| Isidon31 | 17.06.2015 20:41 |
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 17.06.2015
Suchlauf-Zeit: 20:59:14
Logdatei: mbam.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.06.17.04
Rootkit Datenbank: v2015.06.15.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Fabian
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 397600
Verstrichene Zeit: 11 Min, 35 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 4
PUP.Optional.WowSearch.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}, In Quarantäne, [4b2ead9687030d293213120d3cc74cb4],
PUP.Optional.WowSearch.A, HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, In Quarantäne, [4b2ead9687030d293213120d3cc74cb4],
PUP.Optional.WowSearch.A, HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, In Quarantäne, [4b2ead9687030d293213120d3cc74cb4],
PUP.Optional.WowSearch.A, HKU\S-1-5-21-3181750377-55683798-1376771009-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, In Quarantäne, [4b2ead9687030d293213120d3cc74cb4],
Registrierungswerte: 0
(Keine schädliche Elemente gefunden)
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 0
(Keine schädliche Elemente gefunden)
Dateien: 6
PUP.Optional.Yappyz.A, C:\Users\Fabian\AppData\Roaming\Angry_Birds_Space\Angry_Birds_Space.exe, In Quarantäne, [32475be8b3d71a1c574ac33d13ef8977],
PUP.Optional.LiveSoftAction, C:\Users\Fabian\Downloads\Angry Birds Space angeboten von Ads Med Network CPA (1).exe, In Quarantäne, [4b2e2f14f199e155eac11cf84fb7aa56],
PUP.Optional.LiveSoftAction, C:\Users\Fabian\Downloads\Angry Birds Space angeboten von Ads Med Network CPA (2).exe, In Quarantäne, [9fda82c1f79374c28526bf55fd09c040],
PUP.Optional.LiveSoftAction, C:\Users\Fabian\Downloads\Angry Birds Space angeboten von Ads Med Network CPA.exe, In Quarantäne, [71084ef5addd3600911aad679d69bb45],
PUP.Optional.UTop.A, C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage, In Quarantäne, [a4d5bf842e5c79bdece7674c6b98e21e],
PUP.Optional.UTop.A, C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage-journal, In Quarantäne, [0970d66d503a3ff7b51e7241a85bdc24],
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
Code:
# AdwCleaner v4.206 - Bericht erstellt 17/06/2015 um 20:54:01
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-17.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Fabian - MSI-LAPTOP
# Gestarted von : C:\Users\Fabian\Downloads\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.124
*************************
AdwCleaner[R0].txt - [16846 Bytes] - [16/06/2015 17:05:11]
AdwCleaner[R1].txt - [998 Bytes] - [17/06/2015 20:52:21]
AdwCleaner[S0].txt - [16124 Bytes] - [16/06/2015 17:07:09]
AdwCleaner[S1].txt - [919 Bytes] - [17/06/2015 20:54:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [977 Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.9 (06.16.2015:2)
OS: Windows 8.1 x64
Ran by Fabian on 17.06.2015 at 21:30:14,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\SpyHunter4Startup
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Users\Fabian\AppData\Roaming\appdataFr3.bin
Successfully deleted: [File] C:\Users\Fabian\appdata\local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Fabian\appdata\local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\12442149642831810872
~~~ Chrome
[C:\Users\Fabian\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Fabian\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Fabian\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Fabian\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.06.2015 at 21:36:10,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Fabian (administrator) on MSI-LAPTOP on 17-06-2015 21:37:15
Running from C:\Users\Fabian\Desktop
Loaded Profiles: Fabian (Available Profiles: Fabian & andyh_000)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-10-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-10-21] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2014-10-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [408744 2014-01-02] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\MSI\KLM\KLM.exe [1562504 2013-05-02] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink)
HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => D:\Area ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\S-1-5-21-3181750377-55683798-1376771009-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
HKU\S-1-5-21-3181750377-55683798-1376771009-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Fabian\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3181750377-55683798-1376771009-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3181750377-55683798-1376771009-1001\...\MountPoints2: {b0c24991-98b6-11e4-826f-448a5bef406e} - "F:\autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-10-28]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3181750377-55683798-1376771009-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3181750377-55683798-1376771009-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3181750377-55683798-1376771009-1001 -> {E8131295-A219-43E2-BC5C-0A413E43F7FC} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-24] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-12] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-24] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-12] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{0F1611EC-4C06-41DD-831C-69825A095822}: [NameServer] 192.168.178.201,192.168.178.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-12-24] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-12-24] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-12-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{8167E8F2-A770-4EFB-BA53-8A511051CD9B}] - C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-12-24]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-12-24]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-12-24]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-12-24]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-12-24]
FF HKLM-x32\...\Firefox\Extensions: [{8167E8F2-A770-4EFB-BA53-8A511051CD9B}] - C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-17]
CHR Extension: (Kaspersky Protection) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-14]
CHR Extension: (Google Wallet) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-17]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-02] (BitRaider, LLC)
S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [69120 2013-10-22] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-26] (CyberLink)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2014-10-27] (ELAN Microelectronics Corp.)
S2 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [File not signed]
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)
S2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-10-27] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2014-10-27] (Advanced Micro Devices)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-02-22] (BitRaider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-06-13] ()
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-21] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2014-12-24] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2014-12-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [554712 2014-10-27] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2946264 2013-10-18] (Realtek Semiconductor Corporation )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\system32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 21:37 - 2015-06-17 21:37 - 00020930 _____ C:\Users\Fabian\Desktop\FRST.txt
2015-06-17 21:36 - 2015-06-17 21:36 - 00001593 _____ C:\Users\Fabian\Desktop\JRT.txt
2015-06-17 21:33 - 2015-06-16 17:10 - 02945901 _____ (Thisisu) C:\Users\Fabian\Desktop\JRT.exe
2015-06-17 21:29 - 2015-06-17 21:29 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MSI-LAPTOP-Windows-8.1-(64-bit).dat
2015-06-17 21:29 - 2015-06-17 21:29 - 00000000 ____D C:\RegBackup
2015-06-17 21:28 - 2015-06-17 21:28 - 00002903 _____ C:\Users\Fabian\Desktop\mbam.txt
2015-06-17 20:59 - 2015-06-17 20:59 - 00001056 _____ C:\Users\Fabian\Desktop\AdwCleaner[S1].txt
2015-06-17 20:58 - 2015-06-17 21:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-17 20:58 - 2015-06-17 20:58 - 00000641 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-17 20:58 - 2015-06-17 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-17 20:58 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-17 20:58 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-17 20:58 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-16 21:49 - 2015-06-16 21:49 - 00001740 _____ C:\Users\Fabian\Desktop\Echo of Soul.lnk
2015-06-16 21:49 - 2015-06-16 21:49 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-06-16 21:40 - 2015-06-16 21:50 - 00000000 ____D C:\Users\Fabian\EOS
2015-06-16 17:41 - 2015-06-16 17:41 - 00040497 _____ C:\Users\Fabian\Downloads\Addition.txt
2015-06-16 17:40 - 2015-06-17 21:37 - 00000000 ____D C:\FRST
2015-06-16 17:40 - 2015-06-16 17:41 - 00043360 _____ C:\Users\Fabian\Downloads\FRST.txt
2015-06-16 17:09 - 2015-06-16 17:10 - 02945901 _____ (Thisisu) C:\Users\Fabian\Downloads\JRT.exe
2015-06-16 17:09 - 2015-06-16 17:09 - 02109952 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2015-06-16 17:05 - 2015-06-17 20:54 - 00000000 ____D C:\AdwCleaner
2015-06-16 17:04 - 2015-06-16 17:04 - 02231296 _____ C:\Users\Fabian\Desktop\AdwCleaner_4.206.exe
2015-06-13 16:21 - 2015-06-13 16:21 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Enigma Software Group
2015-06-13 16:21 - 2015-06-13 16:21 - 00000000 ____D C:\sh4ldr
2015-06-13 16:21 - 2015-06-13 16:21 - 00000000 _____ C:\autoexec.bat
2015-06-13 16:20 - 2015-06-13 16:20 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-06-11 17:53 - 2015-06-11 17:53 - 00000000 ____D C:\Users\Fabian\AppData\Local\GWX
2015-06-11 16:18 - 2015-06-11 16:18 - 00512536 _____ (Aeria Games & Entertainment) C:\Users\Fabian\Downloads\echoofsoul_de_downloader.exe
2015-06-09 20:26 - 2015-05-27 15:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 20:26 - 2015-05-27 15:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 20:26 - 2015-05-25 14:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 20:26 - 2015-05-25 14:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 20:26 - 2015-05-23 04:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 20:26 - 2015-05-23 04:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 20:26 - 2015-05-23 04:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 20:26 - 2015-05-23 04:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 20:26 - 2015-05-23 04:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 20:26 - 2015-05-23 03:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 20:26 - 2015-05-23 03:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 20:26 - 2015-05-23 03:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 20:26 - 2015-05-23 03:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 20:26 - 2015-05-23 03:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 20:26 - 2015-05-23 03:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 20:26 - 2015-05-23 03:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 20:26 - 2015-05-23 03:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 20:26 - 2015-05-23 03:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 20:26 - 2015-05-22 20:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 20:26 - 2015-05-22 20:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 20:26 - 2015-05-22 20:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 20:26 - 2015-05-22 19:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 20:26 - 2015-05-22 19:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 20:26 - 2015-05-22 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 20:26 - 2015-05-22 19:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 20:26 - 2015-05-22 19:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 20:26 - 2015-05-22 19:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 20:26 - 2015-05-22 18:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 20:26 - 2015-05-22 18:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 20:26 - 2015-05-22 18:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-09 20:26 - 2015-05-22 18:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 20:26 - 2015-05-22 18:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 20:26 - 2015-05-21 17:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 20:26 - 2015-04-25 03:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 20:26 - 2015-04-25 03:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 20:26 - 2015-04-16 07:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-09 20:26 - 2015-04-13 23:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-09 20:26 - 2015-04-13 23:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-09 20:26 - 2015-04-10 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-09 20:26 - 2015-04-10 01:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-09 20:26 - 2015-04-08 23:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-09 20:26 - 2015-04-01 23:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-09 20:26 - 2015-04-01 23:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-09 20:26 - 2015-04-01 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-09 20:26 - 2015-04-01 05:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-09 20:26 - 2015-04-01 05:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-09 20:26 - 2015-04-01 05:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-09 20:26 - 2015-04-01 04:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-09 20:26 - 2015-04-01 04:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-09 20:26 - 2015-04-01 04:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-09 20:26 - 2015-04-01 03:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-09 20:26 - 2015-04-01 03:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-09 20:26 - 2015-04-01 03:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-09 20:26 - 2015-04-01 03:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-09 20:26 - 2015-04-01 03:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-09 20:26 - 2015-04-01 03:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-09 20:25 - 2015-05-23 03:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 20:25 - 2015-05-23 03:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-09 20:25 - 2015-05-23 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 20:25 - 2015-05-23 03:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 20:25 - 2015-05-22 19:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 20:25 - 2015-05-22 19:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 20:25 - 2015-05-22 19:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-09 20:25 - 2015-05-22 19:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-09 20:25 - 2015-05-22 19:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-09 20:25 - 2015-05-22 19:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-05 13:56 - 2015-06-15 17:26 - 00000000 ____D C:\Users\Fabian\AppData\Local\nuclearthrone
2015-06-05 13:55 - 2015-06-05 13:55 - 00000202 _____ C:\Users\Fabian\Desktop\Nuclear Throne.url
2015-05-21 16:41 - 2015-05-21 16:41 - 00000805 _____ C:\Users\Fabian\Desktop\S4 League.lnk
2015-05-19 18:05 - 2015-05-19 18:05 - 00001526 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-05-19 18:05 - 2015-05-19 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-19 18:03 - 2015-05-19 18:03 - 03541664 _____ (Aeria Games & Entertainment) C:\Users\Fabian\Downloads\aeria_ignite_install.exe
2015-05-19 18:02 - 2015-05-19 18:02 - 00578584 _____ (Aeria Games & Entertainment) C:\Users\Fabian\Downloads\s4league_us_downloader (8).exe
2015-05-19 18:02 - 2015-05-19 18:02 - 00578584 _____ (Aeria Games & Entertainment) C:\Users\Fabian\Downloads\s4league_us_downloader (7).exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 21:37 - 2014-12-24 20:09 - 01575698 _____ C:\Windows\WindowsUpdate.log
2015-06-17 21:35 - 2015-01-02 20:58 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Skype
2015-06-17 21:26 - 2014-12-24 20:16 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 21:26 - 2014-12-24 20:15 - 00000000 ___RD C:\Users\Fabian\OneDrive
2015-06-17 21:26 - 2014-12-24 20:12 - 00192432 _____ C:\Users\Fabian\AppData\Local\BTServer.log
2015-06-17 21:25 - 2015-01-10 13:03 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Angry_Birds_Space
2015-06-17 21:25 - 2014-12-24 20:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-17 21:25 - 2014-03-18 10:54 - 01445600 _____ C:\Windows\PFRO.log
2015-06-17 21:25 - 2013-08-22 15:46 - 00034241 _____ C:\Windows\setupact.log
2015-06-17 21:25 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 21:25 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-06-17 21:18 - 2014-12-24 20:19 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3181750377-55683798-1376771009-1001
2015-06-17 21:07 - 2014-12-24 20:16 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 21:05 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-17 21:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-17 21:00 - 2014-04-30 18:36 - 00774900 _____ C:\Windows\system32\prfh0416.dat
2015-06-17 21:00 - 2014-04-30 18:36 - 00158494 _____ C:\Windows\system32\prfc0416.dat
2015-06-17 21:00 - 2014-04-30 18:11 - 00440760 _____ C:\Windows\system32\perfh014.dat
2015-06-17 21:00 - 2014-04-30 18:11 - 00076914 _____ C:\Windows\system32\perfc014.dat
2015-06-17 21:00 - 2014-04-30 17:02 - 00541792 _____ C:\Windows\system32\perfh008.dat
2015-06-17 21:00 - 2014-04-30 17:02 - 00088858 _____ C:\Windows\system32\perfc008.dat
2015-06-17 21:00 - 2014-04-30 16:55 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-06-17 21:00 - 2014-04-30 16:55 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-06-17 21:00 - 2014-03-18 11:03 - 03851932 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-16 21:40 - 2014-12-25 19:38 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2015-06-16 21:40 - 2014-12-24 20:11 - 00000000 ____D C:\Users\Fabian
2015-06-16 17:01 - 2014-12-24 20:15 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A39D28A4-299E-4E02-AC02-F935541E2DBA}
2015-06-15 17:21 - 2014-12-24 20:43 - 00000001 _____ C:\Users\Public\Documents\dgc.txt
2015-06-15 17:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-11 19:51 - 2014-12-25 19:53 - 00000000 ____D C:\ProgramData\Aeria Games
2015-06-11 19:32 - 2014-12-24 21:28 - 00000000 ____D C:\Users\Fabian\AppData\Local\CrashDumps
2015-06-11 17:57 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-11 17:54 - 2015-01-02 20:58 - 00000000 ____D C:\ProgramData\Skype
2015-06-11 17:08 - 2015-01-24 15:58 - 00002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-11 17:05 - 2015-05-14 07:30 - 00837536 _____ C:\ProgramData\yvd_ie_se.exe
2015-06-11 17:05 - 2015-01-17 15:45 - 02032503 _____ C:\ProgramData\yvd_chrome_se.exe
2015-06-11 17:05 - 2015-01-17 15:45 - 01529534 _____ C:\ProgramData\yvd_firefox_se.exe
2015-06-11 17:05 - 2015-01-02 20:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-11 17:04 - 2013-08-22 15:44 - 00431968 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 17:01 - 2015-01-25 18:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 17:01 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 16:57 - 2014-12-24 21:49 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 16:49 - 2014-12-24 21:49 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 19:05 - 2015-04-08 12:17 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-09 19:05 - 2015-04-08 12:17 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-03 17:18 - 2013-08-22 16:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 17:18 - 2013-08-22 16:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-23 17:03 - 2015-04-30 18:27 - 00101376 ___SH C:\Users\Fabian\Desktop\Thumbs.db
2015-05-21 18:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-05-19 17:57 - 2014-12-25 20:49 - 00000000 ____D C:\Users\Fabian\Downloads\Gameforge Live
==================== Files in the root of some directories =======
2014-12-24 20:12 - 2015-06-17 21:26 - 0192432 _____ () C:\Users\Fabian\AppData\Local\BTServer.log
2015-01-14 19:22 - 2015-01-14 19:22 - 0333312 _____ () C:\ProgramData\cryptoDrvUpdate.exe
2015-01-17 15:45 - 2015-06-11 17:05 - 2032503 _____ () C:\ProgramData\yvd_chrome_se.exe
2015-01-17 15:45 - 2015-06-11 17:05 - 1529534 _____ () C:\ProgramData\yvd_firefox_se.exe
2015-05-14 07:30 - 2015-06-11 17:05 - 0837536 _____ () C:\ProgramData\yvd_ie_se.exe
Files to move or delete:
====================
C:\ProgramData\cryptoDrvUpdate.exe
C:\ProgramData\yvd_chrome_se.exe
C:\ProgramData\yvd_firefox_se.exe
C:\ProgramData\yvd_ie_se.exe
Some files in TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\12212_offer.exe
C:\Users\Fabian\AppData\Local\Temp\12235_offer.exe
C:\Users\Fabian\AppData\Local\Temp\13839_offer.exe
C:\Users\Fabian\AppData\Local\Temp\14560_offer.exe
C:\Users\Fabian\AppData\Local\Temp\17077_offer.exe
C:\Users\Fabian\AppData\Local\Temp\17131_offer.exe
C:\Users\Fabian\AppData\Local\Temp\17516_offer.exe
C:\Users\Fabian\AppData\Local\Temp\17831_offer.exe
C:\Users\Fabian\AppData\Local\Temp\18199_offer.exe
C:\Users\Fabian\AppData\Local\Temp\19345_offer.exe
C:\Users\Fabian\AppData\Local\Temp\20063_offer.exe
C:\Users\Fabian\AppData\Local\Temp\20391_offer.exe
C:\Users\Fabian\AppData\Local\Temp\21189_offer.exe
C:\Users\Fabian\AppData\Local\Temp\21223_offer.exe
C:\Users\Fabian\AppData\Local\Temp\24385_offer.exe
C:\Users\Fabian\AppData\Local\Temp\24517_offer.exe
C:\Users\Fabian\AppData\Local\Temp\26196_offer.exe
C:\Users\Fabian\AppData\Local\Temp\28086_offer.exe
C:\Users\Fabian\AppData\Local\Temp\28629_offer.exe
C:\Users\Fabian\AppData\Local\Temp\2963_offer.exe
C:\Users\Fabian\AppData\Local\Temp\30789_offer.exe
C:\Users\Fabian\AppData\Local\Temp\30835_offer.exe
C:\Users\Fabian\AppData\Local\Temp\31155_offer.exe
C:\Users\Fabian\AppData\Local\Temp\31441_offer.exe
C:\Users\Fabian\AppData\Local\Temp\31986_offer.exe
C:\Users\Fabian\AppData\Local\Temp\32199_offer.exe
C:\Users\Fabian\AppData\Local\Temp\32662_offer.exe
C:\Users\Fabian\AppData\Local\Temp\3597_offer.exe
C:\Users\Fabian\AppData\Local\Temp\53e50041d7a934ed4b5edb72a447ebb2.dll
C:\Users\Fabian\AppData\Local\Temp\6158_offer.exe
C:\Users\Fabian\AppData\Local\Temp\8966_offer.exe
C:\Users\Fabian\AppData\Local\Temp\9957_offer.exe
C:\Users\Fabian\AppData\Local\Temp\COMAP.EXE
C:\Users\Fabian\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll
C:\Users\Fabian\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Fabian\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Fabian\AppData\Local\Temp\jsonparser.dll
C:\Users\Fabian\AppData\Local\Temp\ose00000.exe
C:\Users\Fabian\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Fabian\AppData\Local\Temp\Quarantine.exe
C:\Users\Fabian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Fabian\AppData\Local\Temp\sqlite3.dll
C:\Users\Fabian\AppData\Local\Temp\sqlite3.exe
C:\Users\Fabian\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_1976.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-17 21:18
==================== End of log ============================
--- --- ---
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Fabian at 2015-06-17 21:37:54
Running from C:\Users\Fabian\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3181750377-55683798-1376771009-500 - Administrator - Disabled)
andyh_000 (S-1-5-21-3181750377-55683798-1376771009-1004 - Administrator - Enabled) => C:\Users\andyh_000
Fabian (S-1-5-21-3181750377-55683798-1376771009-1001 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-3181750377-55683798-1376771009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3181750377-55683798-1376771009-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Windows Live Essentials“ (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
Akamai NetSession Interface (HKU\S-1-5-21-3181750377-55683798-1376771009-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{AA9BE01D-FE61-4B4C-C0C9-F68303FFC581}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1405.0701 - Micro-Star International Co., Ltd.)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Boot Configure (HKLM-x32\...\{AB72B3BB-A389-4F62-86EE-C08326B4BE60}) (Version: 20.014.05233 - Micro-Star International Co., Ltd.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1408.201 - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1401.0201 - Application)
Dragon Gaming Center (x32 Version: 1.0.1401.0201 - Application) Hidden
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version: - )
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.13.4.4_WHQL (HKLM\...\Elantech) (Version: 11.13.4.4 - ELAN Microelectronic Corp.)
Fotoattēlu galerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
In Verbis Virtus (HKLM-x32\...\Steam App 242840) (Version: - Indomitus Games)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
KLM (HKLM-x32\...\InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}) (Version: 1.2.1304.2201 - Micro-Star International Co., Ltd.)
KLM (x32 Version: 1.2.1304.2201 - Micro-Star International Co., Ltd.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MAGIX MX Suite (HKLM-x32\...\MAGIX_{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG)
MAGIX MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mini Notepad (HKLM-x32\...\{1E38F0E0-5499-CDAF-F946-BA3D053AABC2}) (Version: - "")
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.)
MSI Remind Manager (x32 Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.) Hidden
MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)
Nuclear Throne (HKLM-x32\...\Steam App 242680) (Version: - Vlambeer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Podstawowe programy Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.14 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.25502 - Razer Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.780.780.102113 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7101 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0231 - )
S4 League (HKLM-x32\...\S4 League) (Version: - )
SCM (HKLM\...\{44E11251-1638-4D77-950F-2D177D34F7E3}) (Version: 10.014.01026 - Application)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
wow search (HKLM-x32\...\wow search) (Version: 1.0.11 - )
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3181750377-55683798-1376771009-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3181750377-55683798-1376771009-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3181750377-55683798-1376771009-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3181750377-55683798-1376771009-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3181750377-55683798-1376771009-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3181750377-55683798-1376771009-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0915C245-DEFE-4F7B-8BD1-AF5AC6C8DD1B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {5BCA1076-E270-4D2B-8823-94A78E1416BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)
Task: {62FB7A18-AD0C-4DAB-A936-666059E8A7F9} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {7C21351F-DC7F-41CF-A4F0-47C53F3521B5} - System32\Tasks\Microsoft\windows\DiskDiagnostic\DiskDiagnostic => C:\Program Files (x86)\DiskDiagnostic\DiskDiagnostic.exe <==== ATTENTION
Task: {7C63B347-376E-4BF8-B598-1C5B58A0C3D3} - System32\Tasks\Loca\Loca\Loca => C:\Program Files (x86)\Loca\bin\LocaProxy.exe <==== ATTENTION
Task: {8217D6F1-3C2F-45FD-B550-1CB8B2657C8B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {8F453ABB-2A4D-44A3-A16B-B3A608EDB013} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {BE3E0837-084A-47D7-95C3-A07C8C3FC11E} - System32\Tasks\MSI_OnlineRegister => C:\Program Files (x86)\MSI\MSI Remind Manager\MSIOnlineRegister.exe [2014-08-15] ()
Task: {CB661C24-60B7-415D-892B-9E39D288879A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {CF3C375D-448F-48B6-AB90-5E82BEF2855B} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {D23BA252-9538-4146-98CE-FB9784976B1B} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe [2014-01-06] (Micro-Star International Co., Ltd.)
Task: {D38E93AA-30DB-4150-BF3D-82CC5978E10B} - System32\Tasks\{5D0D4A9A-D407-40C4-9312-04C8FBDEE00F} => pcalua.exe -a C:\Users\Fabian\Downloads\RazerSurroundInstaller_v2.00.10.exe -d C:\Users\Fabian\Downloads
Task: {ED442D20-272F-41ED-A42A-1CFB90425531} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EF616450-7D66-440D-9D2A-C3B4C25A862B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)
Task: {F808C473-57B0-4F43-AE79-98620AFD943B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-06-11 17:08 - 2015-06-05 19:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-11 17:08 - 2015-06-05 19:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\andyh_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Fabian\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3181750377-55683798-1376771009-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img2.jpg
DNS Servers: 192.168.178.201 - 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Registry Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7E7D73BB-7E6F-4151-9873-3DE155E61AF3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{80C8799B-C4A3-45D3-8EAF-561DC6575FD6}] => (Allow) LPort=2869
FirewallRules: [{A3E3A157-8298-42C5-81B5-4E33745E3FCF}] => (Allow) LPort=1900
FirewallRules: [{310612AA-B43C-4BB8-8C1F-44E8D8763275}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{0B6754BE-597B-4CC2-B100-89C9C46C0596}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0C92F3F3-04C1-46A8-AF9B-39CAA6317E73}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{2C6AB9CC-7154-4A73-B22A-11E7BDDC9F44}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{BC64A99D-81E3-4B8B-8A9F-060DD19A5084}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{99155AD2-AC7C-4863-A431-AED433A769A4}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{B6C983DC-9730-4052-B652-67DA6922F639}] => (Allow) D:\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{8161F232-66D2-4C22-9E5D-B7D28F843CEF}] => (Allow) D:\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FB273F34-7435-49EC-A04C-D0C78D09EA1A}] => (Allow) C:\Program Files (x86)\Loca\bin\LocaProxy.exe
FirewallRules: [{0305C470-DCB7-4295-85F8-0E08ECEC3042}] => (Allow) C:\Program Files (x86)\Loca\bin\LocaProxy.exe
FirewallRules: [{570E2CE5-F00F-4388-9977-CB937420FD22}] => (Allow) D:\steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{EE302259-C6A6-44C2-B694-B6C845C211BF}] => (Allow) D:\steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{762E2379-C8BF-4082-8CC0-50BA9DE7A93A}] => (Allow) D:\steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{FF6BEC72-D468-4900-BAAC-0A620DAB1976}] => (Allow) D:\steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{2F749B9B-0720-42C2-BAA4-AA88CBBD731A}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{FB535255-6D19-4691-A869-1F80AFB6B4F9}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{BF4132F0-125A-4C73-882D-EE5A7A35D07F}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{93EA14DD-FB62-49E0-8DB2-369598176759}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{9CC346A0-142A-4A73-A60B-6A42DDF6B273}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8EE30774-F6BA-4AED-B77C-020491F500C5}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{F176D48B-2C6C-4737-BED7-793FE3962D2E}] => (Allow) D:\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{CD0ED6F5-E39A-4983-8043-4EC49590D861}C:\users\fabian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\fabian\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D86FD85E-7F0B-4D70-9AAF-9018586A7A8E}C:\users\fabian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\fabian\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B717798D-C783-4E01-A734-79E4520CC85F}] => (Allow) D:\steam\steamapps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{ADEE6155-3849-443C-9451-BE70EA23AEDD}] => (Allow) D:\steam\steamapps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{0C82177F-C46D-4EB5-8567-1BCD32B4F1A5}] => (Allow) D:\steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{A0720D28-9D02-4930-A7BB-DA29BAEC3DC0}] => (Allow) D:\steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{B06AC238-23C3-4646-BDF1-4836C9215347}] => (Allow) D:\steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{F471C912-526E-45FA-A98F-9A10B9B3E970}] => (Allow) D:\steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{46A5512F-9983-4450-8161-510060691394}] => (Allow) D:\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{51F424DE-DEE4-457F-BCF2-5F1A5416B92D}] => (Allow) D:\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{30A20E5A-41E1-416A-8C47-0236166855D1}] => (Allow) D:\steam\steamapps\common\Nuclear Throne\nuclearthrone.exe
FirewallRules: [{8B6F6C1A-DA2B-4743-8FDE-AE57811D65E2}] => (Allow) D:\steam\steamapps\common\Nuclear Throne\nuclearthrone.exe
FirewallRules: [{CE679342-D05A-4B84-8CA6-05EC1F06AAF3}] => (Allow) D:\steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{575BD032-13D0-4218-A2DD-23A7E427FCF6}] => (Allow) D:\steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{86F4BB21-A39F-48D8-8A01-616635D8E0A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/17/2015 09:26:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (06/17/2015 09:22:44 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (06/17/2015 09:20:07 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (06/17/2015 09:19:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WinRE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/16/2015 06:57:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 43.0.2357.124 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 146c
Startzeit: 01d0a84ea9355785
Endzeit: 2564
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 2de183e5-1451-11e5-82a1-448a5bef406e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/15/2015 05:25:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2cb8
Startzeit: 01d0a5f123510c00
Endzeit: 12153
Anwendungspfad: D:\steam\steam.exe
Berichts-ID: fc9cf060-137a-11e5-82a0-448a5bef406e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/15/2015 05:21:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (06/13/2015 06:14:42 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (06/11/2015 07:31:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530, Zeitstempel: 0x5156646c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006dd76
ID des fehlerhaften Prozesses: 0x2630
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3
Vollständiger Name des fehlerhaften Pakets: LolClient.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LolClient.exe5
Error: (06/11/2015 05:46:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WinRE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (06/17/2015 09:31:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/17/2015 09:31:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/17/2015 09:31:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/17/2015 09:31:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Qualcomm Atheros Killer Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 09:31:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MSI_SuperCharger" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 09:31:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Micro Star SCM" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 09:31:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 09:31:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 09:31:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Elan Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 09:31:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BTDevManager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (06/17/2015 09:26:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (06/17/2015 09:22:44 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\Program Files\WinZip\adxloader.dll.Manifestc:\Program Files\WinZip\adxloader.dll.Manifest2
Error: (06/17/2015 09:20:07 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\Program Files\WinZip\adxloader.dll.Manifestc:\Program Files\WinZip\adxloader.dll.Manifest2
Error: (06/17/2015 09:19:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WinRE toolsFalscher Parameter. (0x80070057)
Error: (06/16/2015 06:57:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe43.0.2357.124146c01d0a84ea93557852564C:\Program Files (x86)\Google\Chrome\Application\chrome.exe2de183e5-1451-11e5-82a1-448a5bef406e
Error: (06/15/2015 05:25:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: steam.exe2.81.34.62cb801d0a5f123510c0012153D:\steam\steam.exefc9cf060-137a-11e5-82a0-448a5bef406e
Error: (06/15/2015 05:21:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (06/13/2015 06:14:42 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\Program Files\WinZip\adxloader.dll.Manifestc:\Program Files\WinZip\adxloader.dll.Manifest2
Error: (06/11/2015 07:31:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LolClient.exe0.0.0.0515663e0Adobe AIR.dll3.7.0.15305156646cc00000050006dd76263001d0a46f5990f4d3D:\lol\RADS\projects\lol_air_client\releases\0.0.1.148\deploy\LolClient.exeD:\lol\RADS\projects\lol_air_client\releases\0.0.1.148\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dll243e6a68-1068-11e5-82a0-448a5bef406e
Error: (06/11/2015 05:46:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WinRE toolsFalscher Parameter. (0x80070057)
CodeIntegrity Errors:
===================================
Date: 2015-06-17 21:27:06.217
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-11 17:55:06.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-24 17:38:12.214
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-24 17:37:23.784
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-24 17:37:14.460
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 16:28:33.311
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-20 18:03:13.962
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-19 20:42:17.124
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-19 19:48:45.075
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-16 22:46:16.216
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A10-5750M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 32%
Total physical RAM: 7364.21 MB
Available physical RAM: 4948.84 MB
Total Pagefile: 8516.21 MB
Available Pagefile: 5843.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:118.24 GB) (Free:50.58 GB) NTFS
Drive d: (Data) (Fixed) (Total:913.38 GB) (Free:753.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: EB72DB9C)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EB72DA7A)
Partition: GPT Partition Type.
==================== End of log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
