Malewareinfektion epictory.com und andere Hallo Jürgen danke das du dich meinem Problem annimmst.
Hier die Log
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Punisher (administrator) on PUNISHER-PC on 30-04-2015 16:02:59
Running from C:\Users\Punisher\Desktop
Loaded Profiles: Punisher (Available profiles: Punisher)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) G:\Program Files (x86)\Avast!\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Advanced Micro Devices, Inc.) G:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() D:\Program Files\AMD\OverDrive\AODAssist.exe
(Malwarebytes Corporation) G:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) G:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) G:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) G:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() D:\Program Files\KinzuMouseFix\MouseFix.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Punisher\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avast Software s.r.o.) G:\Program Files (x86)\Avast!\AvastUI.exe
(Malwarebytes Corporation) G:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Dominik Reichl) D:\Program Files\KeePass Password Safe 2\KeePass.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Punisher\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Punisher\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Punisher\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Punisher\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [DelReg] => D:\Program Files\MSI\OverclockingCenter\DelReg.exe [196608 2008-12-05] ()
HKLM-x32\...\Run: [StartCCC] => G:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => G:\Program Files (x86)\Avast!\AvastUI.exe [5515496 2015-04-28] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => G:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2618680 2015-04-08] (Malwarebytes Corporation)
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\Run: [MouseFix] => D:\Program Files\KinzuMouseFix\MouseFix.exe [40960 2004-01-29] ()
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\Run: [Catalyst Control Center_ Host application] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299520 2013-10-09] (ATI Technologies Inc.)
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\Run: [Spotify Web Helper] => C:\Users\Punisher\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-28] (Spotify Ltd)
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\MountPoints2: {09c7bad7-3a5e-11e3-ae81-6c626db3c31a} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\MountPoints2: {14de0086-2ed8-11e1-a55e-6c626db3c31a} - G:\Autorun.exe
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\MountPoints2: {5179d2fb-ce3d-11e3-ad0a-6c626db3c31a} - E:\setup.exe
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\MountPoints2: {5cc8293f-8e56-11e3-8275-6c626db3c31a} - F:\Startme.exe
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\MountPoints2: {ba777560-1a42-11e4-9dd8-6c626db3c31a} - I:\Startme.exe
HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\MountPoints2: {dbfc840e-a132-11e2-a963-6c626db3c31a} - E:\setup.exe
IFEO\AcroRd32.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\autopico.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\extendscript toolkit.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\kmseldi.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\pccompanion.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\switchboard.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\uninshs.exe: [Debugger] "G:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => G:\Program Files (x86)\Avast!\ashShA64.dll [2015-04-28] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-583765230-2512379700-304559937-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-583765230-2512379700-304559937-1000 - (No Name) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-583765230-2512379700-304559937-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL =
SearchScopes: HKU\S-1-5-21-583765230-2512379700-304559937-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> G:\Program Files (x86)\Avast!\aswWebRepIE64.dll [2015-04-09] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> G:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> G:\Program Files (x86)\Avast!\aswWebRepIE.dll [2015-04-09] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-583765230-2512379700-304559937-1000 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKU\S-1-5-21-583765230-2512379700-304559937-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-583765230-2512379700-304559937-1000 -> No Name - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - G:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-06-10] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Punisher\AppData\Roaming\Mozilla\Firefox\Profiles\3135epey.default-1430218044499
FF Homepage: www.facebook.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> G:\PROGRA~3\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-12-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-12-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-583765230-2512379700-304559937-1000: @acestream.net/acestreamplugin,version=2.2.1.1-next -> C:\Users\Punisher\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-07-09] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-583765230-2512379700-304559937-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: Adblock Plus - C:\Users\Punisher\AppData\Roaming\Mozilla\Firefox\Profiles\3135epey.default-1430218044499\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - G:\Program Files (x86)\Avast!\WebRep\FF
FF Extension: Avast Online Security - G:\Program Files (x86)\Avast!\WebRep\FF [2014-04-27]
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKU\S-1-5-21-583765230-2512379700-304559937-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Users\Punisher\AppData\Local\AdTrustMedia\PrivDog\PrivDog_chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - G:\Program Files (x86)\Avast!\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - G:\Program Files (x86)\Avast!\WebRep\Chrome\aswWebRepChrome.crx [2015-04-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; G:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-31] (Advanced Micro Devices, Inc.) [File not signed]
R2 AODService; D:\Program Files\AMD\OverDrive\AODAssist.exe [136616 2010-04-23] ()
R2 avast! Antivirus; G:\Program Files (x86)\Avast!\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
S3 AvastVBoxSvc; G:\Program Files (x86)\Avast!\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-28] (Avast Software)
R2 MbaeSvc; G:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [656184 2015-04-08] (Malwarebytes Corporation)
S2 MBAMService; G:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-16] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; G:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-12] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AODDriver2; D:\Program Files\AMD\OverDrive\amd64\AODDriver2.sys [52352 2010-04-23] (Advanced Micro Devices)
S2 AODDriver4.3; G:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] ()
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [13760 2013-07-21] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [13760 2013-07-21] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-27] (Disc Soft Ltd)
R1 ESProtectionDriver; G:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-04-08] ()
S3 FLASHSYS; D:\Program Files\MSI\Live Update 4\LU4\FLASHSYS64.sys [15192 2008-02-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
S3 mv2; C:\Windows\System32\DRIVERS\mv2.sys [12904 2012-02-16] (UVNC BVBA)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7599v1F0\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; G:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 V0220Dev; C:\Windows\System32\DRIVERS\V0220Dev.sys [208352 2007-08-15] (Creative Technology Ltd.)
S3 V0220Vfx; C:\Windows\System32\DRIVERS\V0220Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R2 VBoxAswDrv; G:\Program Files (x86)\Avast!\ng\vbox\VBoxAswDrv.sys [273824 2015-04-28] (Avast Software)
S3 ALSysIO; \??\C:\Users\Punisher\AppData\Local\Temp\ALSysIO64.sys [X]
S3 CsrBtPort; system32\DRIVERS\CsrBtPort.sys [X]
S3 csrpan; system32\DRIVERS\csrpan.sys [X]
S3 csrserial; system32\DRIVERS\csrserial.sys [X]
S3 csrusb; System32\Drivers\csrusb.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 PCAlertDriver; \??\C:\Program Files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 16:02 - 2015-04-30 16:03 - 00020747 _____ () C:\Users\Punisher\Desktop\FRST.txt
2015-04-30 15:46 - 2015-04-30 16:03 - 00000000 ____D () C:\FRST
2015-04-30 15:46 - 2015-04-30 15:46 - 02101248 _____ (Farbar) C:\Users\Punisher\Desktop\FRST64.exe
2015-04-30 09:12 - 2015-04-30 16:02 - 00000000 __SHD () C:\found.001
2015-04-28 17:58 - 2015-04-30 14:25 - 00000000 ____D () C:\Users\Punisher\AppData\Local\Spotify
2015-04-28 17:58 - 2015-04-28 17:58 - 00001813 _____ () C:\Users\Punisher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-28 17:57 - 2015-04-30 14:25 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Spotify
2015-04-28 13:26 - 2015-04-28 13:26 - 00002802 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-28 13:26 - 2015-04-28 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-28 13:26 - 2015-04-28 13:26 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-28 00:21 - 2015-04-28 00:21 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-28 00:21 - 2015-04-28 00:21 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-26 13:30 - 2015-04-30 14:47 - 00012628 _____ () C:\Users\Punisher\Desktop\Party.xlsx
2015-04-25 11:08 - 2015-04-25 11:08 - 00000000 ____D () C:\Users\Punisher\Downloads\Odin3
2015-04-22 20:56 - 2015-04-22 20:56 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
2015-04-22 20:49 - 2015-04-22 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
2015-04-21 22:05 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-21 22:05 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-04-21 22:05 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-21 22:05 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-04-21 22:05 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-21 22:05 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-20 22:06 - 2015-04-20 22:07 - 00000080 _____ () C:\Users\Punisher\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-04-19 23:38 - 2015-04-19 23:38 - 00000000 _____ () C:\Users\Punisher\Sti_Trace.log
2015-04-17 00:07 - 2015-04-20 22:04 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-04-17 00:07 - 2015-04-20 22:04 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-04-16 23:50 - 2015-04-16 23:50 - 00000000 ____D () C:\Users\Punisher\AppData\Local\Rockstar Games
2015-04-16 23:49 - 2015-04-17 00:12 - 00000000 ____D () C:\Users\Punisher\Documents\Rockstar Games
2015-04-16 19:48 - 2015-04-16 19:48 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-04-16 19:40 - 2015-04-16 19:40 - 00057374 _____ () C:\Windows\SysWOW64\CCCInstall_201504161940321788.log
2015-04-16 19:40 - 2015-04-16 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-04-16 19:40 - 2015-04-16 19:40 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-04-16 19:38 - 2015-04-16 19:38 - 00000000 ____D () C:\ProgramData\ATI
2015-04-16 17:50 - 2015-04-16 17:52 - 00000000 ____D () C:\Windows\rescache
2015-04-16 13:44 - 2015-03-10 02:31 - 17882112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 13:44 - 2015-03-10 02:19 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 13:44 - 2015-03-10 02:19 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-16 13:44 - 2015-03-10 02:18 - 10931200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 13:44 - 2015-03-10 02:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 13:44 - 2015-03-10 02:14 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 13:44 - 2015-03-10 02:13 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-16 13:44 - 2015-03-10 02:13 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-16 13:44 - 2015-03-10 02:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-16 13:44 - 2015-03-10 02:13 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 13:44 - 2015-03-10 02:13 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 13:44 - 2015-03-10 02:13 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-16 13:44 - 2015-03-10 02:13 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-16 13:44 - 2015-03-10 02:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-16 13:44 - 2015-03-10 02:12 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-16 13:44 - 2015-03-10 02:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-16 13:44 - 2015-03-10 02:12 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-16 13:44 - 2015-03-10 02:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-16 13:44 - 2015-03-10 02:12 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-16 13:44 - 2015-03-10 02:12 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-16 13:44 - 2015-03-10 02:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-16 13:44 - 2015-03-10 02:12 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-16 13:44 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-16 13:44 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-16 13:44 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-16 13:44 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-16 13:44 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-16 13:44 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-16 13:44 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-16 13:44 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-16 13:44 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-16 13:44 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-16 13:44 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-16 13:44 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-16 13:44 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-16 13:44 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-16 13:44 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-16 13:44 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-16 13:44 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-16 13:44 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-16 13:44 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-16 13:44 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-16 13:44 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-16 13:44 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-16 13:43 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-16 13:43 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-16 13:43 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-16 13:43 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-16 13:43 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-16 13:43 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-16 13:43 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-16 13:43 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-16 13:43 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-16 13:43 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-16 13:43 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 13:43 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-16 13:43 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-16 13:43 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-16 13:43 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-16 13:43 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-16 13:43 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 13:43 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-16 13:43 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-16 13:43 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 13:43 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-16 13:43 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-16 13:43 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-16 13:43 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-16 13:43 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-16 13:43 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-16 13:43 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-16 13:43 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-16 13:43 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-16 13:43 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-16 13:43 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-16 13:43 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-16 13:43 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-16 13:43 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-16 13:43 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-16 13:43 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-16 13:43 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-16 13:43 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-16 13:43 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-16 13:43 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-16 13:43 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-16 13:43 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-16 13:43 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-16 13:43 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-16 13:43 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 13:43 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 13:43 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 13:43 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-16 13:43 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-16 13:43 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-16 13:43 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 13:43 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-16 13:43 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-16 13:38 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 13:38 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 13:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 11:54 - 2015-04-15 11:54 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\MK10
2015-04-15 11:26 - 2015-04-15 11:26 - 00000755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat X.lnk
2015-04-14 22:11 - 2015-04-14 22:11 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 20:41 - 2015-04-14 20:41 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\FileOpen
2015-04-10 09:24 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-10 09:24 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-10 09:24 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-10 09:24 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-10 09:24 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-10 09:24 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-10 09:24 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-10 09:24 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-10 01:27 - 2015-04-10 01:27 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Remote Control Server
2015-04-09 18:01 - 2015-04-09 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Control Server
2015-04-09 17:58 - 2015-04-10 09:05 - 00000000 ____D () C:\Users\Punisher\AppData\Local\Downloaded Installations
2015-04-09 16:33 - 2015-04-09 16:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-04-04 16:46 - 2015-04-20 21:49 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-03 11:57 - 2015-04-03 18:38 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Winamp
2015-04-03 11:57 - 2015-04-03 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-04-03 01:45 - 2015-04-03 01:45 - 00000000 ____D () C:\Users\Punisher\AppData\Local\Steppschuh
2015-04-02 18:33 - 2015-04-02 18:35 - 00000000 ____D () C:\Users\Punisher\Documents\Dolphin Emulator
2015-04-02 16:42 - 2015-04-02 16:42 - 00003170 _____ () C:\Windows\System32\Tasks\{DF4F38A3-6776-40D7-B5FC-96A675A2E8A1}
2015-04-02 16:24 - 2015-04-02 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2015-04-01 11:48 - 2015-04-02 16:05 - 00001463 _____ () C:\Users\Punisher\AppData\Local\RecConfig.xml
2015-04-01 11:16 - 2015-04-01 11:16 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2015-04-01 10:32 - 2015-04-01 10:32 - 00000000 ____D () C:\ProgramData\RapidSolution
2015-04-01 00:46 - 2015-04-01 00:46 - 00000000 ____D () C:\Users\Punisher\.tfo6
2015-03-31 22:47 - 2015-03-31 22:47 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-03-31 22:47 - 2015-03-31 22:47 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-03-31 22:47 - 2015-03-31 22:47 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-03-31 22:47 - 2015-03-31 22:47 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-03-31 22:46 - 2015-03-31 22:46 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-03-31 22:46 - 2015-03-31 22:46 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-03-31 22:46 - 2015-03-31 22:46 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-03-31 22:43 - 2015-03-31 22:43 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-03-31 22:41 - 2015-03-31 22:41 - 19338752 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-03-31 22:33 - 2015-03-31 22:33 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-03-31 22:33 - 2015-03-31 22:33 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2015-03-31 22:33 - 2015-03-31 22:33 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-03-31 22:33 - 2015-03-31 22:33 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-03-31 22:33 - 2015-03-31 22:33 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-03-31 22:33 - 2015-03-31 22:33 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-03-31 22:32 - 2015-03-31 22:32 - 40990208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-03-31 22:32 - 2015-03-31 22:32 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-31 22:32 - 2015-03-31 22:32 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-31 22:26 - 2015-03-31 22:26 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-03-31 22:22 - 2015-03-31 22:23 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-31 22:22 - 2015-03-31 22:22 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-03-31 22:20 - 2015-03-31 22:20 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-03-31 22:20 - 2015-03-31 22:20 - 05837824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-03-31 22:20 - 2015-03-31 22:20 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-03-31 22:20 - 2015-03-31 22:20 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-03-31 22:20 - 2015-03-31 22:20 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-03-31 22:20 - 2015-03-31 22:20 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2015-03-31 22:17 - 2015-03-31 22:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00639392 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2015-03-31 22:17 - 2015-03-31 22:17 - 00639392 _____ () C:\Windows\system32\atiapfxx.blb
2015-03-31 22:17 - 2015-03-31 22:17 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-03-31 22:17 - 2015-03-31 22:17 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-03-31 22:14 - 2015-03-31 22:14 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-03-31 22:14 - 2015-03-31 22:14 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-03-31 22:13 - 2015-03-31 22:13 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2015-03-31 22:13 - 2015-03-31 22:13 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-03-31 22:13 - 2015-03-31 22:13 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-03-31 22:13 - 2015-03-31 22:13 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-03-31 22:13 - 2015-03-31 22:13 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-03-31 22:10 - 2015-03-31 22:10 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-03-31 22:09 - 2015-03-31 22:09 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-03-31 22:09 - 2015-03-31 22:09 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-03-31 22:09 - 2015-03-31 22:09 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-03-31 22:09 - 2015-03-31 22:09 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-03-31 22:09 - 2015-03-31 22:09 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-03-31 22:09 - 2015-03-31 22:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-03-31 22:09 - 2015-03-31 22:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-03-31 22:09 - 2015-03-31 22:09 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-03-31 16:37 - 2015-03-31 16:37 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2015-03-31 16:35 - 2015-03-31 16:35 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2015-03-31 09:32 - 2015-03-31 09:32 - 00000000 ____D () C:\Users\Punisher\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-31 01:55 - 2015-03-31 01:55 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 16:02 - 2011-12-24 21:45 - 01065358 _____ () C:\Windows\WindowsUpdate.log
2015-04-30 15:31 - 2009-07-14 06:45 - 00027216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-30 15:31 - 2009-07-14 06:45 - 00027216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-30 15:15 - 2012-06-27 05:30 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F6528A5-72C3-47E8-A30D-DEC44BD9BC55}
2015-04-30 15:11 - 2014-03-15 17:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-30 15:04 - 2014-12-10 14:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-30 12:28 - 2011-12-27 10:13 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Media Player Classic
2015-04-30 09:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-30 01:34 - 2011-12-25 11:43 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\KeePass
2015-04-29 14:36 - 2015-03-30 03:46 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-04-29 11:21 - 2014-04-27 22:16 - 00004166 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-29 02:56 - 2012-01-31 23:19 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Skype
2015-04-29 02:00 - 2014-08-29 00:28 - 00000000 ____D () C:\Users\Punisher\AppData\Local\Adobe
2015-04-29 00:50 - 2015-03-30 03:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-04-28 18:21 - 2011-12-25 10:54 - 00000000 ____D () C:\Users\Punisher\Desktop\Anwendungen
2015-04-28 13:28 - 2011-12-25 11:51 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\DAEMON Tools Lite
2015-04-28 00:56 - 2014-12-10 14:15 - 00000000 ____D () C:\AdwCleaner
2015-04-28 00:21 - 2014-04-27 22:16 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-28 00:21 - 2014-04-27 22:16 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-28 00:21 - 2014-04-27 22:16 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-28 00:21 - 2014-04-27 22:16 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-28 00:21 - 2014-04-27 22:16 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-28 00:21 - 2014-04-27 22:16 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-28 00:21 - 2014-04-27 22:16 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-28 00:21 - 2014-04-27 22:16 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-28 00:19 - 2014-12-10 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-04-27 15:04 - 2012-05-09 05:38 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\Mp3tag
2015-04-25 09:12 - 2015-03-03 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2015-04-25 09:12 - 2011-12-25 13:54 - 00000000 ____D () C:\Users\Punisher\Desktop\Games
2015-04-25 09:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-24 14:49 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-24 14:48 - 2013-01-29 18:38 - 00000744 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-23 08:07 - 2013-01-29 18:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 20:51 - 2012-06-12 23:44 - 00000000 ____D () C:\Users\Punisher\AppData\Roaming\vlc
2015-04-22 02:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-22 02:28 - 2014-10-21 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-20 21:53 - 2013-10-21 13:43 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-20 21:48 - 2014-10-21 21:14 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-19 23:38 - 2011-12-24 21:53 - 00000000 ____D () C:\Users\Punisher
2015-04-16 19:40 - 2011-12-26 23:41 - 00000000 ____D () C:\ProgramData\AMD
2015-04-16 13:52 - 2012-02-16 07:23 - 01602780 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 13:52 - 2009-07-14 19:58 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2015-04-16 13:52 - 2009-07-14 19:58 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2015-04-16 13:51 - 2009-07-14 07:13 - 01602780 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 13:50 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 13:47 - 2011-12-24 22:33 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 22:11 - 2014-03-15 17:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 22:11 - 2013-03-26 03:05 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 22:11 - 2013-03-26 03:05 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 20:37 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-14 09:37 - 2014-12-10 14:25 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-12-10 14:25 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-12-10 14:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-10 13:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-10 09:55 - 2014-12-10 12:07 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-10 09:55 - 2014-04-22 23:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-06 08:08 - 2011-12-25 14:55 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2015-04-05 20:04 - 2015-02-28 18:10 - 38407831 _____ () C:\Users\Punisher\Desktop\GeburtstagsKarte.psd
2015-04-04 16:52 - 2012-02-02 23:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-04 16:52 - 2012-01-31 23:19 - 00000000 ____D () C:\ProgramData\Skype
2015-04-03 12:02 - 2012-07-10 02:08 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-03-31 22:46 - 2014-07-09 17:52 - 09406624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-03-31 22:46 - 2014-07-09 17:52 - 01134688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-03-31 22:46 - 2014-07-09 17:52 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-03-31 22:46 - 2014-07-09 17:52 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-03-31 22:46 - 2014-07-09 17:51 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-03-31 22:46 - 2014-07-09 17:51 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-03-31 22:46 - 2011-11-10 05:15 - 01358192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-03-31 22:46 - 2011-11-10 04:51 - 11083488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-03-31 22:46 - 2011-11-10 04:11 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-03-31 22:13 - 2014-07-09 17:24 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-03-31 22:09 - 2014-07-09 17:20 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
==================== Files in the root of some directories =======
2015-02-11 17:05 - 2015-02-11 17:05 - 0000132 _____ () C:\Users\Punisher\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-01-18 15:22 - 2012-01-18 15:52 - 0000412 _____ () C:\Users\Punisher\AppData\Roaming\All CPU Meter_Settings.ini
2013-03-28 18:37 - 2013-03-28 18:37 - 1178624 _____ (CPUID) C:\Users\Punisher\AppData\Roaming\siw_sdk.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Punisher\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Punisher\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Punisher\AppData\Local\CDRip.dll
2011-12-29 02:36 - 2012-02-09 19:55 - 0006656 _____ () C:\Users\Punisher\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Punisher\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Punisher\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Punisher\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Punisher\AppData\Local\ogg.dll
2015-04-01 11:48 - 2015-04-02 16:05 - 0001463 _____ () C:\Users\Punisher\AppData\Local\RecConfig.xml
2011-12-27 23:19 - 2011-12-27 23:20 - 0007605 _____ () C:\Users\Punisher\AppData\Local\Resmon.ResmonCfg
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Punisher\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Punisher\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Punisher\AppData\Local\vorbisfile.dll
2014-04-30 01:40 - 2014-04-30 01:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Punisher\AppData\Local\Temp\mailcheck_ff_2014_12_02.exe
C:\Users\Punisher\AppData\Local\Temp\proxy_vole6257970682209560670.dll
C:\Users\Punisher\AppData\Local\Temp\sdan.exe
C:\Users\Punisher\AppData\Local\Temp\sdapk.exe
C:\Users\Punisher\AppData\Local\Temp\sdaspwn.exe
C:\Users\Punisher\AppData\Local\Temp\SpyHunter-Installer.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-30 10:14
==================== End Of Log ============================
--- --- ---
Code:
Alles auswählen Aufklappen ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Punisher at 2015-04-30 16:03:30
Running from C:\Users\Punisher\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-583765230-2512379700-304559937-500 - Administrator - Disabled)
fbwuser (S-1-5-21-583765230-2512379700-304559937-1015 - Limited - Enabled)
Gast (S-1-5-21-583765230-2512379700-304559937-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-583765230-2512379700-304559937-1007 - Limited - Enabled)
Punisher (S-1-5-21-583765230-2512379700-304559937-1000 - Administrator - Enabled) => C:\Users\Punisher
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F37C2975-92EA-59CA-59E6-50E56F0E76DD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{69FB248E-690D-434F-94A7-248D5F1ECD70}) (Version: 3.2.1.0439 - Advanced Micro Devices, Inc.)
Any Video Converter 3.3.4 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2838 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Creative Live! Cam Center (HKLM-x32\...\Creative Live! Cam Center) (Version: - )
Creative Live! Cam Video IM Driver (1.03.02.00) (HKLM\...\Creative VF0220) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DMC Devi May Cry (c) Capcom version 1 (HKLM-x32\...\DMC Devi May Cry (c) Capcom_is1) (Version: 1 - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dr. Hardware 2015 15.0d (HKLM-x32\...\Dr. Hardware 2015_is1) (Version: - Peter A. Gebhard)
Far Cry 4 Update v1.7 (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.17 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: - Dominik Reichl)
K-Lite Codec Pack 8.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.2.0 - )
KMSpico v9.3.2 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Liveupdate4 (HKLM-x32\...\Liveupdate4_is1) (Version: - MSI, Inc.)
Malwarebytes Anti-Exploit version 1.06.1.1019 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.06.1.1019 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.34 - mIRC Co. Ltd.)
Mortal Kombat X (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.50 (HKLM-x32\...\Mp3tag) (Version: v2.50 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.7 - Black Tree Gaming)
Nitro Reader 3 (HKLM\...\{47220B83-D895-4262-9227-E5D8FA7F7384}) (Version: 3.5.2.10 - Nitro)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OverclockingCenter (HKLM-x32\...\OverclockingCenter_is1) (Version: - MSI, Inc.)
P2PFilter 3.0.5 (HKLM-x32\...\P2PFilter) (Version: 3.0.5 - SopCast.com)
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFTK Builder 3.5.3 (HKLM-x32\...\PDFTK Builder_is1) (Version: - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Sacred 3 (HKLM-x32\...\U2FjcmVkMw==_is1) (Version: 1 - )
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)
Spectrasonics Stylus RMX Library version 1.0 (HKLM-x32\...\Spectrasonics Stylus RMX Library_is1) (Version: - Copyright (C) 2005-2011 Spectrasonics)
Spectrasonics Stylus RMX VSTi Plug-In version 1.9 (HKLM-x32\...\Spectrasonics Stylus RMX VSTi Plug-In_is1) (Version: - Copyright (C) 2005-2011 Spectrasonics)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-583765230-2512379700-304559937-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Superior Drummer Installer (HKLM-x32\...\{009AC76E-1A66-4682-82B7-417E77F3C648}) (Version: 2.0.1 - Toontrack)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.145 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.145 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.145 - TuneUp Software) Hidden
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Waves Complete V9r7 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.7 - Waves)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-583765230-2512379700-304559937-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Restore Points =========================
28-04-2015 12:44:34 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2013-04-30 18:12 - 00006077 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 adobeereg.com
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
127.0.0.1 199.7.54.72
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 adobeereg.com
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
127.0.0.1 199.7.54.72
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04C58698-A04E-4171-AF04-41D788E2B5B8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {07B89D5F-2649-450E-A443-0AC32C8BE5E5} - System32\Tasks\{84F2C64B-AA81-4346-8064-508F6A1DF59D} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0C0E9542-6C48-46F5-BD39-BE3B88705182} - System32\Tasks\{C8F9A31F-218F-418B-B007-26E685A40D5D} => pcalua.exe -a "D:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "D:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {0DA4F50D-30BD-4FE6-960E-6D6F15E44177} - System32\Tasks\{6CB673F6-A80F-4364-A602-BA821913D726} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {1420FF08-E61B-4633-BD98-CDEF51658EEB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1B8FE8F6-A7CF-4709-8559-10A8562583E5} - System32\Tasks\AdobeAAMUpdater-1.0-Punisher-PC-Punisher => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
Task: {1DD6E6FD-8E93-45CA-9E5A-602F825985B0} - System32\Tasks\avast! Emergency Update => G:\Program Files (x86)\Avast!\AvastEmUpdate.exe [2015-04-28] (Avast Software s.r.o.)
Task: {1DE606B5-1EE1-414D-94B1-3770C30CEC07} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => G:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-10-12] (TuneUp Software)
Task: {2F0C362B-39AC-4497-959B-E574741C8FC7} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {30632510-3858-4301-9F6C-33BF737909C3} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {3344CFF0-2A0C-46AC-A827-2B504764B825} - System32\Tasks\Core Temp Autostart => D:\Program Files\Core Temp\Core Temp.exe
Task: {4186438C-E5EE-4307-9AF9-FD57CD67EA50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {54901AC4-46E0-442B-8FC0-EE3DBEFA4252} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {5CC425DE-BCA9-4B06-9091-6B3E8B18E28B} - System32\Tasks\{A2B445AF-7D09-4456-A842-E2E213298419} => pcalua.exe -a G:\Downloads\SopFilter\Setup-P2PFilter-3.0.5-2009-1-23.exe -d G:\Downloads\SopFilter
Task: {5DD5ED36-0ED7-48BC-BA98-8B2ABFE42F4A} - System32\Tasks\{9FC6208B-DA8B-4F29-999E-371A1E4331BA} => C:\Program Files (x86)\MSI\PC Alert 4\PCAlert4.exe
Task: {638CC6E8-42B9-477C-9278-43163CA55DF0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {737520C4-319C-4D04-9ECA-77F3A9E555C4} - System32\Tasks\{4E05B392-1FBC-4523-B205-C0C752C8C31C} => Chrome.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {7708CF8E-B367-4CA3-9EE9-9E10E6A1C325} - System32\Tasks\{E8C55AB6-2D1D-415C-ACC8-AC531DD5186E} => Chrome.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/go/help.faq.installer?LastError=1603
Task: {7E0B5B33-383D-4090-BE7C-E89FE0F6479B} - System32\Tasks\{0408F0C5-F4B1-4F49-94BD-123EF2BCE82C} => Chrome.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {7E6C5CFD-BFC0-46C5-9C68-417CBF440628} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {83EA5728-946E-41E2-962C-05C42FC630CF} - System32\Tasks\AutoPico Daily Restart => G:\Program Files\KMSpico\AutoPico.exe [2014-08-12] (@ByELDI)
Task: {8A843319-D13A-4C59-8B56-4CFC82548BE2} - System32\Tasks\{7F129E65-3365-4A72-9A32-EC80055030AE} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9E54E0F1-A220-4D74-B375-23EB99035BE7} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9EF54EAF-6913-4F8B-8F9F-BF8348B9D87E} - System32\Tasks\{AE9E34C3-5A70-4217-B78D-7FF6FDE64F65} => pcalua.exe -a "G:\Program Files (x86)\Thief\Uninstall.exe"
Task: {A045A3E9-D353-4089-999E-215DCFD7EEAB} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A3FEB20C-8801-4EAA-BEF0-A024799CFA36} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {C0CC4448-83EC-434C-90F4-B5887F1A803C} - System32\Tasks\{824DD8E9-D0BD-41E3-80CC-C8981DA8FF35} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {C939FA88-14BB-4900-8BEA-6FC394105A75} - System32\Tasks\{F797578C-8ACE-4802-BB94-BB1DA067E20D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D02F7C5B-93BD-4B04-B8B0-80EF0A514219} - System32\Tasks\{DF4F38A3-6776-40D7-B5FC-96A675A2E8A1} => pcalua.exe -a C:\Users\Punisher\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=ima
Task: {D2A5D2E8-795B-45CA-BC6D-B37DB2B0EC31} - System32\Tasks\{E6680CBE-07DC-4909-A127-6607D97001EE} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D84C0EFA-C2EC-4817-8040-F4ECD7CCE825} - System32\Tasks\{A76D11E4-990C-4952-83EF-E845080A0B2D} => pcalua.exe -a C:\Users\Punisher\Desktop\Diablo-III-8370-deDE-Installer-downloader.exe -d C:\Users\Punisher\Desktop
Task: {DCCCBC74-4904-41BD-BDFC-48F4576B8D16} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E4AC65B8-5667-45C1-AA63-42C2F674CEBE} - System32\Tasks\Google Updater and Installer => C:\Users\Punisher\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E7700CCC-5E22-4109-8825-62031A0ECD12} - System32\Tasks\{5A88EABC-5AB0-4D0B-B8E2-26E7DD503665} => pcalua.exe -a D:\Downloads\Starplugs.Vintage.Compressor&Limitter.VST.v1.0\Starplugs.Vintage.Compressor.VST.v1.0-peace-out\setup.exe -d D:\Downloads\Starplugs.Vintage.Compressor&Limitter.VST.v1.0\Starplugs.Vintage.Compressor.VST.v1.0-peace-out
Task: {E9B56171-AC27-4874-9C38-93D7B42A2000} - System32\Tasks\{763F68FF-8C84-49E9-AC95-3B0E2C1299F3} => C:\Program Files (x86)\MSI\PC Alert 4\PCAlert4.exe
Task: {F1F46C92-6687-4B05-97E2-79BD2C63F7C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {F7840004-0B5A-4C64-A5DB-57A58BD81404} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2013-02-15 19:58 - 2012-12-06 14:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2015-03-31 16:24 - 2015-03-31 16:24 - 00214528 _____ () G:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () G:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () G:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2010-04-23 06:39 - 2010-04-23 06:39 - 00136616 _____ () D:\Program Files\AMD\OverDrive\AODAssist.exe
2013-02-09 14:55 - 2014-07-16 23:13 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-12 02:48 - 2013-10-12 02:48 - 00757048 _____ () G:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-02-25 08:06 - 2004-01-29 14:24 - 00040960 _____ () D:\Program Files\KinzuMouseFix\MouseFix.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-31 16:24 - 2015-03-31 16:24 - 00102400 _____ () G:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-12-25 11:41 - 2011-10-19 11:13 - 00323584 _____ () D:\Program Files\KeePass Password Safe 2\KeePass.XmlSerializers.dll
2015-04-28 00:21 - 2015-04-28 00:21 - 00104400 _____ () G:\Program Files (x86)\Avast!\log.dll
2015-04-28 00:21 - 2015-04-28 00:21 - 00081728 _____ () G:\Program Files (x86)\Avast!\JsonRpcServer.dll
2015-04-29 23:23 - 2015-04-29 23:23 - 02925568 _____ () G:\Program Files (x86)\Avast!\defs\15042901\algo.dll
2015-04-30 12:30 - 2015-04-30 12:30 - 02926592 _____ () G:\Program Files (x86)\Avast!\defs\15043000\algo.dll
2010-04-23 06:39 - 2010-04-23 06:39 - 00423328 _____ () D:\Program Files\AMD\OverDrive\Device.dll
2010-04-23 06:39 - 2010-04-23 06:39 - 03847584 _____ () D:\Program Files\AMD\OverDrive\Platform.dll
2010-04-23 06:39 - 2010-04-23 06:39 - 01586592 _____ () D:\Program Files\AMD\OverDrive\QtCore4.dll
2010-04-23 06:39 - 2010-04-23 06:39 - 00361888 _____ () D:\Program Files\AMD\OverDrive\QtXml4.dll
2013-02-25 08:06 - 2004-01-29 14:21 - 00045056 _____ () D:\Program Files\KinzuMouseFix\MouseFixDll.dll
2015-04-09 18:04 - 2015-04-09 18:04 - 40540672 _____ () G:\Program Files (x86)\Avast!\libcef.dll
2015-04-28 17:58 - 2015-04-28 17:58 - 40518200 _____ () C:\Users\Punisher\AppData\Roaming\Spotify\libcef.dll
2015-04-28 17:58 - 2015-04-28 17:58 - 01365560 _____ () C:\Users\Punisher\AppData\Roaming\Spotify\libglesv2.dll
2015-04-28 17:58 - 2015-04-28 17:58 - 00219192 _____ () C:\Users\Punisher\AppData\Roaming\Spotify\libegl.dll
2015-04-28 17:58 - 2015-04-28 17:58 - 00990776 _____ () C:\Users\Punisher\AppData\Roaming\Spotify\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-583765230-2512379700-304559937-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Punisher\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1C425E31-74EB-41BF-A031-558701857402}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{548199FD-C464-4630-AFC3-0A1A960EBE92}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{312EBF25-E414-4F9E-9BCA-D03ACAB5007C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{72E959C5-4670-41B5-9EC7-FD323362B150}] => (Allow) LPort=5900
FirewallRules: [{08CFA8F5-BF29-4E15-8079-D9E3CD4D9284}] => (Allow) LPort=5800
FirewallRules: [{B6033EE6-AB1E-4EB0-B77D-C72F685B425E}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E3683A52-C99E-46AF-B008-1AC32C193A88}] => (Allow) C:\Users\Punisher\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{0739BF0D-2802-4B5C-8A42-93EC5636BBE0}] => (Allow) C:\Users\Punisher\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{4578DF48-A4A8-4805-B4E1-D55D2663F96E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6B97B08E-B762-4880-B173-73C3D0FD83F2}] => (Allow) D:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{99756964-5A98-4B4B-96C2-5D05F64E36CA}] => (Allow) C:\Users\Punisher\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{A3E3D0B4-A6A3-421B-A551-66236B13C1EE}] => (Allow) C:\Users\Punisher\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [TCP Query User{79029955-EB7F-4C2C-9BB9-5CB0A5BCDC11}C:\users\punisher\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\punisher\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0F518967-D5F8-4F81-BA55-B9EF87AEAFF5}C:\users\punisher\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\punisher\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5A7B8B84-8A44-4ECB-B73E-FCA103CD2535}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C3DE8EF1-6224-47A9-B625-9850D1C2099B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{39EAFC66-F1BD-416E-A321-8C9F80303346}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D5268E4-0947-4F29-89C2-77F63FB4FAC5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{742161AA-A6B4-4171-B81F-555013250D61}G:\program files (x86)\mirc\mirc.exe] => (Allow) G:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{96A96E7D-7425-4616-9333-9DC20E2AA79E}G:\program files (x86)\mirc\mirc.exe] => (Allow) G:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{9AF5AB3E-0DBB-4AC7-8B02-1204CEF542AC}G:\program files (x86)\remote control server\remote control server.exe] => (Allow) G:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [UDP Query User{3013B708-8CD8-444B-81A0-440BBE25DF09}G:\program files (x86)\remote control server\remote control server.exe] => (Allow) G:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [TCP Query User{AB486242-E1AE-44A5-93F3-05374B1E5A6A}G:\program files (x86)\remote control server\remote control server.exe] => (Allow) G:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [UDP Query User{6FCCAD3C-1F11-4F7F-B87E-96A7BD01D1AF}G:\program files (x86)\remote control server\remote control server.exe] => (Allow) G:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [{597BCD16-AF17-4DA2-BAAB-3FAC49BBFE0F}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{8E8923A8-F008-4118-A2DF-8AA4FAE8448D}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{783F51E4-D711-465E-AB2D-23E59336D0DF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8F8DA376-4AAD-4F0E-A299-F7D89CF042D4}] => (Allow) D:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A966C9DB-3BBC-4D7D-81F6-964E34D9CB0E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{EFEEDEB6-8154-48FC-92E2-02275B56A56E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{D01B81FF-AC7D-4F33-9C7B-5ADE174666E9}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDCCB0CF-5292-4AC8-AE41-EAC1353DE5F6}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C755E8BF-E3C4-4279-9931-7E30781759C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{10293C15-4DEA-4FBE-A0A6-DA8183436B8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{C4220BFD-6064-4D16-B4F7-4BFA94B7CB73}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9D0033DA-F7BA-4D95-BFAB-688D7FDE19FD}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7C38BAF7-DF41-49AF-B541-C79775EFAC0D}G:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) G:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{79CCDCA8-A5E4-4B90-91CD-9590F3506D8A}G:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) G:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [{AC862887-94B9-46C6-A2C0-65FC2F84F25D}] => (Allow) G:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{2E7A42D5-FE86-429A-A56D-DF9488AD43B3}] => (Allow) G:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{200D43B8-8220-4360-B53A-7B0B31A22564}] => (Allow) G:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{DD33F74E-60C4-4980-9167-5AC689807A55}] => (Allow) G:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0F189042-0804-496B-9B0A-B20B0F9E505F}] => (Allow) G:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DEF139F3-BED5-4FBA-B26B-7942C59B6327}] => (Allow) G:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{44039CCD-FA44-4640-92EE-58CA62CF4F6F}] => (Allow) G:\Program Files (x86)\Avast!\ng\vbox\aswFe.exe
FirewallRules: [{FD56390E-00C4-43B2-B92D-8EE159569DA7}] => (Allow) G:\Program Files (x86)\Avast!\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{5C1D0B04-9BDC-46EC-A7A2-3B0003AB83D9}G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe] => (Block) G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A5CFDF81-5E19-4F0B-B525-73B86B693BF9}G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe] => (Block) G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BFE2AFDD-E4AE-4740-B753-D8912B5ECB55}G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe] => (Block) G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{90E9D408-AF24-4A6F-9030-293DEF4BE75C}G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe] => (Block) G:\program files (x86)\grand.theft.auto.v.full\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{896CB658-D8E9-464D-A822-B8F72C1D2BB4}G:\program files (x86)\sopcast\sopcast.exe] => (Allow) G:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DE484B5E-0C63-41EF-AE9E-F4CF6FB3B701}G:\program files (x86)\sopcast\sopcast.exe] => (Allow) G:\program files (x86)\sopcast\sopcast.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-03-28 17:34:31.476
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Punisher\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-28 17:34:31.367
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Punisher\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-28 17:34:30.899
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Everest\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-28 17:34:30.790
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Everest\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-11-22 00:40:40.951
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-22 00:24:45.029
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-22 00:10:36.219
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-21 19:55:31.648
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-21 17:47:03.650
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-21 17:40:29.444
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 46%
Total physical RAM: 8191.18 MB
Available physical RAM: 4417.3 MB
Total Pagefile: 16380.55 MB
Available Pagefile: 12557.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (C:) (Fixed) (Total:48.83 GB) (Free:0.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (D:) (Fixed) (Total:184.06 GB) (Free:7.21 GB) NTFS
Drive g: (G:) (Fixed) (Total:931.51 GB) (Free:94.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2155EC4A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2A8C2A8B)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
30.04.2015, 15:05
Hybrid-Darstellung
