FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Chruso (administrator) on CHRUSO-PC on 09-09-2014 22:40:17
Running from C:\Users\Chruso\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Spotify Ltd) C:\Users\Chruso\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Akamai Technologies, Inc.) C:\Users\Chruso\AppData\Local\Akamai\netsession_win.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Chruso\AppData\Local\Akamai\netsession_win.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-11] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Spotify] => C:\Users\Chruso\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-29] (Spotify Ltd)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Spotify Web Helper] => C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-29] (Spotify Ltd)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Chruso\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1AE1F14B411FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=149&itype=n&ver=12565&tm=360&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=149&itype=n&ver=12565&tm=360&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=149&itype=n&ver=12565&tm=360&src=ds&p={searchTerms}
SearchScopes: HKCU - {F38CA447-3BD9-499e-A33E-25D76FA8F452} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Musik\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Chruso\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-04-16]
Chrome:
=======
CHR HomePage: Default -> 5566A7D947FB0446D89F5829F58631F46429986193B28F4C62FC1F24D83F84DE
CHR DefaultSearchKeyword: Default -> D931D63882D904A2C9E39C62AE6ECE59B68CA3CD297C429061A682FB258C40E4
CHR DefaultSearchURL: Default -> ED1C0825D2C7605782C2CA8211DE9343B51AD275F74D6724B965CA98ED967CC8
CHR Profile: C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (bamboo panda) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdimjkgkhlmlngcgioeokeekojhfmblk [2014-06-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Adblock Plus) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-24]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-27]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-04-16]
CHR Extension: (Zalmos SSL Web Proxy for Free) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn [2014-07-19]
CHR Extension: (Virtual Keyboard) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-04-16]
CHR Extension: (Google Wallet) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-03-09] (Native Instruments GmbH) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-22] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-05-08] (AVG Technologies)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-05-11] (<Turtle Entertainment>)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-16] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-04-16] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-04-16] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-04-16] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-04-16] (Kaspersky Lab ZAO)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-09] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ESEADriver2; \??\C:\Users\Chruso\AppData\Local\Temp\ESEADriver2.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-09 22:40 - 2014-09-09 22:40 - 00021134 _____ () C:\Users\Chruso\Downloads\FRST.txt
2014-09-09 22:39 - 2014-09-09 22:40 - 00000000 ____D () C:\FRST
2014-09-09 22:39 - 2014-09-09 22:39 - 02105344 _____ (Farbar) C:\Users\Chruso\Downloads\FRST64.exe
2014-09-09 21:09 - 2014-09-09 21:09 - 00000000 ____D () C:\ProgramData\ATI
2014-09-09 20:48 - 2014-09-09 22:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 20:48 - 2014-09-09 20:48 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-09 20:48 - 2014-09-09 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-09 20:48 - 2014-09-09 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 20:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-09 20:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-09 20:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-09 20:47 - 2014-09-09 20:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Chruso\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-09 20:47 - 2014-09-09 20:47 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-09 20:46 - 2014-09-09 20:46 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201409092046495491.log
2014-09-09 20:46 - 2014-09-09 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-09 20:46 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-09-09 20:37 - 2014-09-09 21:36 - 10036224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-09 20:19 - 2014-09-09 20:19 - 02958444 _____ () C:\Users\Chruso\Downloads\970 Extreme4(2.60)WIN.zip
2014-09-09 20:09 - 2014-09-09 20:09 - 01010176 _____ () C:\Users\Chruso\Downloads\MicrosoftFixit50884.msi
2014-09-09 20:06 - 2014-09-09 20:10 - 118780152 _____ (Microsoft Corporation) C:\Users\Chruso\Downloads\msert.exe
2014-09-09 20:04 - 2014-09-09 20:15 - 320743024 _____ (AMD Inc.) C:\Users\Chruso\Downloads\amd-catalyst-14.7-rc3-windows-aug12.exe
2014-09-05 18:53 - 2014-09-02 17:45 - 05756368 _____ () C:\Users\Chruso\Desktop\13 BZ.m4a
2014-09-01 19:32 - 2014-09-01 19:32 - 00000462 _____ () C:\Users\Chruso\Downloads\listen-dsl (3).asx
2014-09-01 19:31 - 2014-09-01 19:31 - 00000470 _____ () C:\Users\Chruso\Downloads\listen-dsl (2).asx
2014-08-28 16:41 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 16:41 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 16:41 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 15:17 - 2014-08-13 15:19 - 00001205 _____ () C:\Windows\SecuniaPackage.log
2014-08-13 03:00 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 03:00 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 03:00 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 03:00 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 03:00 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 03:00 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 03:00 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 03:00 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-12 21:24 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-12 21:24 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-12 21:24 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-12 21:24 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-12 21:24 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-12 21:24 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-12 21:24 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-12 21:24 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-12 21:24 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-12 21:24 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-12 21:24 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-12 21:24 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-12 21:24 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-12 21:24 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-12 21:24 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-12 21:24 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-12 21:24 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-12 21:24 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-12 21:24 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-12 21:24 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-12 21:24 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-12 21:24 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-12 21:24 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-12 21:24 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-12 21:24 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-12 21:24 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-12 21:24 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-12 21:24 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-12 21:24 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-12 21:24 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-12 21:24 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-12 21:24 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-12 21:24 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-12 21:24 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-12 21:24 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-12 21:24 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-12 21:24 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-12 21:24 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-12 21:24 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-12 21:24 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-12 21:24 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-12 21:24 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-12 21:24 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-12 21:24 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-12 21:24 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-12 21:24 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-12 21:24 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-12 21:24 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-12 21:24 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-12 21:24 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-12 21:24 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-12 21:24 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-12 21:24 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-12 21:24 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-12 21:24 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-12 21:24 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-12 21:24 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-12 21:24 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-12 21:24 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-12 21:24 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-12 21:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-12 21:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-12 21:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-12 21:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-12 21:24 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-12 21:24 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-12 21:24 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-12 21:24 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-12 21:24 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-12 21:24 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-12 21:24 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-12 21:24 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-12 21:24 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-12 21:24 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-12 21:24 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-12 21:24 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-12 21:24 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-12 21:24 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-12 21:24 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-12 21:24 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-12 21:24 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-12 21:24 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-12 21:22 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-12 21:22 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 21:02 - 2014-09-09 21:07 - 00004192 _____ () C:\Windows\PFRO.log
2014-08-12 05:32 - 2014-08-12 05:32 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-08-12 05:28 - 2014-08-12 05:28 - 00276192 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-08-12 05:24 - 2014-08-12 05:24 - 15961088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-08-12 05:10 - 2014-08-12 05:10 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-08-12 05:09 - 2014-08-12 05:09 - 32877056 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-08-12 05:06 - 2014-08-12 05:06 - 27843072 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-08-12 05:03 - 2014-08-12 05:03 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-12 05:03 - 2014-08-12 05:03 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-12 04:51 - 2014-08-12 04:51 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-08-12 04:50 - 2014-08-12 04:50 - 05225472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-08-12 04:50 - 2014-08-12 04:50 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-08-12 04:44 - 2014-08-12 04:44 - 27529216 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-08-12 04:34 - 2014-08-12 04:34 - 04180992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-08-12 04:24 - 2014-08-12 04:24 - 23028224 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-08-12 04:20 - 2014-08-12 04:20 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-08-12 04:19 - 2014-08-12 04:19 - 00598112 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-08-12 04:19 - 2014-08-12 04:19 - 00598112 _____ () C:\Windows\system32\atiapfxx.blb
2014-08-12 04:19 - 2014-08-12 04:19 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00366592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-08-12 04:18 - 2014-08-12 04:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-08-12 04:14 - 2014-08-12 04:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-08-12 04:01 - 2014-08-12 04:01 - 00588800 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-08-12 04:01 - 2014-08-12 04:01 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-08-12 04:01 - 2014-08-12 04:01 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-08-12 04:00 - 2014-08-12 04:00 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-08-12 03:59 - 2014-08-12 03:59 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-08-12 03:57 - 2014-08-12 03:57 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-08-12 03:57 - 2014-08-12 03:57 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-08-12 03:53 - 2014-08-12 03:53 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-08-12 03:43 - 2014-08-12 03:43 - 00826368 _____ (AMD) C:\Windows\system32\coinst_14.20.dll
2014-08-12 03:42 - 2014-08-12 03:42 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-08-12 03:34 - 2014-08-12 03:34 - 01207296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00898560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-08-12 03:33 - 2014-08-12 03:33 - 00557056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-08-12 03:33 - 2014-08-12 03:33 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-08-12 03:33 - 2014-08-12 03:33 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-08-12 03:32 - 2014-08-12 03:32 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-08-11 23:20 - 2014-08-11 23:20 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-08-11 23:15 - 2014-08-11 23:15 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-09 22:40 - 2014-09-09 22:40 - 00021134 _____ () C:\Users\Chruso\Downloads\FRST.txt
2014-09-09 22:40 - 2014-09-09 22:39 - 00000000 ____D () C:\FRST
2014-09-09 22:39 - 2014-09-09 22:39 - 02105344 _____ (Farbar) C:\Users\Chruso\Downloads\FRST64.exe
2014-09-09 22:38 - 2014-09-09 20:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 22:37 - 2013-03-09 18:41 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-09 22:36 - 2014-06-18 16:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-09 22:24 - 2013-03-09 23:41 - 01408340 _____ () C:\Windows\WindowsUpdate.log
2014-09-09 22:23 - 2013-06-30 15:51 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Spotify
2014-09-09 22:06 - 2014-04-16 14:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-09 21:38 - 2014-06-18 16:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 21:38 - 2014-06-18 16:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 21:38 - 2013-05-05 19:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 21:36 - 2014-09-09 20:37 - 10036224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-09 21:17 - 2009-07-14 06:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-09 21:17 - 2009-07-14 06:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-09 21:11 - 2013-03-10 16:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-09 21:10 - 2013-06-30 15:52 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Spotify
2014-09-09 21:09 - 2014-09-09 21:09 - 00000000 ____D () C:\ProgramData\ATI
2014-09-09 21:08 - 2013-03-09 18:41 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-09 21:07 - 2014-08-12 21:02 - 00004192 _____ () C:\Windows\PFRO.log
2014-09-09 21:07 - 2014-08-05 14:22 - 00003700 _____ () C:\Windows\setupact.log
2014-09-09 21:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-09 21:04 - 2014-04-16 14:45 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-09 21:04 - 2013-03-10 18:31 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\TS3Client
2014-09-09 20:48 - 2014-09-09 20:48 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-09 20:48 - 2014-09-09 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-09 20:48 - 2014-09-09 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 20:47 - 2014-09-09 20:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Chruso\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-09 20:47 - 2014-09-09 20:47 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-09 20:47 - 2014-04-21 17:34 - 00000000 ____D () C:\ProgramData\AMD
2014-09-09 20:46 - 2014-09-09 20:46 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201409092046495491.log
2014-09-09 20:46 - 2014-09-09 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-09 20:46 - 2014-04-21 17:32 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-09 20:32 - 2013-03-09 23:41 - 00000000 ____D () C:\Users\Chruso
2014-09-09 20:19 - 2014-09-09 20:19 - 02958444 _____ () C:\Users\Chruso\Downloads\970 Extreme4(2.60)WIN.zip
2014-09-09 20:19 - 2014-04-21 17:28 - 00000000 ____D () C:\AMD
2014-09-09 20:15 - 2014-09-09 20:04 - 320743024 _____ (AMD Inc.) C:\Users\Chruso\Downloads\amd-catalyst-14.7-rc3-windows-aug12.exe
2014-09-09 20:10 - 2014-09-09 20:06 - 118780152 _____ (Microsoft Corporation) C:\Users\Chruso\Downloads\msert.exe
2014-09-09 20:09 - 2014-09-09 20:09 - 01010176 _____ () C:\Users\Chruso\Downloads\MicrosoftFixit50884.msi
2014-09-05 18:40 - 2013-03-09 18:42 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-03 19:04 - 2013-10-22 20:18 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Battle.net
2014-09-02 17:45 - 2014-09-05 18:53 - 05756368 _____ () C:\Users\Chruso\Desktop\13 BZ.m4a
2014-09-02 17:38 - 2011-04-12 09:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-09-02 17:38 - 2011-04-12 09:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-09-02 17:38 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-01 19:32 - 2014-09-01 19:32 - 00000462 _____ () C:\Users\Chruso\Downloads\listen-dsl (3).asx
2014-09-01 19:31 - 2014-09-01 19:31 - 00000470 _____ () C:\Users\Chruso\Downloads\listen-dsl (2).asx
2014-08-29 09:17 - 2009-07-14 06:45 - 00308248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-23 04:07 - 2014-08-28 16:41 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 16:41 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 16:41 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 15:19 - 2014-08-13 15:17 - 00001205 _____ () C:\Windows\SecuniaPackage.log
2014-08-13 04:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 03:12 - 2013-06-10 14:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 03:08 - 2013-08-16 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 03:04 - 2013-03-09 20:23 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 03:00 - 2014-05-06 18:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-12 21:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-12 05:32 - 2014-08-12 05:32 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-08-12 05:32 - 2014-08-12 05:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-08-12 05:32 - 2014-04-18 04:43 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-08-12 05:32 - 2014-04-18 04:42 - 09018320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-08-12 05:32 - 2014-04-18 04:42 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-08-12 05:32 - 2013-12-07 00:04 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-08-12 05:32 - 2013-12-07 00:03 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-08-12 05:32 - 2013-12-07 00:02 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-08-12 05:32 - 2013-12-07 00:01 - 01331424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-08-12 05:32 - 2013-12-07 00:01 - 01110992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-08-12 05:32 - 2013-12-07 00:00 - 10521632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-08-12 05:32 - 2013-12-06 23:59 - 07102496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-08-12 05:32 - 2013-12-06 23:58 - 06879016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-08-12 05:31 - 2013-12-06 23:57 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-08-12 05:31 - 2013-12-06 23:56 - 08108312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-08-12 05:28 - 2014-08-12 05:28 - 00276192 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-08-12 05:24 - 2014-08-12 05:24 - 15961088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-08-12 05:10 - 2014-08-12 05:10 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-08-12 05:09 - 2014-08-12 05:09 - 32877056 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-08-12 05:09 - 2014-08-12 05:09 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-08-12 05:06 - 2014-08-12 05:06 - 27843072 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-08-12 05:03 - 2014-08-12 05:03 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-12 05:03 - 2014-08-12 05:03 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-12 04:51 - 2014-08-12 04:51 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-08-12 04:50 - 2014-08-12 04:50 - 05225472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-08-12 04:50 - 2014-08-12 04:50 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-08-12 04:44 - 2014-08-12 04:44 - 27529216 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-08-12 04:34 - 2014-08-12 04:34 - 04180992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-08-12 04:24 - 2014-08-12 04:24 - 23028224 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-08-12 04:20 - 2014-08-12 04:20 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-08-12 04:19 - 2014-08-12 04:19 - 00598112 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-08-12 04:19 - 2014-08-12 04:19 - 00598112 _____ () C:\Windows\system32\atiapfxx.blb
2014-08-12 04:19 - 2014-08-12 04:19 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00366592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-08-12 04:18 - 2014-08-12 04:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-08-12 04:18 - 2014-08-12 04:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-08-12 04:14 - 2014-08-12 04:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-08-12 04:01 - 2014-08-12 04:01 - 00588800 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-08-12 04:01 - 2014-08-12 04:01 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-08-12 04:01 - 2014-08-12 04:01 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-08-12 04:00 - 2014-08-12 04:00 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-08-12 03:59 - 2014-08-12 03:59 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-08-12 03:57 - 2014-08-12 03:57 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-08-12 03:57 - 2014-08-12 03:57 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-08-12 03:53 - 2014-08-12 03:53 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-08-12 03:43 - 2014-08-12 03:43 - 00826368 _____ (AMD) C:\Windows\system32\coinst_14.20.dll
2014-08-12 03:42 - 2014-08-12 03:42 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-08-12 03:34 - 2014-08-12 03:34 - 01207296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00898560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-08-12 03:34 - 2014-08-12 03:34 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-08-12 03:33 - 2014-08-12 03:33 - 00557056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-08-12 03:33 - 2014-08-12 03:33 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-08-12 03:33 - 2014-08-12 03:33 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-08-12 03:32 - 2014-08-12 03:32 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-08-11 23:20 - 2014-08-11 23:20 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-08-11 23:15 - 2014-08-11 23:15 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-09 22:14
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Chruso at 2014-09-09 22:41:19
Running from C:\Users\Chruso\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.30.100.40811 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0811.2303.39561 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5A53DBA6-9B15-450F-EDF3-C01E12E9C61F}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0811.2303.39561 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock eXtreme Tuner v0.1.346 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock InstantBoot v1.28 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters)
ESEA Client (HKCU\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IObit Apps Toolbar v9.2 (HKLM-x32\...\{4F5E5430-1DA8-4B2B-BB26-B29C0E7DBFDB}) (Version: 9.2 - Spigot, Inc.) <==== ATTENTION
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.7.4 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Controller Editor (Version: 1.3.4.630 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.1.10169 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 (Version: 2.9.8.581 - Native Instruments) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Protegere (HKLM-x32\...\Protegere) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.0-1.0.5185.1 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.171.34768 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
TS3 Overlay (HKLM\...\TS3 Overlay) (Version: v3.0.16 - Rohrbacher Development)
TubeBox (HKLM-x32\...\{dfb98fb0-f9eb-4466-8678-55f5d75269ae}) (Version: 4.3.0.32 - Freetec)
TubeBox (x32 Version: 4.3.0.32 - Freetec) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-06-01 14:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0147ECF3-5DBA-4435-A639-C02C304EC165} - \pricemetertask No Task File <==== ATTENTION
Task: {18623098-D952-4EEF-B71D-962A8E4CB083} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-3 No Task File <==== ATTENTION
Task: {41CE9A7B-F7AB-464C-9DA4-5A5CBA09D143} - \Software Updater Ui No Task File <==== ATTENTION
Task: {46F5595C-7D3A-4598-BD19-B7A5E0001257} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.)
Task: {5B20C5C0-9495-4DE5-80E0-B4C3C0976B98} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {5F343881-04E2-4F47-ABF1-FE9700C2EB93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.)
Task: {61D710D7-F0D6-428F-9444-E1A069532041} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-6 No Task File <==== ATTENTION
Task: {6B099A62-9F7E-459D-9FE7-304850DBF85C} - \pricemeterwatcher No Task File <==== ATTENTION
Task: {6E01D87D-8555-47DC-8024-77DBFAD2298C} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-5 No Task File <==== ATTENTION
Task: {7D825F8E-DEF8-4AEE-979C-10573864BEAD} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-7 No Task File <==== ATTENTION
Task: {7FFD0D0A-8FDB-43FE-B041-A0EBB78F0421} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9DB1D733-4E9C-4D84-8E71-6A2022E0C2A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {ABE1A0EA-61D1-405B-B317-5D17104206E0} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-4 No Task File <==== ATTENTION
Task: {B3FDAF8A-A06C-47FD-AB22-13555F2D0FD8} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-2 No Task File <==== ATTENTION
Task: {BC5217B9-4A6F-41B4-88B5-9CFE42F7B7B5} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
Task: {CEE569BB-95B2-4056-BFA7-25BA75DEB58E} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-1 No Task File <==== ATTENTION
Task: {E13B4746-7BB5-4F56-AB64-E1D09560B3F5} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {E5FA9CDD-0F38-45B7-88C3-7CB0F587271C} - \Software Updater No Task File <==== ATTENTION
Task: {ED5726E8-5B6F-4980-841A-E8F5760BEFA9} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {F4296FC2-4311-4B15-B493-F3BBCF524C06} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {F78B0B10-6C03-47BB-B3EB-0FCC444C2BFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-11 23:06 - 2014-08-11 23:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-08-27 22:38 - 2014-01-29 19:14 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2013-04-09 20:25 - 2014-02-06 16:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2013-03-10 21:48 - 2014-07-22 21:51 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-09 23:54 - 2011-05-19 10:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-11-05 19:19 - 2013-11-05 19:19 - 00708096 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-06-01 14:24 - 2014-06-01 14:24 - 00089915 ____N () C:\Users\Chruso\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00280064 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 09562112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-08-11 23:06 - 2014-08-11 23:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-25 14:45 - 2014-08-29 09:18 - 00610872 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2013-06-30 15:52 - 2014-08-29 09:18 - 36966968 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\libcef.dll
2013-03-09 23:53 - 2011-05-04 17:32 - 00094208 ____N () C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\de-DE\THXAudNB.resources.dll
2014-07-17 21:08 - 2014-08-29 09:18 - 00867896 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-09-25 14:45 - 2014-08-29 09:18 - 00886840 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-25 14:45 - 2014-08-29 09:18 - 00108600 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\libegl.dll
2014-08-29 09:19 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 09:19 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 09:19 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 18:10 - 2014-08-21 00:38 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 13:20 - 2014-08-28 13:48 - 02224320 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 09:19 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 09:19 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-25 08:39 - 2014-08-28 13:48 - 00678080 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-19 12:48 - 2014-08-21 00:38 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-16 22:29 - 2014-08-21 00:38 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-09-05 18:40 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-05 18:40 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-05 18:40 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-05 18:40 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-05 18:40 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-05 18:40 - 2014-08-30 04:49 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\startupfolder: C:^Users^Chruso^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Netzmanager.lnk => C:\Windows\pss\Netzmanager.lnk.Startup
MSCONFIG\startupreg: ApplePhotoStreams => E:\Musik\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EADM => "E:\Spiele\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: ESL Wire => "C:\Program Files\EslWire\wire.exe" --tray
MSCONFIG\startupreg: iCloudServices => E:\Musik\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "E:\Musik\iTunesHelper.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (09/09/2014 10:21:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1137658774-1292525844-2702772695-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {dfcf3d81-2048-4b76-87d0-bece04633479}
Error: (09/09/2014 10:16:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/09/2014 09:11:41 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (09/09/2014 09:09:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (09/09/2014 09:09:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/09/2014 08:47:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NIHardwareService.exe, Version: 1.3.4.630, Zeitstempel: 0x4d776096
Name des fehlerhaften Moduls: NIHardwareService.exe, Version: 1.3.4.630, Zeitstempel: 0x4d776096
Ausnahmecode: 0xc0000417
Fehleroffset: 0x00000000000a5190
ID des fehlerhaften Prozesses: 0x758
Startzeit der fehlerhaften Anwendung: 0xNIHardwareService.exe0
Pfad der fehlerhaften Anwendung: NIHardwareService.exe1
Pfad des fehlerhaften Moduls: NIHardwareService.exe2
Berichtskennung: NIHardwareService.exe3
Error: (09/09/2014 08:43:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1137658774-1292525844-2702772695-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {e2bcdacf-f84a-40b3-9a08-ec542906b3e7}
Error: (09/09/2014 08:42:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1137658774-1292525844-2702772695-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {e2bcdacf-f84a-40b3-9a08-ec542906b3e7}
Error: (09/09/2014 08:35:29 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (09/09/2014 08:32:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/09/2014 10:25:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/09/2014 09:40:56 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/09/2014 09:07:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1083
Error: (09/09/2014 08:47:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NIHardwareService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2014 08:45:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1083
Error: (09/09/2014 08:45:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1083
Error: (09/09/2014 08:45:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1083
Error: (09/09/2014 08:44:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1083
Error: (09/09/2014 08:44:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD External Events Utility" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/09/2014 08:44:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD External Events Utility erreicht.
Microsoft Office Sessions:
=========================
Error: (10/30/2013 05:53:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2315 seconds with 1380 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-09-09 22:17:59.667
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-09 22:17:59.666
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-09 22:17:59.665
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-09 22:17:59.650
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-09 22:17:59.649
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-09 22:17:59.648
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 15:24:43.716
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 15:24:43.715
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 15:24:43.714
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 15:24:43.695
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD FX(tm)-8150 Eight-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 8149.7 MB
Available physical RAM: 4672.91 MB
Total Pagefile: 17969.25 MB
Available Pagefile: 13358.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:58.5 GB) (Free:7.06 GB) NTFS
Drive d: () (Fixed) (Total:488.28 GB) (Free:475.9 GB) NTFS
Drive e: () (Fixed) (Total:384.64 GB) (Free:181.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D0502C3C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=384.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 09.09.2014
Suchlauf-Zeit: 20:49:29
Logdatei: fdfdfdf.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.09.09.05
Rootkit Datenbank: v2014.08.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Chruso
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 355608
Verstrichene Zeit: 13 Min, 59 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 4
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64, In Quarantäne, [0396b239ef8c40f686e2669b996aa55b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantäne, [bddc5992d9a256e0ebc99d660ff46898],
PUP.Optional.Tuto4PC.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\t4pc_en_3_is1, In Quarantäne, [2079cd1e522967cf6e0b4eb118ea867a],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1137658774-1292525844-2702772695-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Conduit_Search_Protect, In Quarantäne, [12878566780363d3ea78c39d1de7e917],
Registrierungswerte: 1
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [bddc5992d9a256e0ebc99d660ff46898]
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 2
PUP.Optional.Tuto4PC.A, C:\Users\Chruso\AppData\Local\t4pc_en_3, In Quarantäne, [a1f823c895e684b243e5c8242cd6fc04],
PUP.Optional.Tuto4PC.A, C:\Program Files (x86)\t4pc_en_3, In Quarantäne, [bedb2ebdf586f4422affb53719e945bb],
Dateien: 9
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys, In Quarantäne, [0396b239ef8c40f686e2669b996aa55b],
PUP.Optional.Ciuvo.A, C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage, In Quarantäne, [0f8ae2093f3c50e648f7b25aad56728e],
PUP.Optional.Tuto4PC.A, C:\Users\Chruso\AppData\Local\t4pc_en_3\upt4pc_en_3.cyp, In Quarantäne, [a1f823c895e684b243e5c8242cd6fc04],
PUP.Optional.Tuto4PC.A, C:\Users\Chruso\AppData\Local\t4pc_en_3\user_profil.cyp, In Quarantäne, [a1f823c895e684b243e5c8242cd6fc04],
PUP.Optional.Tuto4PC.A, C:\Program Files (x86)\t4pc_en_3\predm.exe, In Quarantäne, [bedb2ebdf586f4422affb53719e945bb],
PUP.Optional.Tuto4PC.A, C:\Program Files (x86)\t4pc_en_3\Tuto4PC_widget.exe, In Quarantäne, [bedb2ebdf586f4422affb53719e945bb],
PUP.Optional.Tuto4PC.A, C:\Program Files (x86)\t4pc_en_3\unins000.dat, In Quarantäne, [bedb2ebdf586f4422affb53719e945bb],
PUP.Optional.Tuto4PC.A, C:\Program Files (x86)\t4pc_en_3\unins000.exe, In Quarantäne, [bedb2ebdf586f4422affb53719e945bb],
PUP.Optional.Tuto4PC.A, C:\Program Files (x86)\t4pc_en_3\unins000.msg, In Quarantäne, [bedb2ebdf586f4422affb53719e945bb],
Physische Sektoren: 0
(No malicious items detected)
(end) |