Here we go:
adwcleaner: Code:
# AdwCleaner v4.103 - Bericht erstellt am 03/12/2014 um 15:08:11
# Aktualisiert 01/12/2014 von Xplode
# Database : 2014-12-03.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Simon - SIMON-PC
# Gestartet von : C:\Users\Simon\Desktop\AdwCleaner_4.103.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Simon\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\loadtbs
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\software@loadtubes.com
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deinstallieren.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v33.1 (x86 de)
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R0].txt - [1974 octets] - [03/12/2014 15:06:24]
AdwCleaner[S0].txt - [1965 octets] - [03/12/2014 15:08:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2025 octets] ########## mbam: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 03.12.2014
Suchlauf-Zeit: 16:11:55
Logdatei: log.txt
Administrator: Ja
Version: 2.00.3.1025
Malware Datenbank: v2014.12.03.07
Rootkit Datenbank: v2014.12.02.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Simon
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 325032
Verstrichene Zeit: 6 Min, 49 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 0
(Keine schädliche Elemente erkannt)
Dateien: 3
PUP.Optional.Somoto.A, C:\Users\Simon\AppData\Local\Temp\nso285F.tmp, In Quarantäne, [9bd8d08e46360630847e96d442bf956b],
PUP.Optional.Somoto, C:\Users\Simon\AppData\Local\Temp\bitool.dll, In Quarantäne, [680b302ebcc0f04631c4711ecf339769],
PUP.Optional.OpenCandy, C:\Users\Simon\AppData\Local\Temp\DTLite4491-0356.exe, In Quarantäne, [bfb44e1065173501f5446124c73e728e],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end)
zoek: Code:
Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by Simon on 03.12.2014 at 19:25:32,80.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Simon\Desktop\zoek.exe.scr [Scan all users] [Script inserted]
==== System Restore Info ======================
03.12.2014 19:26:15 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-524942757-991315070-1639465468-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\prefs.js:
user_pref("browser.startup.homepage", "chrome://speeddial/content/speeddial.xul");
user_pref("browser.newtab.url", "about:blank");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"bdwteff@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff" [26.08.2014 15:18]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default
- Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
- Undetermined - last-tab-close-button@victor.sacharin
- Undetermined - {05f6a7ea-896b-11da-8bde-f66bad1e3fff}
- Undetermined - {64161300-e22b-11db-8314-0800200c9a66}
- Undetermined - foxyproxy@eric.h.jung
- Undetermined - secureLogin@blueimp.net
- Undetermined - bdwteff@bitdefender.com
- Avira Browser Safety - %ProfilePath%\extensions\abs@avira.com
- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung
- Last tab close button - %ProfilePath%\extensions\last-tab-close-button@victor.sacharin.xpi
- Secure Login - %ProfilePath%\extensions\secureLogin@blueimp.net.xpi
- Locator - %ProfilePath%\extensions\{05f6a7ea-896b-11da-8bde-f66bad1e3fff}.xpi
- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default
8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on 03.12.2014 at 19:27:47,56 ======================
FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-11-2014
Ran by Simon (administrator) on SIMON-PC on 03-12-2014 19:30:14
Running from C:\Users\Simon\Desktop
Loaded Profile: Simon (Available profiles: Simon)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\System32\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
() C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1626752 2014-11-24] (Bitdefender)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-02-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-11-22] (AMD)
HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790344 2014-11-24] (Bitdefender)
HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\Run: [ContourCameraFinder] => C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe [233112 2013-05-06] ()
HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\MountPoints2: {278c8702-6a7b-11e4-a296-0015834b5cd1} - G:\setup.exe
HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\MountPoints2: {c0489511-da70-11e1-8cd0-0015834b5cd1} - M:\autorun.exe
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "autoconfig_url", "https://secure.premiumize.me/b6575ec57620a73ba6c04e70efd7a74e/proxy.pac"
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\abs@avira.com [2014-09-05]
FF Extension: FoxyProxy Standard - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\foxyproxy@eric.h.jung [2014-09-09]
FF Extension: Last tab close button - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\last-tab-close-button@victor.sacharin.xpi [2012-05-13]
FF Extension: Secure Login - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\secureLogin@blueimp.net.xpi [2012-05-13]
FF Extension: Locator - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\{05f6a7ea-896b-11da-8bde-f66bad1e3fff}.xpi [2012-05-13]
FF Extension: Speed Dial - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2012-05-13]
FF Extension: Adblock Plus - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tpf0ct2e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-13]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-09-13]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: No Name - bdwteff@bitdefender.com [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-09]
CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-08-28]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-13]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-02-23] (Advanced Micro Devices, Inc.) [File not signed]
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-11-24] (Bitdefender)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-05-12] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-05-12] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-07-01] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-04] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [738152 2012-07-19] (Tunngle.net GmbH) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-11-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1527360 2014-11-24] (Bitdefender)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-11-24] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-11-24] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2014-01-25] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-12] (Disc Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-11-24] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 19:30 - 2014-12-03 19:30 - 00018386 _____ () C:\Users\Simon\Desktop\FRST.txt
2014-12-03 19:26 - 2014-12-03 19:27 - 00005542 _____ () C:\zoek-results.log
2014-12-03 19:25 - 2014-12-03 19:25 - 00000000 ____D () C:\zoek_backup
2014-12-03 19:23 - 2014-11-27 23:20 - 01428769 _____ () C:\Users\Simon\Desktop\zoek.exe.scr
2014-12-03 19:23 - 2014-11-27 23:20 - 01428769 _____ () C:\Users\Simon\Desktop\zoek.exe.pif
2014-12-03 19:23 - 2014-11-27 23:20 - 01428769 _____ () C:\Users\Simon\Desktop\zoek.exe.com
2014-12-03 15:12 - 2014-12-03 16:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-03 15:12 - 2014-12-03 15:12 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-03 15:12 - 2014-12-03 15:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-03 15:12 - 2014-12-03 15:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 15:12 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-03 15:12 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-03 15:12 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-03 15:10 - 2014-12-03 15:10 - 00002109 _____ () C:\Users\Simon\Desktop\AdwCleaner[S0].txt
2014-12-03 15:06 - 2014-12-03 15:08 - 00000000 ____D () C:\AdwCleaner
2014-12-03 15:03 - 2014-12-03 15:03 - 02154496 _____ () C:\Users\Simon\Desktop\AdwCleaner_4.103.exe
2014-11-30 18:45 - 2014-12-03 19:30 - 00000000 ____D () C:\FRST
2014-11-30 18:39 - 2014-11-30 18:39 - 02117120 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2014-11-28 15:26 - 2014-11-28 15:28 - 00000000 ____D () C:\Users\Simon\Documents\Assassin's Creed Unity
2014-11-28 15:18 - 2014-11-28 15:18 - 00000000 ____D () C:\Users\Simon\AppData\Local\ali213GameLauncher
2014-11-28 14:26 - 2014-11-28 14:26 - 00000689 _____ () C:\Users\Public\Desktop\Assassins Creed Unity Gold Edition.lnk
2014-11-19 20:17 - 2014-11-19 20:17 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\11bitstudios
2014-11-19 16:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 16:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 16:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 16:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 16:34 - 2014-11-18 16:34 - 00000709 _____ () C:\Users\Public\Desktop\This War of Mine.lnk
2014-11-18 16:34 - 2014-11-18 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine
2014-11-12 18:29 - 2014-11-12 18:29 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-11-12 18:29 - 2014-11-12 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-11-12 18:29 - 2014-11-12 18:29 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-11-12 15:55 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 15:55 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 15:55 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 15:55 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 15:55 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 15:55 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 15:55 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 15:55 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 15:55 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 15:55 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 15:55 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 15:55 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 15:55 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 15:55 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 15:55 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 15:55 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:55 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 15:55 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 15:55 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 15:55 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 15:55 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 15:55 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 15:55 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 15:55 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 15:55 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 15:55 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 15:55 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 15:55 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 15:55 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 15:55 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 15:55 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 15:55 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 15:55 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 15:55 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 15:55 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 15:55 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 15:55 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 15:55 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 15:55 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 15:55 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 15:55 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:55 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 16:09 - 2014-11-11 16:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 19:22 - 2012-05-12 13:19 - 01246295 _____ () C:\Windows\WindowsUpdate.log
2014-12-03 19:22 - 2009-07-14 05:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-03 19:22 - 2009-07-14 05:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-03 19:19 - 2009-07-14 18:58 - 00698450 _____ () C:\Windows\system32\perfh007.dat
2014-12-03 19:19 - 2009-07-14 18:58 - 00148726 _____ () C:\Windows\system32\perfc007.dat
2014-12-03 19:19 - 2009-07-14 06:13 - 01618816 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-03 19:15 - 2012-12-13 13:44 - 00000264 _____ () C:\Windows\Tasks\AutoKMS.job
2014-12-03 19:15 - 2012-05-26 12:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-03 19:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-03 19:15 - 2009-07-14 05:51 - 00292312 _____ () C:\Windows\setupact.log
2014-12-03 19:14 - 2012-05-12 16:08 - 00334910 _____ () C:\Windows\PFRO.log
2014-12-03 15:38 - 2012-05-26 12:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-03 15:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-03 15:08 - 2013-07-10 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-03 15:05 - 2014-10-23 18:41 - 00000000 ____D () C:\Users\Simon\Desktop\Hauptseminar
2014-12-03 01:00 - 2014-08-29 20:53 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client
2014-12-02 00:45 - 2012-05-13 12:04 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-12-01 20:17 - 2012-05-13 22:10 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-01 19:42 - 2012-05-12 20:01 - 00000000 ____D () C:\ProgramData\Origin
2014-12-01 19:42 - 2012-05-12 19:31 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-29 22:20 - 2012-09-13 12:33 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-11-28 14:26 - 2012-05-13 12:11 - 00283749 _____ () C:\Windows\DirectX.log
2014-11-28 13:31 - 2013-01-29 17:59 - 00000000 ____D () C:\AMD
2014-11-27 16:53 - 2012-05-14 00:07 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-27 16:53 - 2012-05-14 00:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-24 15:08 - 2012-06-07 11:49 - 00000000 ____D () C:\Users\Simon\Documents\Uni
2014-11-24 15:03 - 2014-09-13 12:08 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-24 15:03 - 2014-09-13 12:08 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-11-24 15:03 - 2014-09-13 12:05 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-24 14:44 - 2012-05-14 13:29 - 00000000 ____D () C:\Users\Simon\Documents\My Games
2014-11-17 21:38 - 2012-05-13 21:07 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mirillis
2014-11-16 23:33 - 2012-05-26 12:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 23:33 - 2012-05-26 12:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 21:08 - 2012-05-13 22:10 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-11-12 20:03 - 2012-05-12 17:00 - 00092136 _____ () C:\Users\Simon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 20:03 - 2009-07-14 05:45 - 04927264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 19:42 - 2012-12-13 13:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 19:41 - 2013-08-15 22:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 19:39 - 2012-05-12 13:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:50 - 2012-06-07 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 16:03 - 2014-01-04 00:13 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TrackChecker
2014-11-08 21:34 - 2012-07-23 10:41 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\vlc
2014-11-08 13:54 - 2014-05-04 09:34 - 00000000 ____D () C:\Users\Simon\AppData\Local\Windows Live
2014-11-07 13:18 - 2014-10-02 19:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-07 13:18 - 2012-05-13 12:04 - 00000000 ____D () C:\ProgramData\Skype
2014-11-06 17:03 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-05 22:29 - 2014-06-20 21:39 - 00000000 ____D () C:\Users\Simon\AppData\Local\DayZ
Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\avgnt.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\ochelper.exe
C:\Users\Simon\AppData\Local\Temp\ose00000.exe
C:\Users\Simon\AppData\Local\Temp\proxy_vole5010562367895492350.dll
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simon\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Simon\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-30 20:03
==================== End Of Log ============================ --- --- ---
--- --- ---
frst addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2014
Ran by Simon at 2014-12-03 19:30:44
Running from C:\Users\Simon\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{A081D35B-0AF0-588A-D0D6-259D25C03E50}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Unity Gold Edition Update 2 MULTi2 1.2.0 (HKLM-x32\...\Assassin's Creed Unity Gold Edition Update 2 MULTi2 1.2.0) (Version: - )
Assassins Creed Unity Gold Edition Version 1.4 (HKLM-x32\...\Assassins Creed Unity Gold Edition_is1) (Version: 1.4 - RFT)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23028 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.14.0.1088 - Bitdefender)
calibre 64bit (HKLM\...\{E8C12175-4BE2-43F3-B402-5DED283841F6}) (Version: 1.23.0 - Kovid Goyal)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
Contour Storyteller (HKLM-x32\...\Contour Storyteller 3.5.3) (Version: 3.5.3 - Contour)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version: - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hercules Webcam Deluxe (HKLM-x32\...\{E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}) (Version: 3.2.2.5 - Hercules)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 2.0 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MediaFACE (HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\InstallShield_{70A3C0E1-1953-4A95-9C66-99FDCDD5E357}) (Version: 5.0 - Fellowes)
MediaFACE (x32 Version: 5.0 - Fellowes) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3 - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
OpenVPN 2.2.1 (HKLM-x32\...\OpenVPN) (Version: 2.2.1 - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Splash PRO EX (HKLM-x32\...\{26583DDE-7506-4046-9C3A-F02852537B8A}) (Version: 1.12.2 - Mirillis)
StarCitizen (HKLM-x32\...\StarCitizen) (Version: 1.0 - Cloud Imperium Games)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-524942757-991315070-1639465468-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TextPad 5 (HKLM-x32\...\{B6EC7388-E277-4A5B-8C8F-71067A41BA64}) (Version: 5.3.1 - Helios)
This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)
Total War Rome II *GERMAN* (HKLM-x32\...\VG90YWxXYXJSb21lSUk=_is1) (Version: 1 - )
TrackChecker version 1.0.11.410 (HKLM-x32\...\{73C4CE23-8D4C-4B67-B1DC-30533208DC3F}_is1) (Version: 1.0.11.410 - )
TreeSize Free V3.0.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.0.1 - JAM Software)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Western Digital USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - Western Digital Corporation)
Western Digital USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - Western Digital Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version: - Christian Taubenheim)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-524942757-991315070-1639465468-1001_Classes\CLSID\{ABECE8A0-FF84-4efb-82AE-9B3181CE097D}\InprocServer32 -> C:\Program Files (x86)\TextPad 5\System\shellext64.dll (Helios Software Solutions)
==================== Restore Points =========================
28-11-2014 13:26:01 DirectX wurde installiert
03-12-2014 18:26:09 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-02-07 20:36 - 2014-12-03 19:26 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0D4865A9-3701-4FC0-B977-81E0F7D5AB75} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {2D88A60A-4292-4745-982D-EE99D125BF4A} - System32\Tasks\AdobeAAMUpdater-1.0-Simon-PC-Simon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {3563388F-1BC5-41C0-AD2A-EE8CDE00CB28} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5875DE6B-2583-4561-9EF0-E681B7F3F96B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-26] (Google Inc.)
Task: {BA50BF90-BDA9-411C-A491-A0EFDB46F584} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-26] (Google Inc.)
Task: {DBF8B821-B79B-4E6E-A46C-1B6DA29DE6A5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-09-13 12:08 - 2014-10-02 15:44 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-09-13 12:08 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-09-13 12:08 - 2014-08-26 15:14 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-09-13 12:08 - 2012-10-29 13:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-13 12:08 - 2014-07-24 08:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2014-09-13 12:08 - 2014-07-24 08:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2014-09-13 12:08 - 2014-07-24 08:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2014-09-13 12:08 - 2014-07-24 08:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2012-05-13 12:05 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\System32\spd__l.dll
2014-08-28 19:39 - 2014-08-28 19:39 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-07-10 16:00 - 2013-05-06 19:23 - 00233112 _____ () C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
2014-02-23 22:41 - 2014-02-23 22:41 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:75D366A3
AlternateDataStreams: C:\Users\Simon\Desktop\AdwCleaner_4.103.exe:BDU
AlternateDataStreams: C:\Users\Simon\Desktop\FRST64.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC =>
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-524942757-991315070-1639465468-500 - Administrator - Disabled)
Gast (S-1-5-21-524942757-991315070-1639465468-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-524942757-991315070-1639465468-1006 - Limited - Enabled)
Simon (S-1-5-21-524942757-991315070-1639465468-1001 - Administrator - Enabled) => C:\Users\Simon
==================== Faulty Device Manager Devices =============
Name: Creative Game Port
Description: Creative Game Port
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Creative
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/03/2014 04:21:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0x758
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:21:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0x2cc
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0xc14
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0x518
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0x1080
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0xce8
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0x122c
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0x54c
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0x13a8
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Error: (12/03/2014 04:08:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79f70
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005357
ID des fehlerhaften Prozesses: 0xef0
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
System errors:
=============
Error: (12/03/2014 07:15:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%2
Error: (12/03/2014 07:15:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (12/03/2014 07:15:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (12/03/2014 07:15:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (12/03/2014 07:15:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (12/03/2014 07:15:24 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (12/03/2014 07:15:24 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (12/03/2014 07:15:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (12/03/2014 07:15:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (12/03/2014 07:15:13 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Microsoft Office Sessions:
=========================
Error: (12/03/2014 04:21:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c0000005000000000000535775801d00f0cd5b152a0C:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll1369c462-7b00-11e4-b336-0015834b5cd1
Error: (12/03/2014 04:21:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c000000500000000000053572cc01d00f0cd588db3bC:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll13591ac0-7b00-11e4-b336-0015834b5cd1
Error: (12/03/2014 04:08:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c00000050000000000005357c1401d00f0b00a43f50C:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3e76e035-7afe-11e4-9fa2-0015834b5cd1
Error: (12/03/2014 04:08:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c0000005000000000000535751801d00f0b006d7faaC:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3e40208f-7afe-11e4-9fa2-0015834b5cd1
Error: (12/03/2014 04:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c00000050000000000005357108001d00f0b0036c004C:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3e06ff88-7afe-11e4-9fa2-0015834b5cd1
Error: (12/03/2014 04:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c00000050000000000005357ce801d00f0afffd9efdC:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3dd03fe2-7afe-11e4-9fa2-0015834b5cd1
Error: (12/03/2014 04:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c00000050000000000005357122c01d00f0affc6df57C:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3d971edb-7afe-11e4-9fa2-0015834b5cd1
Error: (12/03/2014 04:08:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c0000005000000000000535754c01d00f0aff901fb1C:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3d62c095-7afe-11e4-9fa2-0015834b5cd1
Error: (12/03/2014 04:08:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c0000005000000000000535713a801d00f0aff56feaaC:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3d273e2e-7afe-11e4-9fa2-0015834b5cd1
Error: (12/03/2014 04:08:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.1.7601.175144ce79f70USER32.dll6.1.7601.175144ce7c9f1c00000050000000000005357ef001d00f0aff1ddda4C:\Windows\system32\LogonUI.exeC:\Windows\system32\USER32.dll3cf07e88-7afe-11e4-9fa2-0015834b5cd1
CodeIntegrity Errors:
===================================
Date: 2013-11-29 12:04:20.118
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-29 12:04:19.978
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-29 12:04:06.743
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-29 12:04:06.593
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-28 16:52:34.483
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-28 16:52:34.342
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-28 16:52:17.801
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-28 16:52:17.656
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-26 20:09:28.298
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-26 20:09:28.142
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 38%
Total physical RAM: 4094.18 MB
Available physical RAM: 2520.05 MB
Total Pagefile: 8186.54 MB
Available Pagefile: 6376.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:8.4 GB) NTFS
Drive d: () (Fixed) (Total:596.16 GB) (Free:199.59 GB) NTFS
Drive g: (20141113_0308) (CDROM) (Total:29.22 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 3ED6920C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: DBDDDBDD)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |