| ronald.dunk | 20.05.2015 13:03 |
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by caroline (administrator) on LOTTER on 20-05-2015 13:16:18
Running from C:\Users\caroline\Desktop
Loaded Profiles: caroline (Available profiles: caroline)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe
() C:\AMD\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dropbox, Inc.) C:\Users\caroline\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Windows\SysWOW64\TMController.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows8FirewallControl] => C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe [1205248 2013-09-30] (Sphinx Software)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-10-24] (Sony Corporation)
HKLM-x32\...\Run: [TMController] => C:\Windows\SysWOW64\TMController.exe [184396 2006-08-24] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-27] (Atheros Communications)
HKU\S-1-5-21-2499066365-3350258436-517844590-1001\...\Run: [EADM] => J:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-11] (Electronic Arts)
HKU\S-1-5-21-2499066365-3350258436-517844590-1001\...\Run: [GoogleChromeAutoLaunch_E50409BE88589B0A7F68BA91928A79AA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)
HKU\S-1-5-21-2499066365-3350258436-517844590-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
Startup: C:\Users\caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-05-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2499066365-3350258436-517844590-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-2499066365-3350258436-517844590-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-05-27] (Qualcomm Atheros Commnucations)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-23] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-05-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-2499066365-3350258436-517844590-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-02-01] ()
Chrome:
=======
CHR Profile: C:\Users\caroline\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\caroline\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-20]
CHR Extension: (Bookmark Manager) - C:\Users\caroline\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\caroline\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-20]
CHR Extension: (Google Wallet) - C:\Users\caroline\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [82432 2014-04-17] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe [1660728 2013-07-31] (ASUSTeK Computer Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-27] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-05-20] (SurfRight B.V.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; J:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-11] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 Windows8FirewallService; C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe [3806720 2013-09-30] (Sphinx Software) [File not signed]
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-27] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [274656 2014-04-18] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AsusSensorSimulator; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [27392 2013-03-28] (MCCI Corporation)
R3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [151808 2013-03-28] (MCCI Corporation)
R3 asusvad_micarray; C:\Windows\system32\drivers\vmic_x64.sys [38712 2013-02-27] (ASUS SZ provider)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-27] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 Fwleaf; C:\Windows\system32\DRIVERS\fwleaf.sys [27872 2013-12-23] (NETGEAR)
S3 leafnets; C:\Windows\system32\DRIVERS\leafnets.sys [29696 2013-02-05] (Leaf Networks)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-05-20] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-20 13:16 - 2015-05-20 13:16 - 00019902 _____ () C:\Users\caroline\Desktop\FRST.txt
2015-05-20 13:16 - 2015-05-20 13:16 - 00000000 ____D () C:\FRST
2015-05-20 13:15 - 2015-05-20 13:15 - 00000478 _____ () C:\Users\caroline\Desktop\defogger_disable.log
2015-05-20 13:15 - 2015-05-20 13:15 - 00000000 _____ () C:\Users\caroline\defogger_reenable
2015-05-20 13:11 - 2015-05-20 13:11 - 02107904 _____ (Farbar) C:\Users\caroline\Desktop\FRST64.exe
2015-05-20 13:11 - 2015-05-20 13:11 - 00380416 _____ () C:\Users\caroline\Desktop\Gmer-19357.exe
2015-05-20 13:10 - 2015-05-20 13:10 - 00050477 _____ () C:\Users\caroline\Desktop\Defogger.exe
2015-05-20 13:03 - 2015-05-20 13:03 - 00281248 _____ () C:\Windows\Minidump\052015-6875-01.dmp
2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ___RD () C:\Users\caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-05-20 11:36 - 2015-05-20 11:36 - 00001475 _____ () C:\Users\caroline\Desktop\trojaner.txt
2015-05-20 07:56 - 2015-05-20 07:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-05-20 07:56 - 2015-05-20 07:56 - 00000000 ____D () C:\Program Files\HitmanPro
2015-05-20 07:55 - 2015-05-20 08:07 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-05-20 07:43 - 2015-05-20 12:04 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-20 07:43 - 2015-05-20 08:22 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-20 07:43 - 2015-05-20 07:43 - 00000860 _____ () C:\Users\Public\Desktop\RogueKiller.lnk
2015-05-20 07:43 - 2015-05-20 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-05-20 07:43 - 2015-05-20 07:43 - 00000000 ____D () C:\Program Files\RogueKiller
2015-05-18 21:30 - 2015-05-18 21:30 - 00001250 _____ () C:\Users\caroline\Desktop\mal2.txt
2015-05-18 21:18 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-18 21:18 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-18 21:09 - 2015-05-18 21:09 - 00001538 _____ () C:\Users\caroline\Desktop\malware.txt
2015-05-18 21:00 - 2015-05-20 11:27 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-18 21:00 - 2015-05-18 21:00 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-18 21:00 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-18 21:00 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-18 21:00 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-18 20:50 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-18 20:50 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-18 20:50 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-18 20:50 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-18 20:50 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-18 20:50 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-18 20:50 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-18 20:50 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-18 20:50 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-18 20:50 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-18 20:50 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-18 20:49 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-18 20:49 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-18 20:49 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-18 20:49 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-18 20:49 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-18 20:49 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-18 20:49 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-18 20:49 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-18 20:49 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-18 20:49 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-18 20:49 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-18 20:49 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-18 20:49 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-18 20:49 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-18 20:49 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-18 20:49 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-18 20:49 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-18 20:49 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-18 20:49 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-18 20:49 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-18 20:49 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-18 20:49 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-18 20:49 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-18 20:49 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-18 20:49 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-18 20:49 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-18 20:49 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-18 20:49 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-18 20:49 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-18 20:49 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-18 20:49 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-18 20:49 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-18 20:49 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-18 20:49 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-18 20:49 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-18 20:49 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-18 20:49 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-18 20:49 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-18 20:49 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-18 20:49 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-18 20:49 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-18 20:49 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-18 20:49 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-18 20:49 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-18 20:49 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-18 20:49 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-18 20:49 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-18 20:49 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-18 20:49 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-18 20:49 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-18 20:49 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-18 20:49 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-18 20:49 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-18 20:49 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-18 20:49 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-18 20:49 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-18 20:49 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-18 20:49 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-18 20:49 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-18 20:49 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-18 20:49 - 2015-03-13 02:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-18 20:49 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-18 20:49 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-18 20:49 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-18 20:49 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-18 20:49 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-18 20:49 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-18 20:49 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-18 19:54 - 2015-05-18 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2015-05-18 19:44 - 2015-05-18 19:44 - 00000000 ____D () C:\ProgramData\GFI Software
2015-05-18 19:31 - 2015-05-18 19:54 - 00000000 ____D () C:\ProgramData\ParetoLogic
2015-05-18 19:31 - 2015-05-18 19:31 - 00000000 ____D () C:\Program Files (x86)\ParetoLogic
2015-05-16 20:40 - 2015-05-20 11:43 - 00006118 _____ () C:\Windows\PFRO.log
2015-05-16 20:34 - 2015-05-18 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-16 20:34 - 2015-05-18 21:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-16 20:34 - 2015-05-16 20:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-15 21:08 - 2015-05-20 13:03 - 00003016 _____ () C:\Windows\setupact.log
2015-05-15 21:08 - 2015-05-15 21:08 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-10 15:35 - 2015-05-10 15:35 - 00000233 _____ () C:\Users\caroline\Desktop\Far Cry 4.url
2015-05-10 15:35 - 2015-05-10 15:35 - 00000233 _____ () C:\Users\caroline\Desktop\Far Cry 4 Map Editor.url
2015-05-03 20:05 - 2015-05-03 20:05 - 00000000 ____D () C:\Users\caroline\Desktop\CORE-KeyGen
2015-04-26 09:49 - 2015-04-26 09:49 - 00000146 _____ () C:\Users\caroline\Desktop\Sound - Verknüpfung (2).lnk
2015-04-25 19:14 - 2015-04-25 19:14 - 00002141 _____ () C:\Users\caroline\Desktop\JDownloader 2.lnk
2015-04-25 19:14 - 2015-04-25 19:14 - 00000000 ____D () C:\Users\caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-04-25 19:13 - 2015-05-18 20:44 - 00000000 ____D () C:\Users\caroline\AppData\Local\JDownloader v2.0
2015-04-25 19:07 - 2015-04-25 19:10 - 00231544 _____ () C:\Users\caroline\Desktop\Install JDownloader 2 BETA.exe
2015-04-23 20:59 - 2015-04-23 20:59 - 00000000 ____D () C:\Users\caroline\AppData\Roaming\WinRAR
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-20 13:15 - 2014-06-02 20:14 - 01466424 _____ () C:\Windows\WindowsUpdate.log
2015-05-20 13:15 - 2014-05-22 18:37 - 00000000 ____D () C:\Users\caroline
2015-05-20 13:13 - 2014-05-23 20:04 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-20 13:11 - 2014-05-23 20:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-20 13:11 - 2014-05-23 20:08 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-05-20 13:09 - 2014-05-23 17:43 - 00000000 _____ () C:\Windows\Path.idx
2015-05-20 13:09 - 2014-05-22 18:31 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 13:09 - 2013-08-23 01:24 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2015-05-20 13:09 - 2013-08-23 01:24 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2015-05-20 13:08 - 2014-05-22 18:43 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2499066365-3350258436-517844590-1001
2015-05-20 13:04 - 2014-05-23 17:31 - 01048576 _____ () C:\Windows\PE_Rom.dll
2015-05-20 13:03 - 2015-01-11 12:28 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-20 13:03 - 2014-12-30 20:13 - 676292187 _____ () C:\Windows\MEMORY.DMP
2015-05-20 13:03 - 2014-12-02 13:04 - 00059913 _____ () C:\Windows\temp023423.vbe
2015-05-20 13:03 - 2014-05-23 18:20 - 00000000 ___RD () C:\Users\caroline\Dropbox
2015-05-20 13:03 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\caroline\AppData\Roaming\Dropbox
2015-05-20 13:03 - 2014-05-23 17:36 - 00000000 ____D () C:\Windows\Minidump
2015-05-20 13:03 - 2014-05-23 17:31 - 00000000 ____D () C:\Users\caroline\AppData\Local\CrashDumps
2015-05-20 13:03 - 2014-05-22 18:38 - 00000000 ___DO () C:\Users\caroline\SkyDrive
2015-05-20 13:03 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-20 11:42 - 2014-05-22 18:42 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-05-20 11:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2015-05-20 07:57 - 2013-08-22 16:45 - 00000000 ____D () C:\Windows\Setup
2015-05-20 07:57 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-20 07:52 - 2015-01-11 12:28 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-20 07:52 - 2015-01-11 12:28 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-20 07:51 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-20 07:38 - 2014-05-22 18:43 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E73E662-1021-46F4-9D3F-D6EABFA012B6}
2015-05-20 07:37 - 2014-05-23 20:04 - 00000000 ____D () C:\Users\caroline\AppData\Local\Adobe
2015-05-20 07:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-20 07:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-18 21:21 - 2014-06-15 09:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-18 21:21 - 2014-06-15 09:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-18 21:21 - 2013-08-22 16:44 - 05147224 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-18 21:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-18 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-18 21:19 - 2014-05-23 18:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-18 21:17 - 2014-05-23 17:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-18 21:15 - 2014-05-23 17:52 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-18 21:13 - 2014-06-15 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-18 21:12 - 2013-08-23 01:26 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-18 21:03 - 2014-05-22 22:17 - 00000000 ____D () C:\Users\caroline\AppData\Roaming\vlc
2015-05-18 20:48 - 2014-05-23 18:19 - 00000000 ____D () C:\Users\caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-18 20:46 - 2015-01-11 12:28 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 20:46 - 2015-01-11 12:28 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-18 20:45 - 2015-04-04 13:35 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-18 20:45 - 2015-01-11 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2015-05-18 20:45 - 2013-08-23 01:26 - 00000000 ____D () C:\Windows\ShellNew
2015-05-18 20:45 - 2013-08-22 17:36 - 00000000 __RSD () C:\Windows\Media
2015-05-18 20:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-05-18 20:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-18 20:44 - 2015-01-11 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-18 20:44 - 2014-12-30 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-05-18 20:44 - 2014-09-11 08:24 - 00000000 ____D () C:\Users\caroline\Desktop\Adobe Photoshop CC 2014.1.0 (x64) + CameraRaw 8.6 [ChingLiu]
2015-05-18 20:44 - 2014-06-15 12:58 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-18 20:44 - 2014-05-22 18:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-18 20:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-13 20:38 - 2014-05-22 12:50 - 00018432 ___SH () C:\Users\caroline\Desktop\Thumbs.db
2015-05-13 15:21 - 2014-11-30 21:52 - 00000000 ____D () C:\Users\caroline\AppData\Roaming\TS3Client
2015-05-05 19:59 - 2014-12-10 19:40 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-12-10 19:40 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-01 22:12 - 2014-12-30 17:03 - 00000000 ____D () C:\ProgramData\Origin
2015-05-01 19:46 - 2015-03-13 21:23 - 00348672 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-01 19:46 - 2014-12-01 22:02 - 00348672 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-05-01 19:46 - 2014-12-01 20:56 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-04-29 07:46 - 2014-06-05 14:37 - 00000000 ____D () C:\Users\caroline\AppData\Roaming\dvdcss
2015-04-27 23:30 - 2014-08-18 20:42 - 00000659 _____ () C:\Windows\MB.idx
2015-04-26 11:31 - 2014-05-22 18:25 - 00000000 __SHD () C:\Recovery
2015-04-24 21:24 - 2014-06-02 20:16 - 00111616 ___SH () C:\Users\caroline\Downloads\Thumbs.db
2015-04-24 15:17 - 2011-03-07 13:10 - 00000000 ____D () C:\Users\caroline\Desktop\JDownloader
==================== Files in the root of some directories =======
2014-08-13 19:36 - 2014-08-13 19:36 - 0000132 _____ () C:\Users\caroline\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-05-23 20:25 - 2014-09-23 12:36 - 0001456 _____ () C:\Users\caroline\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-05-23 19:46 - 2014-05-23 19:46 - 0007597 _____ () C:\Users\caroline\AppData\Local\Resmon.ResmonCfg
Files to move or delete:
====================
C:\Users\caroline\AppData\Roaming\Origin\update.vbe
Some content of TEMP:
====================
C:\Users\caroline\AppData\Local\Temp\130744555063113512.exe
C:\Users\caroline\AppData\Local\Temp\13074455532832228281.exe
C:\Users\caroline\AppData\Local\Temp\avgnt.exe
C:\Users\caroline\AppData\Local\Temp\dllnt_dump.dll
C:\Users\caroline\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzpstiy.dll
C:\Users\caroline\AppData\Local\Temp\proxy_vole5400650792649316619.dll
C:\Users\caroline\AppData\Local\Temp\proxy_vole837397058756432899.dll
C:\Users\caroline\AppData\Local\Temp\sonarinst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-16 20:20
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by caroline at 2015-05-20 13:16:33
Running from C:\Users\caroline\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2499066365-3350258436-517844590-500 - Administrator - Disabled)
caroline (S-1-5-21-2499066365-3350258436-517844590-1001 - Administrator - Enabled) => C:\Users\caroline
Gast (S-1-5-21-2499066365-3350258436-517844590-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2499066365-3350258436-517844590-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.55 - ASUSTeK Computer Inc.)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ComicKeeper 2.0 (HKLM-x32\...\ComicKeeper 2.0) (Version: - )
ComicKeeper 2.6 Update (HKLM-x32\...\ComicKeeper 2.6 Update) (Version: - )
CPUID ASUS CPU-Z 1.64 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.64 - CPUID, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2499066365-3350258436-517844590-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
F.E.A.R. Online (HKLM-x32\...\Steam App 223650) (Version: - InPlay Interactive)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.241 - SurfRight B.V.)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
RAIDar 4.3.8 (HKLM-x32\...\1381-5408-0515-7060) (Version: 4.3.8 - Netgear Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.25502 - Razer Inc.)
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
ReadyNAS Remote (HKLM-x32\...\ReadyApps) (Version: 1.6.5.23 - NETGEAR)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Telegram Desktop version 0.8.7 (HKU\S-1-5-21-2499066365-3350258436-517844590-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.7 - Telegram Messenger LLP)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows8FirewallControl (x64) 6.1.9.53 (HKLM\...\Windows8FirewallControl_is1) (Version: 6.1.9.53 - Sphinx Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2499066365-3350258436-517844590-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
02-05-2015 18:24:02 Windows Update
10-05-2015 13:04:57 Geplanter Prüfpunkt
13-05-2015 17:52:26 Windows Update
18-05-2015 20:38:25 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {092D1CF2-F3CE-4AE4-BA0B-300403BBC6A5} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-01] (ASUSTeK Computer Inc.)
Task: {1800597B-7495-4F9D-B03C-649D6D149B83} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-07-18] (ASUSTeK Computer Inc.)
Task: {28442431-025F-48F1-BD08-08E9F4786D9D} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {2965D8AB-CDF7-41B3-A530-9408B1B0137B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {2C176DD1-B112-4303-96E5-3EF13A8DEF08} - System32\Tasks\Steam-S-1-8-22-9865GUI => C:\Users\caroline\AppData\Roaming\MotioninJoy\Reversed\steam.exe [2014-11-28] () <==== ATTENTION
Task: {4D2F5B57-B748-4836-ABA7-0332243B9D2E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {690BD01C-A3FD-4FC6-BA3D-643D3993C2CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: {7D8C915E-41BF-4539-8C3F-C0E0998168DC} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-07-31] ()
Task: {8F237E02-53AF-4C06-9D90-65F8A68A8E21} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-18] (Microsoft Corporation)
Task: {AAAD33D8-4035-426A-9817-0EF481D24870} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {CC3927E9-FB1B-47AE-A9FF-817EBF753EBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: {D2D130B2-9ECC-45EB-934D-A2955C91A628} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {ECA7A2CD-4D34-445D-9F58-12E8017BE58B} - System32\Tasks\Origin => C:\Users\caroline\AppData\Roaming\Origin\update.vbe [2014-11-30] () <==== ATTENTION
Task: {F9353BF7-A9D6-4924-8D5F-FDA5E138A196} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {FD5DF336-9773-4C17-8144-814BF8BAC101} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-04-17 21:55 - 2014-04-17 21:55 - 00082432 _____ () C:\AMD\amdacpusrsvc.exe
2014-05-22 18:43 - 2013-07-04 03:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-05-23 17:25 - 2013-07-31 16:20 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2015-01-11 12:21 - 2015-02-04 15:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-05 02:24 - 2015-02-05 02:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-05-23 17:26 - 2012-05-03 10:40 - 00258048 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
2013-05-27 21:40 - 2013-05-27 21:40 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-27 21:36 - 2013-05-27 21:36 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-27 22:03 - 2013-05-27 22:03 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-04-06 11:17 - 2006-08-24 12:42 - 00184396 ____R () C:\Windows\SysWOW64\TMController.exe
2014-05-23 17:25 - 2013-07-31 16:20 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2014-05-20 19:33 - 2014-05-20 19:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-05-22 18:43 - 2015-05-20 13:03 - 00029184 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-05-22 18:43 - 2013-07-04 03:32 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-05-23 17:24 - 2013-08-01 10:57 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-05-23 17:24 - 2013-03-13 17:12 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2014-05-23 17:25 - 2013-07-31 16:26 - 02743808 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-05-23 17:25 - 2013-06-19 16:47 - 01129984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-05-23 17:25 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
2014-05-23 17:26 - 2013-06-24 17:48 - 02055168 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
2014-05-23 17:23 - 2013-06-04 11:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-05-23 17:24 - 2013-08-01 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-05-23 17:25 - 2013-07-31 16:21 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2014-05-23 17:26 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2014-05-23 17:24 - 2013-08-01 10:57 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2014-05-23 17:24 - 2013-08-01 10:57 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2014-05-23 17:27 - 2013-06-24 13:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
2014-05-23 17:26 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2014-05-23 17:26 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2014-05-23 17:25 - 2013-07-31 16:20 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-05-23 17:25 - 2013-07-31 16:20 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-05-23 17:25 - 2013-07-31 16:20 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-05-23 17:25 - 2013-07-31 16:20 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-05-23 17:25 - 2013-07-31 16:20 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
2014-05-23 17:26 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
2014-05-23 17:26 - 2013-07-12 12:56 - 00175616 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
2014-05-23 17:26 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2014-05-23 17:26 - 2013-06-11 12:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL
2014-05-23 17:26 - 2010-10-29 18:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL
2014-05-23 17:26 - 2013-06-13 18:50 - 02462208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL
2014-05-23 17:26 - 2013-01-31 22:59 - 00515072 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HelpWin8.dll
2014-05-23 17:26 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2014-05-23 17:26 - 2013-06-13 17:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
2014-05-23 17:26 - 2013-03-21 19:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2014-05-23 17:26 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
2015-05-20 13:03 - 2015-05-20 13:03 - 00043008 _____ () c:\users\caroline\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzpstiy.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\caroline\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\caroline\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\caroline\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\caroline\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-05-23 17:26 - 2012-02-06 21:08 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\pngio.dll
2015-02-02 09:52 - 2015-02-02 09:52 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\caroline\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2499066365-3350258436-517844590-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\caroline\Pictures\PK7.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Windows8FirewallControl"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Reader Application Helper"
HKU\S-1-5-21-2499066365-3350258436-517844590-1001\...\StartupApproved\Run: => "EADM"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{9534B620-92A1-4617-A725-E6B2BCF60337}C:\program files (x86)\netgear readynas\raidar.exe] => (Allow) C:\program files (x86)\netgear readynas\raidar.exe
FirewallRules: [UDP Query User{8CED6CD4-5596-4265-94E2-1E2350B2C8BB}C:\program files (x86)\netgear readynas\raidar.exe] => (Allow) C:\program files (x86)\netgear readynas\raidar.exe
FirewallRules: [{B62A0C1A-08BF-4205-97E2-348401C53E59}] => (Block) C:\program files (x86)\netgear readynas\raidar.exe
FirewallRules: [{7ADE7BDB-4F53-4F92-A85A-164D3833B25C}] => (Block) C:\program files (x86)\netgear readynas\raidar.exe
FirewallRules: [{B0987CDF-5E0C-4EA0-8874-F82635CDCF8E}] => (Allow) LPort=2869
FirewallRules: [{74745869-A4E9-4FBE-96A4-022439EA9B27}] => (Allow) LPort=1900
FirewallRules: [{E7A0EB6D-E6CD-4435-BE11-78A235CFC832}] => (Allow) C:\Users\caroline\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B03D0B6A-CE89-4DDD-A977-1FC997D67B47}] => (Allow) C:\Users\caroline\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{20D9E989-826A-48C9-BB50-D4B8627DA866}] => (Allow) C:\Users\caroline\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FF840E4A-A45E-4E56-875F-D480A1F19BC0}] => (Allow) C:\Users\caroline\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5C4D4AFD-DB92-44C6-91C4-C9303E3F98B8}] => (Allow) C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe
FirewallRules: [{A4CE6D93-63B5-4A18-98E0-9EBAE0836475}] => (Allow) C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe
FirewallRules: [{01CE8D25-FD82-451B-AAFB-156D091B5159}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1838C60C-D6B2-4872-AD2D-E64649ED6B63}] => (Allow) LPort=2869
FirewallRules: [{04016D3F-B1F8-44EE-B84C-218F4AE45BB7}] => (Allow) LPort=1900
FirewallRules: [{6DF2FDE9-F44D-4A5F-B31C-BE94232DE1E6}] => (Allow) LPort=2869
FirewallRules: [{8B31C926-EC59-422E-B1ED-3B8707C98F3D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{5CE91FA5-55B9-4312-8457-4F8D5373F1F9}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [UDP Query User{267E49EF-91D1-4F98-A6A8-8C75DB9748CE}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [{732F6F78-452B-4FF5-BD8E-CC1CBB89FA0B}] => (Block) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [{68A5A03A-78A1-4692-8D88-A62ADE623EEE}] => (Block) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [{C8E033D2-DC16-456D-ADE9-76D4497A2664}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{C3B527DB-C8E6-4693-BDBE-707BC8CA0070}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A49660A-59AE-4E9F-8E43-7A9448819F1F}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{029FC313-F3C4-4131-A5C3-D36E5C4935A2}] => (Allow) J:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{678FAC30-457D-403C-B59B-4A91AEC2D00B}] => (Allow) J:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{571FA58C-669B-4098-89D8-CABF1B6081F9}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{26609E86-AF23-407F-AC61-D07543ED4037}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{4BA05AD4-5717-44C3-B3D0-02ED6B5F0B2A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{066E6986-24C2-46B4-A03A-E4E8C8769A32}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{8B9C0E0F-7C2B-4E44-A24D-D93A3432EFEE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{94417749-57F3-461C-B3A3-727DE3D6B3DF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6EAF7574-490A-4DC4-9338-29B88CC313E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{13B766FB-6E80-4285-8379-6067579091F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BF77451E-04D1-4AD3-96CE-EDC54FE53633}] => (Allow) LPort=2869
FirewallRules: [{1CEFF440-924F-4054-A1F9-A1E73F189E18}] => (Allow) LPort=1900
FirewallRules: [{471F5D93-B2B7-4063-A762-E300A39ECADD}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{36EB3067-E87B-497A-A104-39167627D8FE}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{7137EB03-A403-4C09-9210-87EE6D1A95CD}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\FEAR Online\Launcher.exe
FirewallRules: [{45638A99-098E-4410-B7FB-F47EECDC25F2}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\FEAR Online\Launcher.exe
FirewallRules: [{3F4CE837-780C-4076-947C-3E71B19480BA}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{EC0D51AC-6E0E-4050-AD50-C47A0F3C53E6}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{9F59E1FA-5539-46F6-B179-8D831E545703}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{6DFF4C49-9E26-4C3A-80D6-228A1BEE1CCD}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{580819B6-506B-4736-87BB-2E1C9709D993}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{482B0869-1B99-4125-A60D-C973C37D1F94}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{8FAB2FC1-A934-498B-8388-4CB6FB4DEFDA}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{0EA1A2F2-C60F-48E0-A3E8-2EE929812DAD}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{C8EF03F7-DAC0-44C5-8CC9-B50CC66151A4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{5FAB3420-4334-484C-9866-55A480A9EE0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{4E194C55-208A-4B11-BE1D-E2F4D0DA0EC9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{F812207C-1B8C-47C8-A8DF-34C4A10E1F38}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{33C68D2F-6343-4D2F-8E48-63E7C2D695ED}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{70B0D4CA-ACFE-49D6-969D-59BB6D8D798A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6A4C7BDD-A8BF-4AED-A75C-8D735DB469EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3BE62217-282D-4A76-B084-7A4AE4D63E5B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{24F72692-962F-40BF-A07C-B670F5795568}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E9D1C6D3-4595-4F90-88A7-08E9F9575784}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{3BF6205A-C2C2-4203-B5E8-7C9D80999813}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{4F31414B-B4FE-403B-A5DC-7DBC55DF4F67}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{89771EB9-CC4A-49F2-BC8C-6A4EAE41375C}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
FirewallRules: [{225C5FF3-F491-4AFF-AD9E-A1E66E903797}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
FirewallRules: [{DDFBC23D-71EF-4334-96CC-0BB7FBBD0C83}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
FirewallRules: [{98D96D60-D72D-4B73-8A36-FD9A1AF7346E}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
FirewallRules: [{9CA5C691-EB3C-4718-BF4F-7FB51894A9AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{70C8034B-452E-40C8-A333-3F99E317CE71}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{21A6E85D-1146-4533-A43F-3F6053590A6D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{D635338C-FED3-4A80-9795-B0DFDA7AC9AA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe
FirewallRules: [{74711878-4127-4581-AA83-B0CF79CFFC80}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe
==================== Faulty Device Manager Devices =============
Name: Qualcomm Atheros AR946x-Funknetzwerkadapter
Description: Qualcomm Atheros AR946x-Funknetzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Leaf Networks Adapter
Description: Leaf Networks Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Leaf Networks
Service: leafnets
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/20/2015 01:03:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x7c4
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/20/2015 00:00:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x74c
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/20/2015 11:41:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x7cc
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/20/2015 11:26:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x480
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/20/2015 11:13:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x718
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/20/2015 07:47:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x750
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/20/2015 07:34:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x1890
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/18/2015 09:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x730
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/18/2015 09:21:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0xf60
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (05/18/2015 09:17:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
System errors:
=============
Error: (05/20/2015 01:03:21 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000101 (0x0000000000000018, 0x0000000000000000, 0xffffd00063ab9180, 0x0000000000000005)C:\Windows\MEMORY.DMP052015-6875-01
Error: (05/20/2015 01:03:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 20.05.2015 um 12:00:14 unerwartet heruntergefahren.
Error: (05/20/2015 11:59:32 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084WSearchNicht verfügbar{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (05/20/2015 11:59:32 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/20/2015 11:59:20 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/20/2015 11:58:55 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (05/20/2015 11:58:55 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (05/20/2015 11:58:55 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (05/20/2015 11:58:55 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (05/20/2015 11:58:55 AM) (Source: DCOM) (EventID: 10005) (User: LOTTER)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-11-06 03:05:49.463
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-02 20:37:54.935
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-25 05:29:29.476
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 19:34:31.889
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 19:34:31.828
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 19:34:31.644
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 19:34:31.584
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 19:34:31.396
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 19:34:31.336
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 19:34:31.174
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 13%
Total physical RAM: 16321.87 MB
Available physical RAM: 14117.34 MB
Total Pagefile: 32705.87 MB
Available Pagefile: 29922.41 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:132.79 GB) NTFS
Drive d: (Auslagerung) (Fixed) (Total:298.09 GB) (Free:296.08 GB) NTFS
Drive j: () (Fixed) (Total:931.51 GB) (Free:633.07 GB) NTFS
Drive o: (Wechselfestplatte) (Fixed) (Total:931.48 GB) (Free:488.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AD4C1589)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: AE2A3681)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D83CD83C)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 07A6466F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Danke für die rasche Antwort |
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
SecurityCheck und:
