cvs
Task: {D43D3BC8-3579-46AA-8AF1-D0E8481E06D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-10] (Google Inc.)
Task: {EE0CF01A-D771-4368-9A34-04A0F4A7FBEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-10] (Google Inc.)
Task: {F7AE662B-71CA-4DFD-BCCB-43715535E885} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-11-28 03:11 - 2013-10-23 10:20 - 00102176 ____C () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-11-25 15:44 - 2014-11-25 16:09 - 00076152 ____C () C:\Windows\SysWOW64\PnkBstrA.exe
2011-11-09 02:45 - 2011-11-09 02:45 - 02972672 _____ () C:\Mouse driver\mouse_driver.exe
2010-10-05 01:54 - 2010-10-05 01:54 - 00147456 _____ () C:\Mouse driver\wh_exec.exe
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 ____C () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2010-10-05 01:54 - 2010-10-05 01:54 - 00036864 _____ () C:\Mouse driver\wh_hook.dll
2014-11-22 17:09 - 2015-04-10 21:29 - 01007104 ____C () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-04-10 21:30 - 2015-04-10 21:28 - 00023552 ____C () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-04-10 21:30 - 2015-04-10 21:28 - 00024576 ____C () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-04-10 21:30 - 2015-04-10 21:28 - 00216576 ____C () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-04-10 21:30 - 2015-04-10 21:28 - 00261120 ____C () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-04-10 21:30 - 2015-04-10 21:28 - 00019456 ____C () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-04-10 21:30 - 2015-04-10 21:28 - 00337408 ____C () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-04-10 21:30 - 2015-04-10 21:28 - 00018944 ____C () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-11-22 17:09 - 2015-04-10 21:28 - 00228352 ____C () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 ____C () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 ____C () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 ____C () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 ____C () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 ____C () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 ____C () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 ____C () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 ____C () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 ____C () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 ____C () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 ____C () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 ____C () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 ____C () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 ____C () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 ____C () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 ____C () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 ____C () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 ____C () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 ____C () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 ____C () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 ____C () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 ____C () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 ____C () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 ____C () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 ____C () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 ____C () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 ____C () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 ____C () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 ____C () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 ____C () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 ____C () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 ____C () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 ____C () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 ____C () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 ____C () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 ____C () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 ____C () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 ____C () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 ____C () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-05-26 18:17 - 2015-05-22 22:22 - 01281864 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 18:17 - 2015-05-22 22:22 - 00080712 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-16 15:33 - 2015-04-16 19:40 - 00776192 ____C () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-16 15:33 - 2015-04-23 04:16 - 04962816 ____C () C:\Program Files (x86)\Steam\v8.dll
2015-05-16 15:33 - 2015-04-23 04:16 - 01556992 ____C () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-16 15:33 - 2015-04-23 04:16 - 01187840 ____C () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-16 15:33 - 2015-05-15 03:58 - 02396352 ____C () C:\Program Files (x86)\Steam\video.dll
2014-10-30 15:12 - 2014-12-01 23:31 - 02396672 ____C () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-30 15:12 - 2014-12-01 23:31 - 00442880 ____C () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-30 15:12 - 2014-12-01 23:31 - 00479744 ____C () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-30 15:12 - 2014-12-01 23:31 - 00332800 ____C () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-30 15:12 - 2014-12-01 23:31 - 00485888 ____C () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-16 15:33 - 2015-05-15 03:57 - 00703168 ____C () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-26 18:17 - 2015-05-22 22:22 - 14982472 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
2014-10-30 15:12 - 2015-05-11 21:01 - 36302728 ____C () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-16 15:33 - 2015-05-11 21:01 - 08958344 ____C () C:\Program Files (x86)\Steam\bin\pdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{79BAFC3D-F63B-44D1-9066-FC2F65EED6E9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{767F1650-87EC-4DE3-B60B-B8AB35887BDA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7CAFD723-723E-4DA5-ADEC-DA4F7C06F7BC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{859DF58A-2F88-486E-A0FF-41D290E4EFA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B1D9CB51-A81B-4119-BBC5-26F84D6FCDB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{92ABE82F-0B0C-4E4B-A05E-250DD7A9CA5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FF554F1D-DB7C-4C39-B159-AFEB41C5FB1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{49B5DD55-A48B-4CC0-97E9-987BA10E40C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{D3AA61E0-BC77-4D39-80E0-D0C9E5D6ECD4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{92AB153F-860B-4122-A8D8-EE559CF26957}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{729BE141-C733-4B90-91AE-E71B08E17A20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{BCF537BD-BED3-4DE1-AE8F-FE0A5FFBBB89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{B15E8946-A7F9-4509-8F74-0534B4749D79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A945B24-35C5-4A91-8FA1-FF10FAFBC239}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{0210F493-2FEF-4EAF-B009-92C07EE5C9F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{D8CFCA87-AAE6-4CCA-BE54-A82F3BB6BDB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{E3F3AD67-9090-4DC2-8549-07D6EFB929CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{5DEFF85A-9E98-4C09-8738-B9A0452563EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{7885C720-3FDF-4B28-8B48-CD35DFE007E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{2440A5EF-9E10-46D8-A50E-BA65B9804B75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{7B1A0695-724F-40B3-9CAF-F69917004812}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{CC81948E-838E-403E-94CB-196219247274}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4D4BF066-F58B-46C3-80E4-D7EFCD30A371}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{B1DEAA2B-BE1A-4C55-A581-1E96CD0274B8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D8355C5B-2449-4EF5-89D6-091EA5A5EF30}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9EA38A75-C5A5-4951-8756-5AE9DE34A5C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4EA789B5-0EEC-4C34-A8F9-0644356F5186}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B533D2CE-9A7D-4843-BE54-E667F68E89C6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{9818D8EE-5FBC-4E3D-ABD2-5017C237FDE3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{464FB008-ADA2-4982-BA9D-EACB3C8CA577}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{292DDA4D-F236-4A58-A77F-F4FBA6969C3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{B3F27A66-B2AC-4C47-A129-30269993ABCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{E5A3AB7F-E9EC-4679-B923-1791739D4505}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{C8BD33EF-432F-4E37-9EB2-4E8499077895}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{10CB3E3C-8D94-4012-A2C4-1366329F5C06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{9AB18DBA-14BA-4B67-B9D8-CF8DDFE9F1FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{007F3CD4-016C-4685-92C5-323F3E7FF0F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{82D4E0F9-0CA7-4CE7-BBEB-7F589E4098D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{6D6F4E59-F547-4441-84CA-56C915986BE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{A1CB086A-E49A-4AD6-9EB3-738AC04E5B7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{136E8C35-0944-4875-8EB5-0A573C81EBF0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{919459AE-8814-4B11-A4E8-C588BDDB202D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FSX\fsx.exe
FirewallRules: [{10F53222-6325-4DDD-90E7-67270EBD1108}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FSX\fsx.exe
FirewallRules: [{DBD85D58-22DF-4539-9403-F7CE976D0F84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{EF216843-910A-4F27-B6E3-4C06BAE5B50D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{96304997-AB41-4083-ADDE-CB29ECD125A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{82685F08-7738-4F1A-8C80-C39AB5901BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{39CC1DBB-BB1C-4214-9581-A8BC28FFABFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{9DB5C743-1A7E-44C8-8E93-F390D70CD379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{82F2B39E-A9B7-4DF3-ADEA-ECE0D2A3A9D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{68CDF9CD-F93E-4A61-8DCC-7B77EE7B4197}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{3F129C69-53DD-424E-B9F5-CDD8A06154DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{CD56AAC1-30AC-4F63-88D5-3CE8870CB6A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{F56563D1-659D-436B-B852-0CD10E4509E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{4A15E822-0915-4DBB-8C66-BCB45DB5E672}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{79D02DE4-4476-4F28-9167-DBBB4DBA0807}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Double Action\hl2.exe
FirewallRules: [{46A61731-3C04-4816-BC75-E7AC3E968C8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Double Action\hl2.exe
FirewallRules: [{2A293464-F097-4843-9889-6560D0895223}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BDDBA6BA-427D-4995-B0FD-943F5FB68476}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B77780C6-2C5A-47EF-B259-CAB8D547F848}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Nest Europe\DragonNest\DragonNest.exe
FirewallRules: [{55DC2D42-975C-43AF-A6F0-D84A1BCAB78A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Nest Europe\DragonNest\DragonNest.exe
FirewallRules: [{18BAC74C-B712-44FF-9ECE-9420E000ED14}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{0398774D-8CE6-4E02-A50F-7B608AA392AD}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{F24FE8EC-AABE-4EB4-B845-4EE3A139C77C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{2A8322BA-1D40-4AF8-AB81-084E52901302}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{696959E4-A11A-4FC5-AFA1-D809325D7BA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{EC91AEEC-62E1-49A9-B047-6E436197C1C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{D62D1641-7731-430D-85AD-10F33BE93ED0}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{038B65CC-5E9E-4C92-96FB-77371EEA8B0E}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{E1680979-FF4D-407A-9446-EBE269094403}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{DACE2813-F687-4D75-9B97-AF34A1DEBD4D}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{F7832B0B-42AD-4219-A044-7A8E99B04903}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{7FB32231-A155-4F18-96B2-1E8E863BFFD9}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{94E8CD78-9F80-4847-B9DA-EC80D71BDA08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{B17B7EEA-17E4-4239-8FBE-93430EA144DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{1E893D05-37DA-40B7-99A7-5ADF79262916}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{1021D4C2-17E2-4051-B0B7-C715D6F0DE2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{8FA19AB5-CA46-4CC0-9346-695A57980D74}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{80185F76-A048-4599-986B-ECDBDCAF8BC1}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{0F043898-F934-40A9-9CB4-279DF93CDCE4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{DA485682-11A2-40A9-8FE8-E69B36CF2149}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{3259A48D-22DA-452D-B873-0F823F284A88}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{72CD5D88-E40C-4163-82D3-636D8276A3B2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{4E0FA3BD-F3C4-46C2-AED2-28EB54045E80}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{A67DDDD3-6F7E-4298-AADF-9690E720313B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{BBD0FD7D-4729-4047-B827-55B3BEC43A49}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AF0ADB4A-B084-4D98-902B-28E0839F1870}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{24F0FB79-29A4-4391-9C77-1211D7D9E50F}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6838CC0D-F1D2-48E1-A735-E044CB72A255}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6B8E1912-8EE1-4561-95BB-D900B9B7D3ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{E2D8C6CC-A6FD-4C57-820C-965E1361F452}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{60A0F396-6EDC-4D15-9BE5-16AFAD4F4FF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{050958B2-A4FB-41E5-ABA5-5254C1E7520C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E3BA9DF2-2837-4623-9A7E-28E5A641611F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3C210708-0FA1-4C22-A0BC-EF5152A22AA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{441E5112-C4D6-4846-B66A-6586B7F94A52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4146C146-B060-4C8D-98D4-4E36FC2E11CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{533F0F55-C4E9-4FB4-B474-DD2D9CFEBDE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2015 03:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 29.5.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d9c

Startzeit: 01d09c7042c55163

Endzeit: 8

Anwendungspfad: C:\Users\User\Downloads\FRST64.exe

Berichts-ID:

Error: (06/01/2015 02:10:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/01/2015 02:10:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/30/2015 11:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Application-steam-x64.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1de4

Startzeit: 01d09af2ae5c4030

Endzeit: 288

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe

Berichts-ID:

Error: (05/29/2015 04:25:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/29/2015 04:25:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/29/2015 04:22:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/29/2015 04:22:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/27/2015 10:08:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12cc

Startzeit: 01d098b03e057d06

Endzeit: 56

Anwendungspfad: C:\ProgramData\Oracle\Java\javapath\javaw.exe

Berichts-ID:

Error: (05/26/2015 07:58:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/01/2015 02:31:54 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/01/2015 00:51:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/01/2015 00:01:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (05/31/2015 10:26:22 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MUTSCHELLER",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{857EEA3E-4B37-40EB-9965-61E87ADAF493}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/31/2015 10:10:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎31.‎05.‎2015 um 22:05:47 unerwartet heruntergefahren.

Error: (05/31/2015 09:54:06 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MUTSCHELLER",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{857EEA3E-4B37-40EB-9965-61E87ADAF493}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/31/2015 06:50:56 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.108
registriert werden. Der Computer mit IP-Adresse 192.168.2.105 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/31/2015 06:47:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/31/2015 06:47:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (05/31/2015 06:45:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎31.‎05.‎2015 um 18:06:58 unerwartet heruntergefahren.


Microsoft Office:
=========================
Error: (06/01/2015 03:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe29.5.2015.01d9c01d09c7042c551638C:\Users\User\Downloads\FRST64.exe

Error: (06/01/2015 02:10:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"c:\program files (x86)\Steam\steamapps\common\FSX\Unsigned\Kiosk.exe

Error: (06/01/2015 02:10:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"c:\program files (x86)\Steam\steamapps\common\FSX\Kiosk.exe

Error: (05/30/2015 11:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Application-steam-x64.exe0.0.0.01de401d09af2ae5c4030288C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe

Error: (05/29/2015 04:25:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"c:\program files (x86)\Steam\steamapps\common\FSX\Unsigned\Kiosk.exe

Error: (05/29/2015 04:25:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"c:\program files (x86)\Steam\steamapps\common\FSX\Kiosk.exe

Error: (05/29/2015 04:22:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"c:\program files (x86)\Steam\steamapps\common\FSX\Unsigned\Kiosk.exe

Error: (05/29/2015 04:22:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"c:\program files (x86)\Steam\steamapps\common\FSX\Kiosk.exe

Error: (05/27/2015 10:08:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.1812cc01d098b03e057d0656C:\ProgramData\Oracle\Java\javapath\javaw.exe

Error: (05/26/2015 07:58:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62613.0"c:\program files (x86)\Steam\steamapps\common\FSX\Unsigned\Kiosk.exe


CodeIntegrity Errors:
===================================
  Date: 2014-03-23 15:30:23.649
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Sftfslh.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-23 15:30:23.555
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Sftfslh.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 42%
Total physical RAM: 8175.24 MB
Available physical RAM: 4729.09 MB
Total Pagefile: 16348.68 MB
Available Pagefile: 11323.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows7) (Fixed) (Total:1862.92 GB) (Free:1598.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0DA7C2E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End of log ============================
         
__________________

Alt 02.06.2015, 06:10   #4
schrauber
/// the machine
/// TB-Ausbilder
 

White Screen Virus - Standard

White Screen Virus



Malware seh ich keine. wenn Du aber schon von Überhitzen redest wäre es mal angebracht die entsprechende Hardware zu checken
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.06.2015, 14:17   #5
eltontv123
 
White Screen Virus - Standard

White Screen Virus



ok vielen dank für deine Hilfe. Ja ich habe mir schon einen neuen lüfter und paste bestellt also alles ok


Alt 03.06.2015, 06:24   #6
schrauber
/// the machine
/// TB-Ausbilder
 

White Screen Virus - Standard

White Screen Virus



wenn dass das problem ist, dann ja, sollte man aber schon vorher testen
__________________
--> White Screen Virus

Antwort

Themen zu White Screen Virus
64bit, ahnung, ausmachen, brauche, compu, computer, hilfe, home, home premium, keine ahnung, konnte, nichts, premium, screen, start, video, virus, white screen, white screen virus, windows, windows 7, windows 7 64bit, windows 7 64bit home, windows 7 64bit home premium, youtube, öfter



Ähnliche Themen: White Screen Virus


  1. White screen
    Plagegeister aller Art und deren Bekämpfung - 31.05.2015 (3)
  2. Lenovo White Screen
    Log-Analyse und Auswertung - 18.07.2014 (7)
  3. White Screen --> Log File
    Log-Analyse und Auswertung - 03.05.2014 (5)
  4. Windows: White Screen nach hochfahren des Computers
    Plagegeister aller Art und deren Bekämpfung - 24.03.2014 (22)
  5. White Screen Virus eingefangen (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 15.11.2013 (4)
  6. win XP - BKA Trojaner/Virus seit heute - White Screen + Abgesicherter Modus geblockt
    Log-Analyse und Auswertung - 03.11.2013 (13)
  7. White-Screen Trojaner - Was nun?
    Log-Analyse und Auswertung - 09.07.2013 (11)
  8. White Screen beim Starten von Windows 7
    Plagegeister aller Art und deren Bekämpfung - 13.05.2013 (68)
  9. White Screen beim Starten von Windows 7
    Plagegeister aller Art und deren Bekämpfung - 11.05.2013 (11)
  10. white screen abgesicherter modus
    Plagegeister aller Art und deren Bekämpfung - 14.03.2013 (16)
  11. White Screen im abgesicherten Modus
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (6)
  12. White Screen nach Computerstart Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 21.10.2012 (24)
  13. White Screen trotz abgesicherter Modus
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (1)
  14. Windows blockiert ( white-screen )
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (5)
  15. White Screen - Verbindung wird hergestellt
    Log-Analyse und Auswertung - 16.04.2012 (25)
  16. White-Screen
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (1)
  17. Bundestrojaner inkl OTL Scan (White Screen) Fix
    Plagegeister aller Art und deren Bekämpfung - 21.03.2012 (6)

Zum Thema White Screen Virus - Hallo, Mein Computer ist die letzte Zeit immer öfter am Überhitzen und es wird immer schlimmer. Als ich dann ein Video auf YouTube geschaut habe kam ein White Screen und - White Screen Virus...
Archiv
Du betrachtest: White Screen Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.