|
Log-Analyse und Auswertung: Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.06.2015, 20:44 | #16 |
| Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) ESET Online: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=9547cceded9fb44685bf745e6f9f1a81 # end=init # utc_time=2015-06-04 12:49:47 # local_time=2015-06-04 02:49:47 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # nod_component=V3 Build:0x30000000 Update Init Update Download Update Finalize Updated modules version: 24161 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=9547cceded9fb44685bf745e6f9f1a81 # end=updated # utc_time=2015-06-04 12:55:23 # local_time=2015-06-04 02:55:23 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # nod_component=V3 Build:0x30000000 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=9547cceded9fb44685bf745e6f9f1a81 # engine=24161 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-06-04 02:22:47 # local_time=2015-06-04 04:22:47 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 108711 185014417 0 0 # compatibility_mode_1='ESET NOD32 Antivirus 5.2' # compatibility_mode=8222 16777213 100 100 57812703 102260557 0 0 # scanned=176555 # found=1 # cleaned=0 # scan_time=5243 # nod_component=V3 Build:0x30000000 sh=4B4A4011537CCA817795DB11A99C4F9807303D51 ft=1 fh=ae08d5900fc18963 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="C:\Program Files (x86)\EA Games\Battlefield 1942\binkw32.dll" ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=9547cceded9fb44685bf745e6f9f1a81 # end=init # utc_time=2015-06-04 04:14:05 # local_time=2015-06-04 06:14:05 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # nod_component=V3 Build:0x30000000 Update Init Update Download Update Finalize Updated modules version: 24173 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=9547cceded9fb44685bf745e6f9f1a81 # end=updated # utc_time=2015-06-04 04:15:56 # local_time=2015-06-04 06:15:56 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # nod_component=V3 Build:0x30000000 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=9547cceded9fb44685bf745e6f9f1a81 # engine=24173 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-06-04 06:38:08 # local_time=2015-06-04 08:38:08 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 167232 185072938 0 0 # compatibility_mode_1='ESET NOD32 Antivirus 5.2' # compatibility_mode=8222 16777213 100 100 57871224 102319078 0 0 # scanned=392980 # found=1 # cleaned=1 # scan_time=8531 # nod_component=V3 Build:0x30000000 sh=4B4A4011537CCA817795DB11A99C4F9807303D51 ft=1 fh=ae08d5900fc18963 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\EA Games\Battlefield 1942\binkw32.dll" Und lustigerweise hat es NOD32 selbst nicht ausgespuckt SecurityCheck kommt gleich Code:
ATTFilter Results of screen317's Security Check version 1.002 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` ESET NOD32 Antivirus 5.2 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 67 Java version 32-bit out of Date! Adobe Flash Player 17.0.0.188 Adobe Reader 10.1.1 Adobe Reader out of Date! Mozilla Firefox 37.0.2 Firefox out of Date! Google Chrome (43.0.2357.65) Google Chrome (43.0.2357.81) ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus egui.exe ESET NOD32 Antivirus ekrn.exe ESET ESET Online Scanner OnlineScannerApp.exe ESET ESET Online Scanner OnlineCmdLineScanner.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Firefox Hab Version 8 Update 45 drauf. Adobe Reader und Firefox stimmen. Hab beide mal geupdated Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by Yusa-Enes (administrator) on YUSA-ENES-PC on 04-06-2015 21:40:21 Running from C:\Users\Yusa-Enes\Downloads Loaded Profiles: Yusa-Enes & Sebiha & Der Chef & Hayrunnisa (Available Profiles: Yusa-Enes & Sebiha & Der Chef & Hayrunnisa) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (none) C:\Users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe (Spotify Ltd) C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe ( ) C:\Program Files (x86)\LockKey\LockKey.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe () C:\Program Files (x86)\Drakonia Configurator\hid.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-15] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-15] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-07-15] (Lenovo) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2011-12-06] (Conexant Systems, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.) HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-15] (Lenovo) HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( ) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd) HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKU\S-1-5-21-921053363-3756481614-3739615417-1002 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKU\S-1-5-21-921053363-3756481614-3739615417-1002 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Power2GoExpress] => NA HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation) HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd) HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts) HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Facebook Update] => C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-17] (Facebook Inc.) HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\Installer.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation) HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [WLAN Optimizer] => C:\Users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe [109056 2009-08-07] (none) HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [Spotify Web Helper] => C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-08-07] (Spotify Ltd) HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [Facebook Update] => C:\Users\Sebiha\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-31] (Facebook Inc.) HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation) HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd) HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts) HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [WLAN Optimizer] => C:\Users\Sebiha\Desktop\wopt021\WLAN Optimizer.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\SETUP.EXE HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {460804d8-4329-11e4-a201-74e543345de1} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {7c5925b2-faae-11e1-81eb-dc0ea1fe1eec} - G:\LaunchU3.exe -a HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {aeaaafa4-ce51-11e1-88e9-806e6f6e6963} - F:\CTRun\Start.EXE HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {e147d1d2-5cdf-11e4-a471-74e543345de1} - H:\setup.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation) HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd) HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [Facebook Update] => C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-17] (Facebook Inc.) HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [WLAN Optimizer] => C:\Users\Der Chef\Desktop\wopt021\WLAN Optimizer.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [StartMSu] => C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe [81920 2009-04-29] (Creative Technology Ltd) HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [InetReg] => "C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6 HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [1571088 2011-09-22] (Creative Technology Ltd) HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\setup\rsrc\Autorun.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {460804d8-4329-11e4-a201-74e543345de1} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {7c5925b2-faae-11e1-81eb-dc0ea1fe1eec} - G:\LaunchU3.exe -a HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {aeaaafa4-ce51-11e1-88e9-806e6f6e6963} - F:\CTRun\Start.EXE HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {e147d1d2-5cdf-11e4-a471-74e543345de1} - H:\setup.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation) HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd) HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [Facebook Update] => C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-17] (Facebook Inc.) HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [WLAN Optimizer] => C:\Users\Hayrunnisa\Desktop\wopt021\WLAN Optimizer.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\SETUP.EXE HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {460804d8-4329-11e4-a201-74e543345de1} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {7c5925b2-faae-11e1-81eb-dc0ea1fe1eec} - G:\LaunchU3.exe -a HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {aeaaafa4-ce51-11e1-88e9-806e6f6e6963} - F:\CTRun\Start.EXE HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {e147d1d2-5cdf-11e4-a471-74e543345de1} - H:\setup.exe AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-07-15] () GroupPolicyUsers\S-1-5-21-921053363-3756481614-3739615417-1002\User: Group Policy Restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-921053363-3756481614-3739615417-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-921053363-3756481614-3739615417-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-921053363-3756481614-3739615417-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKU\S-1-5-21-921053363-3756481614-3739615417-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN URLSearchHook: HKU\S-1-5-21-921053363-3756481614-3739615417-1002 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-04] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-04] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) Toolbar: HKU\S-1-5-21-921053363-3756481614-3739615417-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{6425074E-F29D-46B6-B8FC-2A2891C4B2C7}: [NameServer] 77.109.138.45,77.109.139.29 FireFox: ======== FF ProfilePath: C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-20] () FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-17] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] () FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc) FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-30] () FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-30] () FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sebiha\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-30] () FF Extension: ADB Helper - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\adbhelper@mozilla.org [2015-04-22] FF Extension: Battlefield Play4Free - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\battlefieldplay4free@ea.com [2015-04-17] FF Extension: Valence - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\fxdevtools-adapters@mozilla.org [2015-04-22] FF Extension: NoScript - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-01] FF Extension: Adblock Plus - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-01] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-08-29] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-30] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-30] CHR Extension: (Google Docs) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-08] CHR Extension: (Google Drive) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-08] CHR Extension: (YouTube) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-08] CHR Extension: (Battlefield Heroes) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-11-08] CHR Extension: (Adblock Plus) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-20] CHR Extension: (Google Search) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-08] CHR Extension: (FoxyProxy Standard) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2014-10-12] CHR Extension: (Bookmark Manager) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16] CHR Extension: (ProxMate) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-05-21] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Google Wallet) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-08] CHR Extension: (Soundload) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\obeamklhbmaapccdahgeafnpfkdkbimo [2014-05-13] CHR Extension: (Gmail) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-08] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [File not signed] S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-12-23] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-12-23] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed] S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-04-17] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-04-17] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-01-14] () S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-10] (Lenovo) S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-23] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-01-14] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) S3 ALSysIO; \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ALSysIO64.sys [X] U3 BcmSqlStartupSvc; No ImagePath S3 catchme; \??\C:\ComboFix\catchme.sys [X] U2 CLKMSVC10_3A60B698; No ImagePath U2 CLKMSVC10_C3B3B687; No ImagePath S3 clwvd; system32\DRIVERS\clwvd.sys [X] U2 DriverService; No ImagePath S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] U2 iATAgentService; No ImagePath U2 idealife Update Service; No ImagePath U3 IGRS; No ImagePath U2 IviRegMgr; No ImagePath U2 Oasis2Service; No ImagePath U2 PCCarerService; No ImagePath U2 ReadyComm.DirectRouter; No ImagePath U2 RichVideo; No ImagePath S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X] U2 RtLedService; No ImagePath U2 SeaPort; No ImagePath U2 SoftwareService; No ImagePath U3 SQLWriter; No ImagePath S3 vm332avs; System32\Drivers\vm332avs.sys [X] S3 wolf; \??\C:\Program Files (x86)\Joygame\WolfTeamTS\avital\wolf64.sys [X] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AcpiVpc.sys 5E813B11629007309E4FC0F0FD2B7C30 C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102 C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\btath_flt.sys 78B183A794A08978EA0A8D017054352B C:\Windows\System32\DRIVERS\athrx.sys 6C496450404ABDC887E56DF462B34255 C:\Windows\System32\DRIVERS\atksgt.sys FC0E8778C000291CAF60EB88C011E931 C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\System32\drivers\BPntDrv.sys AAA4F992F879977A000FE8B8C730CD2C C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\System32\drivers\btath_a2dp.sys EDEBD26DF631A78483707C3F7429027F C:\Windows\System32\drivers\btath_avdt.sys 2F22177BFEA75326DC0C535D71985A4E C:\Windows\System32\DRIVERS\btath_bus.sys D438A33D568C76C24E8D7394981F42DC C:\Windows\System32\DRIVERS\btath_hcrp.sys 6EFA8C93009E0BE0886C2422C7D20BC5 C:\Windows\System32\DRIVERS\btath_lwflt.sys 168506D0F0C8DF588F8A7E25C58A2DE6 C:\Windows\System32\DRIVERS\btath_rcp.sys 7C8FB1D73BD279DD914CCA6ED0F4F62B C:\Windows\System32\DRIVERS\btfilter.sys 58D67C18894F96E89C076150BB76AD40 C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315 C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4 C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37 C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285 C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7 C:\Windows\System32\drivers\CHDRT64.sys 9F6DE1995A188615CEEE908E750A34ED C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\DamageGuardX64.sys 56F4750B7F0CE969E43DE2A76DDA5A5F C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\dgFltrX64.sys 5014042B07FE6CBE0E6C737AA3F1EBFC C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8 C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868 C:\Windows\System32\DRIVERS\eamonm.sys D00EAE9C735A7DEE8049E50D73D25434 C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ehdrv.sys E5EDDE3C8158DD0CBC5812F201DCDED0 C:\Windows\System32\Drivers\ElbyCDIO.sys BE2902E13CA69383F449B6BF927844FB C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\epfwwfpr.sys 3EBB7FD3C605262B942868A1D840F4F1 C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ETD.sys 4B18C33EEDD15BD2AAF99807D36555B3 C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\System32\drivers\fbfmon.sys 0BDD7984DB7AAFF6DFEFD11D82D473DB C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90 C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5 C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57 C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iaStor.sys C224331A54571C8C9162F7714400BBBD C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\System32\DRIVERS\igdkmd64.sys 142CFBE6ED0E498CCA7ABE8DD932C1AF C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\IntcDAud.sys 8E4044C6B71B2F837166F6EDB6BF9100 C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\System32\DRIVERS\iusb3hcs.sys 846354992EBB373F452EB9182D501B08 C:\Windows\System32\DRIVERS\iusb3hub.sys 1D88A23853387D34D52CC8F9DDBFC56C C:\Windows\System32\DRIVERS\iusb3xhc.sys FC5EFD7C797DF19DFB999F0605A7924E C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys F7DFAE6040AC910B7C64EE208A34157D C:\Windows\System32\Drivers\ksecpkg.sys 8FE94F2EF9BF444E93E35D87E210D02F C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\L1C62x64.sys FC741259B7C22379EE83257D7CF91151 C:\Windows\System32\DRIVERS\LhdX64.sys BE166935083F9C38EDFDC21B9A7A679B C:\Windows\System32\DRIVERS\lirsgt.sys 156AB2E56DC3CA0B582E3362E07CDED7 C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56 C:\Windows\system32\drivers\mwac.sys F49FB3C88E263AE9A246593B0BB29294 C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HECIx64.sys 6B01B7414A105B9E51652089A03027CF C:\Windows\System32\drivers\mobiolawave.sys 14F31D60A6C0D73DE9836EDC8F304E83 C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26 C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nvlddmkm.sys 757ACE4D4C9FF0571F86AA5D586B45E8 C:\Windows\System32\DRIVERS\nvpciflt.sys 445422B928D2FE322BB6B956EA77DC7B C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 0C4A0D577A6EF1B9D353851668779944 C:\Windows\System32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9 C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\drivers\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41 C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932 C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit C:\Windows\system32\drivers\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Sftfslh.sys 21AB491BBCC8C1B26FDC402A374AB196 C:\Windows\System32\DRIVERS\Sftplaylh.sys 3B8D43FEEFF7A187534DDDFD675FE123 C:\Windows\System32\DRIVERS\Sftredirlh.sys F1D1B1DC7A8765A09D7640FBF8D20970 C:\Windows\System32\DRIVERS\Sftvollh.sys B3B9ADE7F8C4AF0C20E712E040588543 C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\SysWow64\speedfan.sys 0FFE35F0B0CD5A324BBE22F02569AE3B C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tap0901.sys 3C32FF010F869BC184DF71290477384E C:\Windows\System32\DRIVERS\tap0901t.sys B08740047145B9BCE15BF75CA0F9718A C:\Windows\System32\DRIVERS\taphss6.sys BCF5E78E87D258088346E399E406E501 C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65 C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1 C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7 C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29 C:\Windows\System32\DRIVERS\VClone.sys 3C8E2C591345F38149C69FE8E5DF8C90 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wsvd.sys 83575C43B2BFE9AB0661A7F957E843C0 C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B |
04.06.2015, 20:45 | #17 |
| Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)Code:
ATTFilter ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-04 21:34 - 2015-06-04 21:34 - 00562272 _____ (Oracle Corporation) C:\Users\Yusa-Enes\Downloads\chromeinstall-8u45.exe 2015-06-04 21:30 - 2015-06-04 21:30 - 00852639 _____ () C:\Users\Yusa-Enes\Downloads\SecurityCheck.exe 2015-06-04 02:37 - 2015-06-04 02:37 - 02870984 _____ (ESET) C:\Users\Yusa-Enes\Downloads\esetsmartinstaller_deu.exe 2015-06-03 15:00 - 2015-06-03 15:08 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\MAGIX 2015-06-03 15:00 - 2015-06-03 15:00 - 00001120 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2015.lnk 2015-06-03 15:00 - 2015-06-03 15:00 - 00000000 ____D () C:\Users\Public\Documents\MAGIX 2015-06-03 15:00 - 2015-06-03 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2015-06-03 14:58 - 2015-06-03 15:07 - 00000000 ___RD () C:\Users\Yusa-Enes\Documents\MAGIX 2015-06-03 14:57 - 2015-06-03 15:08 - 00000000 ____D () C:\ProgramData\MAGIX 2015-06-03 14:57 - 2015-06-03 14:58 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2015-06-03 14:50 - 2015-06-03 14:52 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\VirtualDJ 2015-06-03 14:50 - 2015-06-03 14:50 - 00000965 _____ () C:\Users\Yusa-Enes\Desktop\VirtualDJ 8.lnk 2015-06-03 14:50 - 2015-06-03 14:50 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2015-06-03 14:50 - 2015-06-03 14:50 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ 2015-06-03 14:44 - 2015-06-03 14:51 - 436138144 _____ (MAGIX Software GmbH) C:\Users\Yusa-Enes\Downloads\music_maker_2015_dlv_chip_de_20140827_13-38.exe 2015-06-03 14:44 - 2015-06-03 14:45 - 39448576 _____ () C:\Users\Yusa-Enes\Downloads\install_virtualdj_pc_v8.0.2282.msi 2015-06-03 01:40 - 2015-06-03 01:41 - 00001304 _____ () C:\malwarebytes.txt 2015-06-03 01:37 - 2015-06-03 01:37 - 00002110 _____ () C:\Users\Yusa-Enes\Desktop\JRT.txt 2015-06-03 01:33 - 2015-06-03 01:33 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-YUSA-ENES-PC-Windows-7-Home-Premium-(64-bit).dat 2015-06-03 01:33 - 2015-06-03 01:33 - 00000000 ____D () C:\RegBackup 2015-06-03 01:32 - 2015-06-03 01:32 - 02947766 _____ (Thisisu) C:\Users\Yusa-Enes\Downloads\JRT.exe 2015-06-02 23:53 - 2015-06-03 00:15 - 00000000 ____D () C:\AdwCleaner 2015-06-02 23:53 - 2015-06-02 23:53 - 02231296 _____ () C:\Users\Yusa-Enes\Downloads\AdwCleaner_4.206.exe 2015-06-02 19:22 - 2015-06-02 19:22 - 00594982 _____ () C:\Users\Yusa-Enes\Downloads\Carlotta, Band 4- Carlotta - Internat und Prinzenball (2) 2015-06-02 19:13 - 2015-06-02 19:13 - 00594982 _____ () C:\Users\Yusa-Enes\Downloads\Carlotta, Band 4- Carlotta - Internat und Prinzenball (1) 2015-06-02 19:13 - 2015-06-02 19:13 - 00594982 _____ () C:\Users\Yusa-Enes\Downloads\Carlotta, Band 4- Carlotta - Internat und Prinzenball 2015-06-01 15:09 - 2015-06-01 15:09 - 00033057 _____ () C:\ComboFix.txt 2015-06-01 14:53 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-06-01 14:53 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-06-01 14:53 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-06-01 14:53 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-06-01 14:53 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-06-01 14:53 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2015-06-01 14:53 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2015-06-01 14:53 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2015-06-01 14:52 - 2015-06-01 15:09 - 00000000 ____D () C:\Qoobox 2015-06-01 14:51 - 2015-06-01 15:08 - 00000000 ____D () C:\Windows\erdnt 2015-06-01 14:50 - 2015-06-01 14:50 - 05628238 ____R (Swearware) C:\Users\Yusa-Enes\Downloads\ComboFix.exe 2015-05-31 22:14 - 2015-05-31 22:14 - 00000363 _____ () C:\Users\Yusa-Enes\Desktop\nod32.txt 2015-05-31 18:40 - 2015-05-31 18:40 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Yusa-Enes\Downloads\tdsskiller44.exe 2015-05-31 16:15 - 2015-05-31 16:15 - 00000000 ____D () C:\Users\Yusa-Enes\Desktop\rootkit 2015-05-31 07:12 - 2015-05-31 21:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-05-31 07:10 - 2015-05-31 07:11 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Yusa-Enes\Downloads\mbar-1.09.1.1004.exe 2015-05-31 05:15 - 2015-05-31 05:15 - 00041839 _____ () C:\Users\Yusa-Enes\Downloads\frst-addition-ykay.rar 2015-05-31 05:02 - 2015-06-03 00:31 - 00109537 _____ () C:\Users\Yusa-Enes\Downloads\Shortcut.txt 2015-05-31 04:58 - 2015-06-03 00:31 - 00064842 _____ () C:\Users\Yusa-Enes\Downloads\Addition.txt 2015-05-31 04:54 - 2015-06-04 21:41 - 00059276 _____ () C:\Users\Yusa-Enes\Downloads\FRST.txt 2015-05-31 04:53 - 2015-06-04 21:40 - 00000000 ____D () C:\FRST 2015-05-31 04:52 - 2015-05-31 04:53 - 02108928 _____ (Farbar) C:\Users\Yusa-Enes\Downloads\FRST64.exe 2015-05-30 13:17 - 2015-06-03 00:16 - 00002560 _____ () C:\Windows\PFRO.log 2015-05-30 00:09 - 2015-05-30 00:17 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Ubisoft Game Launcher 2015-05-30 00:08 - 2015-05-30 00:08 - 00001212 _____ () C:\Users\Yusa-Enes\Desktop\Uplay.lnk 2015-05-30 00:08 - 2015-05-30 00:08 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-05-30 00:08 - 2015-05-30 00:08 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2015-05-29 23:46 - 2015-05-29 23:46 - 24088192 _____ () C:\Users\Yusa-Enes\Downloads\UbisoftGameLauncherInstaller.exe 2015-05-29 23:40 - 2015-05-29 23:40 - 00000000 ____D () C:\cache 2015-05-28 21:05 - 2015-05-28 21:05 - 00004863 _____ () C:\Users\Yusa-Enes\Downloads\php.ini 2015-05-28 15:16 - 2015-05-28 15:19 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\y22_db_2015_05_28_16_12.sql 2015-05-28 15:15 - 2015-05-28 15:15 - 01928410 _____ () C:\Users\Yusa-Enes\Downloads\y22_db_2015_05_28_16_12.sql.gz 2015-05-27 11:01 - 2015-05-27 11:08 - 00000027 _____ () C:\Users\Yusa-Enes\Desktop\osw.txt 2015-05-26 16:26 - 2015-05-26 16:27 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4 (1) 2015-05-26 16:25 - 2015-05-26 16:26 - 00659416 _____ () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4 (1).zip 2015-05-26 15:57 - 2015-05-26 15:57 - 00034024 _____ () C:\Users\Yusa-Enes\Downloads\AUD-20150520-WA0009.aac 2015-05-20 16:08 - 2015-06-03 18:40 - 00512720 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-20 01:11 - 2015-05-20 01:11 - 00000154 _____ () C:\Windows\DirectX.log 2015-05-20 01:08 - 2015-06-03 18:42 - 00158136 _____ () C:\Users\Yusa-Enes\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-20 01:07 - 2015-05-20 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-05-20 01:07 - 2015-05-20 01:07 - 00000000 ____D () C:\Program Files\7-Zip 2015-05-20 01:05 - 2015-05-20 01:05 - 01376768 _____ () C:\Users\Yusa-Enes\Downloads\7z920-x64.msi 2015-05-19 21:53 - 2015-05-19 21:53 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\3dduke13 2015-05-19 21:52 - 2015-05-19 21:53 - 05910927 _____ () C:\Users\Yusa-Enes\Downloads\3dduke13.zip 2015-05-19 14:44 - 2015-06-04 18:39 - 00009632 _____ () C:\Windows\setupact.log 2015-05-19 14:44 - 2015-05-19 14:44 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-19 04:57 - 2015-06-02 16:19 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-05-19 04:57 - 2015-05-20 16:19 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1432004247 2015-05-19 04:57 - 2015-05-19 04:57 - 00001146 _____ () C:\Users\Public\Desktop\Opera.lnk 2015-05-19 04:57 - 2015-05-19 04:57 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-05-19 04:57 - 2015-05-19 04:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Opera Software 2015-05-19 04:57 - 2015-05-19 04:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Opera Software 2015-05-19 04:56 - 2015-05-19 04:57 - 33411912 _____ (Opera Software) C:\Users\Yusa-Enes\Downloads\Opera_29.0.1795.47_Setup.exe 2015-05-18 16:05 - 2015-05-18 16:05 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Trey Songz - Intermission I & II 2015-05-18 16:01 - 2015-05-18 16:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Jamie Foxx - Hollywood A Story of a Dozen Roses (Deluxe Version) [SR]-ULGang 2015-05-18 16:00 - 2015-05-18 16:00 - 62105255 _____ () C:\Users\Yusa-Enes\Downloads\Jamie Foxx - Hollywood A Story of a Dozen Roses (Deluxe Version) [SR]-ULGang.zip 2015-05-18 15:46 - 2015-05-18 15:51 - 108619398 _____ () C:\Users\Yusa-Enes\Downloads\Trey Songz - Intermission I & II.zip 2015-05-18 15:42 - 2015-05-18 17:24 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Black 18.05.2015 2015-05-15 16:29 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-15 16:29 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 23:46 - 2015-05-13 23:47 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\sacred_gold_schote.biz.7z 2015-05-13 23:34 - 2015-05-13 23:39 - 209715200 _____ () C:\Users\Yusa-Enes\Downloads\sacred_gold_schote.biz.7z.001 2015-05-13 23:34 - 2015-05-13 23:38 - 185491944 _____ () C:\Users\Yusa-Enes\Downloads\sacred_gold_schote.biz.7z.002 2015-05-13 15:56 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 15:56 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-05-13 15:56 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 15:56 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-05-13 15:55 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-13 15:55 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 15:55 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 15:55 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-05-13 15:55 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-05-13 15:55 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 15:55 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-05-13 15:55 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 15:55 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 15:55 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-13 15:55 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-13 15:55 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-05-13 15:55 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-05-13 15:55 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-05-13 15:55 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-05-13 15:55 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-05-13 15:55 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-05-13 15:55 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-05-13 15:55 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-05-13 15:55 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-05-13 15:55 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-05-13 15:55 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-05-13 15:55 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-05-13 15:55 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-05-13 15:55 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-05-13 15:55 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-05-13 15:55 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-05-13 15:55 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-05-13 15:55 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-05-13 15:55 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-05-13 15:55 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-05-13 15:55 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 15:55 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-05-13 15:55 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 15:55 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-05-13 15:55 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 15:55 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 15:55 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 15:55 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 15:55 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 15:55 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 15:55 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 15:55 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 15:55 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 15:55 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 15:55 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 15:55 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 15:55 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 15:55 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 15:55 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 15:55 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 15:55 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 15:55 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 15:55 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-05-13 15:55 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-05-13 15:55 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 15:55 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 15:55 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-05-13 15:55 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-05-13 15:55 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-13 15:55 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-05-13 15:55 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 15:55 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 15:55 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-13 15:55 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 15:55 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-05-13 15:55 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-05-13 15:55 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-05-13 15:55 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-05-13 15:55 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-05-13 15:55 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-05-13 15:55 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-05-13 15:55 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 15:55 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 15:55 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-05-13 15:55 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 15:55 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 15:55 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-13 15:55 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 15:55 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-05-13 15:55 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-05-13 15:55 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-05-13 15:55 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-05-13 15:55 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 15:55 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-05-13 15:55 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-05-13 15:55 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-13 15:55 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-05-13 15:55 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 15:55 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 15:55 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-05-13 15:55 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-05-13 15:55 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-05-13 15:55 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 15:54 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 15:54 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 15:54 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-05-13 15:54 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 15:54 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 15:54 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 15:54 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-05-13 15:54 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 15:54 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 15:54 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 15:54 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 15:54 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-13 15:54 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-13 15:54 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-13 15:54 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-13 15:54 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-13 15:54 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 15:54 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-05-12 23:06 - 2015-05-12 23:06 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\Add-in Express 2015-05-12 23:05 - 2015-05-20 01:09 - 00000000 ____D () C:\ProgramData\WinZip 2015-05-11 20:56 - 2015-05-11 22:16 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Black 11.05.2015 2015-05-10 21:45 - 2015-05-10 21:46 - 00000000 ____D () C:\Program Files (x86)\Football Manager 2015 Editor 2015-05-10 21:43 - 2015-05-10 21:43 - 00001967 _____ () C:\Users\Yusa-Enes\Desktop\Football Manager 2015.lnk 2015-05-10 21:43 - 2015-05-10 21:43 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Football Manager 2015 2015-05-10 21:38 - 2015-06-04 20:37 - 00000000 ____D () C:\Program Files (x86)\Football Manager 2015 2015-05-10 14:47 - 2015-05-10 14:47 - 09132716 _____ () C:\Users\Yusa-Enes\Downloads\FM15_Deutsch_V13.rar 2015-05-10 14:47 - 2015-05-10 14:47 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\FM15_Deutsch_V13 2015-05-10 03:39 - 2015-05-10 03:39 - 10382349 _____ () C:\Users\Yusa-Enes\Downloads\FMRTE 15 build 16 llpplplp.rar 2015-05-10 03:39 - 2015-05-10 03:39 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\FMRTE 15 build 16 llpplplp 2015-05-10 02:52 - 2015-01-21 17:57 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\db 2015-05-10 02:52 - 2015-01-18 21:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\update_1520 2015-05-10 02:52 - 2015-01-18 21:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\languages 2015-05-10 02:52 - 2015-01-18 19:14 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\match_languages 2015-05-09 23:56 - 2015-05-09 23:56 - 00041561 _____ () C:\Users\Yusa-Enes\Downloads\all.zip 2015-05-09 21:55 - 2015-05-09 21:55 - 00368891 _____ () C:\.dbc.bak 2015-05-09 21:40 - 2015-05-10 22:59 - 00369159 _____ () C:\.dbc 2015-05-09 21:38 - 2015-05-09 21:38 - 00367075 _____ () C:\.dbc.dbc 2015-05-08 22:38 - 2015-05-08 22:38 - 01041010 _____ () C:\Users\Yusa-Enes\Downloads\LFCMarshalls FM Transfer Update .fmf.zip 2015-05-08 22:26 - 2015-05-10 21:36 - 00000000 ____D () C:\Program Files (x86)\Sports Interactive 2015-05-08 22:19 - 2015-05-08 22:21 - 83064183 _____ () C:\Users\Yusa-Enes\Downloads\Football Manager 2015 Editor.nosTEAM.rar 2015-05-07 16:20 - 2015-05-07 16:20 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\NoDJ-Certified_Clubtapes_Vol_12 2015-05-07 16:13 - 2015-05-07 16:16 - 172888633 _____ () C:\Users\Yusa-Enes\Downloads\NoDJ-Certified_Clubtapes_Vol_12.zip 2015-05-07 15:41 - 2015-05-05 22:45 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\OJ Da Juiceman - The Realest Nigga I Know 2 2015-05-05 22:18 - 2015-05-07 15:40 - 78153217 _____ () C:\Users\Yusa-Enes\Downloads\The Realest Nigga I Know 2.zip 2015-05-05 21:41 - 2015-06-03 01:40 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-05 21:41 - 2015-05-31 17:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-05 21:41 - 2015-05-05 21:41 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-05 21:41 - 2015-05-05 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-05 21:41 - 2015-05-05 21:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-05-05 21:41 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-05 21:40 - 2015-05-05 21:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Yusa-Enes\Downloads\mbam-setup-majorgeeks-2.1.6.1022.exe 2015-04-29 18:47 - 2015-04-29 18:48 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Skyrim 2015-04-29 18:44 - 2015-04-29 18:44 - 00002433 _____ () C:\Users\Yusa-Enes\Desktop\The Elder Scrolls V Skyrim - Legendary Edition (Launcher).lnk 2015-04-29 18:44 - 2015-04-29 18:44 - 00002379 _____ () C:\Users\Yusa-Enes\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk 2015-04-29 18:20 - 2015-04-29 18:44 - 00000000 ____D () C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition (Game of the Year) 2015-04-26 22:06 - 2015-04-26 22:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-04-22 22:01 - 2015-04-22 22:01 - 00000000 ____D () C:\Users\Yusa-Enes\.android 2015-04-20 21:20 - 2015-04-20 21:20 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Sex-Escapades-14-Good-Vibes-Edition 2015-04-20 21:18 - 2015-04-20 21:19 - 105165590 _____ () C:\Users\Yusa-Enes\Downloads\Sex-Escapades-14-Good-Vibes-Edition.zip 2015-04-19 22:10 - 2015-04-19 23:27 - 00000219 _____ () C:\Users\Yusa-Enes\Desktop\Counter-Strike Global Offensive.url 2015-04-18 03:16 - 2015-04-18 03:16 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\1 - 3213 2015-04-18 03:11 - 2015-04-18 03:11 - 14324698 _____ () C:\Users\Yusa-Enes\Downloads\1 - 3213.rar 2015-04-17 21:16 - 2015-04-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games 2015-04-16 15:49 - 2015-04-16 15:49 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-16 00:33 - 2015-04-16 02:14 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Niqle_Nut_-_Imperal-yunus.*** 2015-04-15 20:16 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 20:16 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 20:16 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 20:16 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 20:16 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 20:16 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 20:16 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 20:16 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 20:16 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 20:16 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 20:16 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 20:16 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-04-15 20:16 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-04-15 20:16 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-04-15 20:16 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-04-15 20:16 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-04-15 20:16 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-15 20:16 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-15 20:16 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-15 20:16 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-15 20:16 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-15 20:16 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-15 20:16 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-15 20:16 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-15 20:16 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 20:16 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-04-15 20:16 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 20:16 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-04-15 20:16 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-04-15 20:15 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-04-15 20:15 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-04-15 20:15 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 20:14 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 20:14 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 20:14 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-04-14 21:30 - 2015-04-14 21:30 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-04-14 21:02 - 2015-04-14 21:03 - 07578290 _____ () C:\Users\Yusa-Enes\Downloads\localhost (5).sql 2015-04-14 03:38 - 2015-04-14 03:38 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL 2015-04-11 22:56 - 2015-04-11 22:56 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Ear Symphonie Vol. 2 2015-04-11 22:06 - 2015-04-11 22:06 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\KLBDMA 2015-04-11 18:06 - 2015-04-11 18:09 - 182788090 _____ () C:\Users\Yusa-Enes\Downloads\KLBDMA.rar 2015-04-11 17:59 - 2015-04-11 18:02 - 28308971 _____ () C:\Users\Yusa-Enes\Downloads\BlumentalsRapidPHPEditor2015v13.2.0.164.rar 2015-04-10 17:10 - 2015-04-10 17:15 - 199229440 _____ () C:\Users\Yusa-Enes\Downloads\Ear Symphonie Vol. 2.part1.rar 2015-04-10 17:10 - 2015-04-10 17:15 - 191960561 _____ () C:\Users\Yusa-Enes\Downloads\Ear Symphonie Vol. 2.part2.rar 2015-04-10 16:57 - 2015-04-10 16:57 - 72598565 _____ () C:\Users\Yusa-Enes\Downloads\Black.Beauty.vol.21.rar 2015-04-10 03:33 - 2015-04-10 03:33 - 00015442 _____ () C:\Users\Yusa-Enes\Downloads\Zippyshare BBCode.zip 2015-04-10 03:12 - 2015-04-10 03:12 - 07493968 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (6).sql 2015-04-10 02:04 - 2015-04-10 02:05 - 07494344 _____ () C:\Users\Yusa-Enes\Downloads\localhost (4).sql 2015-04-10 00:00 - 2015-04-10 00:31 - 07482376 _____ () C:\Users\Yusa-Enes\Downloads\localhost (3).sql 2015-04-09 22:56 - 2015-04-09 22:56 - 02991950 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (5).sql 2015-04-09 22:07 - 2015-04-09 22:11 - 00000158 _____ () C:\Users\Yusa-Enes\Desktop\wordlist.txt 2015-04-08 23:55 - 2015-04-08 23:55 - 08871704 _____ () C:\Users\Yusa-Enes\Downloads\01 Movin' Bass (feat. JAY Z) [GTA Re.m4a 2015-04-07 13:34 - 2015-04-18 03:02 - 00000184 _____ () C:\Users\Yusa-Enes\Desktop\taxischein.txt 2015-04-07 01:38 - 2015-04-07 01:38 - 07969808 _____ (TeamViewer GmbH) C:\Users\Yusa-Enes\Downloads\TeamViewer_Setup_de.exe 2015-04-06 21:34 - 2015-04-30 17:47 - 00000000 ____D () C:\Users\Yusa-Enes\Desktop\stinki mp3 2015-04-04 13:02 - 2015-05-20 16:28 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-04-04 13:02 - 2015-05-20 16:28 - 00000000 ___SD () C:\Windows\system32\GWX 2015-03-31 00:44 - 2015-03-31 00:45 - 02765212 _____ () C:\Users\Yusa-Enes\Downloads\backup_wBB2_201503310044.sql 2015-03-31 00:32 - 2015-03-31 00:32 - 00003566 _____ () C:\Users\Yusa-Enes\Downloads\useronlinelegende in farbe.zip 2015-03-28 01:39 - 2015-03-28 01:39 - 00001229 _____ () C:\Users\Yusa-Enes\Downloads\URLs in der xy_megashoutbox automatisch umwandeln.txt 2015-03-28 01:28 - 2015-03-28 01:29 - 06067328 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (4).sql 2015-03-28 01:28 - 2015-03-28 01:28 - 06067364 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (3).sql 2015-03-28 01:06 - 2015-03-28 01:07 - 06067030 _____ () C:\Users\Yusa-Enes\Downloads\localhost (2).sql 2015-03-28 01:06 - 2015-03-28 01:06 - 00016627 _____ () C:\Users\Yusa-Enes\Downloads\bb1_users.sql 2015-03-28 00:50 - 2015-03-28 00:50 - 06062987 _____ () C:\Users\Yusa-Enes\Downloads\localhost (1).sql 2015-03-25 00:45 - 2015-03-25 00:45 - 00684424 _____ () C:\Users\Yusa-Enes\Downloads\Light_WBB2_1_2_3.zip 2015-03-25 00:39 - 2015-03-25 00:39 - 00227429 _____ () C:\Users\Yusa-Enes\Downloads\WBB 2_3 Hack - Shoutcast Status Advanced 0_4.zip 2015-03-25 00:39 - 2015-03-25 00:39 - 00227429 _____ () C:\Users\Yusa-Enes\Downloads\WBB 2_3 Hack - Shoutcast Status Advanced 0_4 (1).zip 2015-03-24 23:08 - 2015-03-24 23:08 - 05845832 _____ () C:\Users\Yusa-Enes\Downloads\localhost.sql 2015-03-23 23:07 - 2015-03-23 23:07 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Breakfast 2015-03-23 23:05 - 2015-03-23 23:06 - 70315999 _____ () C:\Users\Yusa-Enes\Downloads\Lunch.zip 2015-03-23 23:04 - 2015-03-23 23:05 - 74488932 _____ () C:\Users\Yusa-Enes\Downloads\Dinner.zip 2015-03-23 23:03 - 2015-03-23 23:04 - 66995608 _____ () C:\Users\Yusa-Enes\Downloads\Breakfast.zip 2015-03-23 22:57 - 2015-03-23 22:58 - 58841140 _____ () C:\Users\Yusa-Enes\Downloads\Lamar Starzz - Evelation.rar 2015-03-23 22:39 - 2015-03-23 22:40 - 00000000 ____D () C:\ProgramData\Blumentals 2015-03-23 22:39 - 2015-03-23 22:39 - 00001060 _____ () C:\Users\Yusa-Enes\Desktop\Rapid PHP 2015.lnk 2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Blumentals 2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid PHP 2015 2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\Program Files (x86)\Rapid PHP 2015 2015-03-23 22:38 - 2015-03-23 22:39 - 28224080 _____ (Karlis Blumentals ) C:\Users\Yusa-Enes\Downloads\rapidphp2015.exe 2015-03-23 22:20 - 2015-03-23 22:20 - 00002495 _____ () C:\Users\Yusa-Enes\Downloads\Fix Umlaute in der XundY Megashoutbox V1_3 by kill0rz.txt 2015-03-23 21:56 - 2015-03-23 21:58 - 84776815 _____ () C:\Users\Yusa-Enes\Downloads\Gucci Mane - Breakfast.zip 2015-03-22 04:25 - 2015-06-03 13:42 - 00000106 _____ () C:\Users\Yusa-Enes\Desktop\keyz - dum da dam 27.52.txt 2015-03-20 23:21 - 2015-03-20 23:21 - 00000000 ____D () C:\Users\Yusa-Enes\Desktop\Dokumente 2015-03-20 01:04 - 2015-03-20 01:04 - 02780999 _____ () C:\Users\Yusa-Enes\Downloads\hgfh.rar 2015-03-15 23:15 - 2015-03-15 23:15 - 04071806 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (2).sql 2015-03-15 21:49 - 2015-03-15 21:49 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\FlashFXP 2015-03-15 21:48 - 2015-03-15 21:48 - 05580880 _____ (OpenSight Software LLC ) C:\Users\Yusa-Enes\Downloads\FlashFXP51_3817_Setup.exe 2015-03-15 21:48 - 2015-03-15 21:48 - 00001046 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashFXP 5.lnk 2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 __HDC () C:\ProgramData\{4E9C0E19-EB2A-4563-B74E-07D2536941E3} 2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\ProgramData\regid.2000-02.com.flashfxp 2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\ProgramData\FlashFXP 2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\Program Files (x86)\FlashFXP 5 2015-03-15 20:14 - 2015-03-15 20:14 - 00000851 _____ () C:\Users\Yusa-Enes\Downloads\Ftp ssl@tpereloaded.tk.xml 2015-03-15 20:01 - 2015-03-15 20:02 - 00021094 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (1).sql 2015-03-15 19:57 - 2015-03-15 19:57 - 01738231 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db.sql 2015-03-15 15:44 - 2015-03-15 15:44 - 01972448 _____ () C:\Users\Yusa-Enes\Downloads\backup_wBB2_201503151444.sql 2015-03-15 12:09 - 2015-03-15 12:09 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\Steam 2015-03-15 00:59 - 2015-03-15 00:59 - 00000856 _____ () C:\Users\Yusa-Enes\Downloads\Ftp tpereloa@tpereloaded.tk.xml 2015-03-15 00:54 - 2015-03-15 00:54 - 00000851 _____ () C:\Users\Yusa-Enes\Downloads\Ftp tpe@tpereloaded.tk.xml 2015-03-15 00:45 - 2015-03-15 00:46 - 49887680 _____ () C:\Users\Yusa-Enes\Downloads\The Turn Up Godz Tour.zip 2015-03-14 23:32 - 2015-03-14 23:33 - 44495182 _____ () C:\Users\Yusa-Enes\Downloads\Ratchet Draft pick master.wav 2015-03-14 23:27 - 2015-03-14 23:30 - 151907429 _____ () C:\Users\Yusa-Enes\Downloads\2015 Draft Picks.zip 2015-03-14 23:26 - 2015-03-14 23:29 - 127463064 _____ () C:\Users\Yusa-Enes\Downloads\Catch The Throne The Mixtape Vol. 2.zip 2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN 2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\Program Files\TAP-Windows 2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\Program Files (x86)\OpenVPN 2015-03-13 21:48 - 2015-03-13 21:48 - 01712392 _____ () C:\Users\Yusa-Enes\Downloads\openvpn-install-2.3.6-I001-i686.exe 2015-03-13 21:48 - 2015-03-13 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows 2015-03-12 21:05 - 2015-03-12 21:05 - 00018556 _____ () C:\Windows\unins000.dat 2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\MingGuan 2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black 2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator 2015-03-12 21:05 - 2015-03-12 21:04 - 01192533 _____ () C:\Windows\unins000.exe 2015-03-12 01:09 - 2015-03-12 01:09 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Hard Disk Sentinel 2015-03-12 01:08 - 2015-05-31 17:23 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel 2015-03-12 01:07 - 2015-03-12 01:08 - 20434858 _____ () C:\Users\Yusa-Enes\Downloads\hdsentinel_trial_setup.zip 2015-03-11 23:28 - 2015-03-20 16:36 - 00000000 ____D () C:\CDI 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 ____D () C:\Program Files (x86)\Seagate 2015-03-11 23:11 - 2015-03-11 23:12 - 26771088 _____ () C:\Users\Yusa-Enes\Downloads\SeaToolsforWindowsSetup.exe 2015-03-11 15:18 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 15:18 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 15:18 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 15:18 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 15:18 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 15:18 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 15:18 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 15:18 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 15:18 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 15:18 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 15:18 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 15:18 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 15:18 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 15:18 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 15:18 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 15:17 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 15:17 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 15:17 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 15:17 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 15:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 15:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 15:17 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 15:17 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 15:17 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 15:17 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 15:17 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 15:17 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 15:17 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 15:17 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 15:17 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 15:17 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 15:17 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 15:17 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 15:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 15:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 15:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 15:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 15:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 15:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 15:17 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 15:17 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 15:17 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-03-11 15:17 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-03-11 15:16 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 15:16 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 15:16 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 15:16 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 15:16 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 15:16 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 15:16 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 15:16 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 15:16 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 15:14 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 15:14 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-11 04:41 - 2015-03-11 04:41 - 00544112 _____ () C:\Users\Yusa-Enes\Downloads\Setup_Shutdown4U.exe 2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shutdown4U 2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutdown4U 2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\Program Files\Shutdown4U ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-04 21:36 - 2014-08-13 21:26 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-06-04 21:36 - 2014-02-27 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-06-04 21:35 - 2014-02-27 18:10 - 00000000 ____D () C:\ProgramData\Oracle 2015-06-04 21:35 - 2013-07-19 02:53 - 00000000 ____D () C:\Program Files (x86)\Java 2015-06-04 21:33 - 2013-11-08 18:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-04 21:30 - 2013-03-05 11:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-04 18:41 - 2014-10-13 01:11 - 03374473 _____ () C:\FaceProv.log 2015-06-04 18:33 - 2012-09-01 16:53 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-06-04 17:57 - 2013-03-31 14:52 - 01401125 _____ () C:\Windows\WindowsUpdate.log 2015-06-04 17:57 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-04 17:57 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-04 17:51 - 2012-07-15 10:23 - 00000000 ____D () C:\ProgramData\VeriFace 2015-06-04 17:50 - 2013-11-08 18:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-04 17:50 - 2012-07-15 10:26 - 00210312 _____ () C:\Windows\system32\fastboot.set 2015-06-04 17:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-06-04 02:49 - 2012-10-19 20:35 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\TS3Client 2015-06-03 21:13 - 2012-07-15 19:23 - 20304708 _____ () C:\Windows\system32\perfh007.dat 2015-06-03 21:13 - 2012-07-15 19:23 - 06530622 _____ () C:\Windows\system32\perfc007.dat 2015-06-03 21:13 - 2009-07-14 07:13 - 00006592 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-06-03 20:22 - 2014-09-27 03:06 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\JDownloader 2.0 2015-06-03 15:10 - 2013-03-23 14:15 - 00011264 _____ () C:\Users\Yusa-Enes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-06-03 14:57 - 2014-12-07 02:47 - 00000000 ____D () C:\ProgramData\Package Cache 2015-06-03 14:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2015-06-02 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech 2015-06-01 17:37 - 2012-08-29 17:40 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Skype 2015-06-01 15:06 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2015-05-31 17:24 - 2012-12-09 16:26 - 00000000 ____D () C:\Windows\de 2015-05-30 00:18 - 2013-09-29 22:04 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\My Games 2015-05-30 00:09 - 2012-09-01 21:05 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\CrashDumps 2015-05-30 00:05 - 2012-07-15 09:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-05-30 00:05 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-29 15:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-05-27 22:24 - 2015-01-27 17:07 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2015-05-27 19:30 - 2012-11-06 16:12 - 00000000 ____D () C:\ProgramData\Origin 2015-05-24 18:26 - 2013-11-09 22:29 - 00000000 ____D () C:\JD 2015-05-24 07:16 - 2014-01-06 16:32 - 00000000 ____D () C:\Users\Hayrunnisa\AppData\Roaming\Skype 2015-05-24 07:16 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-05-23 21:33 - 2015-01-07 23:36 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Game Dev Tycoon 2015-05-23 02:28 - 2014-03-08 19:24 - 00000336 _____ () C:\Users\Yusa-Enes\Desktop\2B166A.txt 2015-05-20 16:16 - 2012-08-28 20:30 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Adobe 2015-05-20 16:15 - 2013-03-05 11:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-05-20 16:15 - 2013-03-05 11:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-20 16:15 - 2013-03-05 11:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-05-20 01:14 - 2014-06-03 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-18 00:58 - 2014-04-01 23:37 - 00000000 ____D () C:\csgo 2015-05-15 18:13 - 2011-10-10 10:19 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-15 18:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-15 18:12 - 2014-12-22 16:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-15 18:12 - 2014-12-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-05-15 16:56 - 2012-09-16 13:02 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-15 16:56 - 2012-09-09 20:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client 2015-05-15 16:53 - 2013-08-18 03:04 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-15 16:34 - 2012-08-28 23:15 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-15 16:29 - 2014-12-22 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-15 15:28 - 2013-11-08 18:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-15 15:28 - 2013-11-08 18:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-13 17:43 - 2014-05-14 17:49 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\NVIDIA Corporation 2015-05-13 17:43 - 2014-05-14 17:49 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\NVIDIA 2015-05-13 17:38 - 2012-09-18 20:06 - 00000000 ____D () C:\Users\Sebiha\AppData\Roaming\Skype 2015-05-13 17:30 - 2014-07-14 20:54 - 00000000 ____D () C:\Users\Hayrunnisa\Desktop\PicsArt 2015-05-13 17:26 - 2015-01-10 17:45 - 00000000 ____D () C:\Users\Hayrunnisa\Desktop\Camera 2015-05-13 17:25 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2015-05-12 23:06 - 2012-08-28 20:23 - 00000000 ____D () C:\Users\Yusa-Enes 2015-05-12 21:33 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-11 22:09 - 2014-08-07 21:14 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Spotify 2015-05-11 21:16 - 2014-08-07 21:16 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Spotify 2015-05-10 21:57 - 2014-01-31 23:28 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\Sports Interactive 2015-05-10 21:52 - 2014-01-31 23:28 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Sports Interactive 2015-05-05 21:41 - 2013-01-20 03:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Malwarebytes 2015-05-05 21:41 - 2013-01-20 03:57 - 00000000 ____D () C:\ProgramData\Malwarebytes ==================== Files in the root of some directories ======= 2013-02-27 14:45 - 2013-02-27 15:02 - 0072060 _____ () C:\Users\Yusa-Enes\AppData\Roaming\ArtRom.LST 2013-03-23 14:15 - 2015-06-03 15:10 - 0011264 _____ () C:\Users\Yusa-Enes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-12-21 21:26 - 2012-12-21 21:26 - 0005240 _____ () C:\Users\Yusa-Enes\AppData\Local\recently-used.xbel 2014-08-30 21:37 - 2014-12-22 14:41 - 0002365 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\Yusa-Enes\AppData\Local\Temp\proxy_vole5362866264758235569.dll C:\Users\Yusa-Enes\AppData\Local\Temp\Quarantine.exe C:\Users\Yusa-Enes\AppData\Local\Temp\SkypeSetup.exe C:\Users\Yusa-Enes\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Windows-Start-Manager --------------------- Bezeichner {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale de-DE inherit {globalsettings} default {current} resumeobject {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Windows-Startladeprogramm ------------------------- Bezeichner {775b600f-f13d-11e1-85d4-74e543345de1} device ramdisk=[C:]\Recovery\775b600f-f13d-11e1-85d4-74e543345de1\Winre.wim,{775b6010-f13d-11e1-85d4-74e543345de1} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\775b600f-f13d-11e1-85d4-74e543345de1\Winre.wim,{775b6010-f13d-11e1-85d4-74e543345de1} systemroot \windows nx OptIn winpe Yes Windows-Startladeprogramm ------------------------- Bezeichner {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale de-DE inherit {bootloadersettings} recoverysequence {775b600f-f13d-11e1-85d4-74e543345de1} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec} nx OptIn Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale de-DE inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows-Speichertestprogramm ---------------------------- Bezeichner {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale de-DE inherit {globalsettings} badmemoryaccess Yes EMS-Einstellungen ----------------- Bezeichner {emssettings} bootems Yes Debuggereinstellungen --------------------- Bezeichner {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM-Defekte ----------- Bezeichner {badmemory} Globale Einstellungen --------------------- Bezeichner {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Startladeprogramm-Einstellungen ------------------------------- Bezeichner {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisoreinstellungen ------------------- Bezeichner {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Einstellungen zur Ladeprogrammfortsetzung ----------------------------------------- Bezeichner {resumeloadersettings} inherit {globalsettings} Ger„teoptionen -------------- Bezeichner {775b6010-f13d-11e1-85d4-74e543345de1} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\775b600f-f13d-11e1-85d4-74e543345de1\boot.sdi Optionen zum RAM-Datentr„gersetup --------------------------------- Bezeichner {ramdiskoptions} description Ramdisk options ramdisksdidevice boot ramdisksdipath \boot\boot.sdi LastRegBack: 2015-06-03 12:53 ==================== End of log ============================ Geändert von cosinus (18.05.2022 um 22:42 Uhr) |
04.06.2015, 20:46 | #18 |
| Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) [CODE]Additional
__________________FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by Yusa-Enes at 2015-06-04 21:42:03 Running from C:\Users\Yusa-Enes\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-921053363-3756481614-3739615417-500 - Administrator - Disabled) Der Chef (S-1-5-21-921053363-3756481614-3739615417-1005 - Administrator - Enabled) => C:\Users\Der Chef Gast (S-1-5-21-921053363-3756481614-3739615417-501 - Limited - Disabled) Hayrunnisa (S-1-5-21-921053363-3756481614-3739615417-1006 - Limited - Enabled) => C:\Users\Hayrunnisa HomeGroupUser$ (S-1-5-21-921053363-3756481614-3739615417-1004 - Limited - Enabled) Sebiha (S-1-5-21-921053363-3756481614-3739615417-1002 - Limited - Enabled) => C:\Users\Sebiha Yusa-Enes (S-1-5-21-921053363-3756481614-3739615417-1001 - Administrator - Enabled) => C:\Users\Yusa-Enes ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated) AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Akamai) (Version: - Akamai Technologies, Inc) Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Akamai) (Version: - Akamai Technologies, Inc) Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Akamai) (Version: - Akamai Technologies, Inc) applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version: - Sony Online Entertainment) applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version: - Sony Online Entertainment) applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version: - Sony Online Entertainment) applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version: - Sony Online Entertainment) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.135 - Atheros) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.) Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts) Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions) Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions) Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions) Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions) Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions) Battlefield Play4Free (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions) Battlefield Play4Free (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions) Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.32.50 - Conexant) Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited) Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited) Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - ) DriverEasy 4.7.7 (HKLM\...\DriverEasy_is1) (Version: 4.7.7.0 - Easeware) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo) Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden ESET NOD32 Antivirus (HKLM\...\{E9641237-252F-467E-88FB-5CAB9E42583E}) (Version: 5.2.9.12 - ESET, spol. s r.o.) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai) Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.1.0.3817 - OpenSight Software LLC) Football Manager 2015 - Update 2 Deinstallation (HKLM-x32\...\Football Manager 2015 - Update 2 Deinstallation) (Version: 1.3 - Shadow Eagle) Football Manager 2015 Deinstallation (HKLM-x32\...\Football Manager 2015 Deinstallation) (Version: 1.10 - Shadow Eagle) Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Game Dev Tycoon ULTRA MOD EDITION- BLACKTBK Version 1.4.5 (HKLM-x32\...\{360D3BC1-8A86-40CE-859E-4A67CA22FF76}_is1) (Version: 1.4.5 - GreenHeartGames) gamelauncher-ps2-psg (x86)-Neuer Ordner (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\SOE-C:/Program Files (x86)/Neuer Ordner) (Version: - Sony Online Entertainment) gamelauncher-ps2-psg (x86)-Neuer Ordner (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\SOE-C:/Program Files (x86)/Neuer Ordner) (Version: - Sony Online Entertainment) GeoGebra 4.4 (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\GeoGebra 4.4) (Version: 4.3.78.0 - International GeoGebra Institute) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - ) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.) Lenovo Solution Center (HKLM\...\{CA640F1C-BC62-47B4-BAE1-A6467324EB2F}) (Version: 1.1.006.00 - Lenovo Group Limited) LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo) LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{A1566920-701E-4DEC-B15F-CD3679E0D2E0}) (Version: 4.3.2.0 - MAGIX Software GmbH) MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden MAGIX Music Maker 2015 (HKLM-x32\...\MX.{78E174AA-8527-48DF-97B5-E9038B4163DF}) (Version: 21.0.0.28 - MAGIX Software GmbH) MAGIX Music Maker 2015 (Version: 21.0.0.28 - MAGIX Software GmbH) Hidden Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games) Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{72CCBEA1-8D57-4981-A337-81019F28C5BA}) (Version: 3.5.7283 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla) Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution (HKLM-x32\...\Steam App 272510) (Version: - CyberConnect2 Co., Ltd.) Nero 12 (HKLM-x32\...\{80836C86-1305-40C9-B7C9-F3A75266070D}) (Version: 12.5.01900 - Nero AG) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - ) Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - ) PlanetSide 2 (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.181 - Sony Online Entertainment) PlanetSide 2 (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.181 - Sony Online Entertainment) Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) RAM Clean Tool 1.0.1 (HKLM-x32\...\RAM Clean Tool_is1) (Version: - Ray Siegl) Rapid PHP 2015 v13.2 (HKLM-x32\...\Rapid PHP 2015_is1) (Version: 13.1 - Karlis Blumentals) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.) Revoltec FightMouse Portable 6.0.0.005 (HKLM-x32\...\WheelMouse) (Version: - ) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Shutdown4U (HKLM-x32\...\Shutdown4U) (Version: - ) SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: - ) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com) Sound Blaster Play! (HKLM-x32\...\{6C8D0421-2896-45E0-AFDA-960BC2E2E2EF}) (Version: 1.1 - Creative Technology Limited) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB) Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB) Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB) Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB) Star Wars(TM): Knights of the Old Republic (TM) (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version: - ) Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (HKLM-x32\...\{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1) (Version: +Recorder.2013.55 - eRightSoft) System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) The Elder Scrolls V Skyrim - Legendary Edition (Game of the Year) Deutsche Version 1.9.32.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition (Game of the Year) Deutsche Version 1.9.32.0.8) (Version: 1.9.32.0.8 - .x.X.RIDDICK.X.x.) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc) VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.1230 - Lenovo) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VirtualDJ 8 (HKLM-x32\...\{E869DEC6-0669-464E-B8FC-379E03327318}) (Version: 8.0.2282.0 - Atomix Productions) VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi)) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-921053363-3756481614-3739615417-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 26-05-2015 13:17:40 Windows Update 30-05-2015 00:03:47 Entfernt ANNO 1404 Venedig Entwickler-Tools 30-05-2015 17:35:55 Windows Update 31-05-2015 17:22:34 Malwarebytes Anti-Rootkit Restore Point 02-06-2015 22:10:05 Windows Update 03-06-2015 14:46:13 Installed VirtualDJ 8 03-06-2015 14:57:09 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-06-01 15:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02F43705-8EEF-495C-BE16-1AA11ACEA5AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.) Task: {12B63A94-D8E8-414C-9173-ACF4D1272AED} - System32\Tasks\{6D856A6D-C30D-45B1-9BF0-F919690D6DE7} => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe [2012-11-14] () Task: {1C3FFDFB-B256-45E7-8666-993C3677DEA5} - System32\Tasks\{21EBD7A0-9FF0-4CCA-87FC-52DEEFFAC4BF} => C:\Program Files (x86)\Guild Wars 2\Guild Wars 2\Gw2.exe Task: {20584B39-4A6C-41CD-9AED-F160F0845A85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd) Task: {22CB9228-0D5E-49D9-BFD4-CD2B3853E201} - System32\Tasks\{108B05DC-C7AB-4471-A412-EDE709B51D11} => C:\Program Files (x86)\Borderlands The Pre-Sequel\Binaries\Win32\BorderlandsPreSequel.exe Task: {2FC704C8-5160-4659-B04B-2C7FD1A65296} - System32\Tasks\Lenovo\LSC\CreateHardwareScanTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2012-04-19] (Lenovo) Task: {3280C631-8B8E-45DB-8F8E-384B7F3E002B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {35ADAA34-7406-45C4-8ED1-5B60B403ADD2} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe Task: {3772B4E3-44B3-4FFA-B95F-B4AEF7BEF696} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {4B1D7B20-0A24-486D-8B2D-B95151CB3843} - System32\Tasks\Opera scheduled Autoupdate 1432004247 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software) Task: {51E4BC7E-DA2B-454D-82B9-EE6AD2364AD7} - System32\Tasks\Core Temp Autostart Yusa-Enes => C:\Users\YUSA-E~1\AppData\Local\Temp\Rar$EXa0.712\Core Temp.exe <==== ATTENTION Task: {520B99AB-7970-4DC9-A587-6F5EB3073F63} - System32\Tasks\{55D4422A-79CC-47D4-A8B3-E83149021B87} => pcalua.exe -a E:\Installer.exe -d E:\ Task: {57C5E1DC-425E-4E24-BEF3-3715246D0F7F} - System32\Tasks\{DA6C0AB4-2AE0-4C6F-89A3-03E81D472287} => C:\Program Files (x86)\Football Manager 2013\fm.exe Task: {6A01C67E-3774-4B59-8A01-B2D313C56ACF} - System32\Tasks\{BC8A6B3B-8F67-457E-96F8-4A57B24ED02D} => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe [2012-11-14] () Task: {79373FAD-C841-4CDC-AECA-B31F2BB42C2C} - System32\Tasks\{C73826EE-9B7B-433F-B4E5-6B16A9BF39E2} => D:\DeSmuMe\DeSmuME_0.9.9_x86.exe [2013-04-28] () Task: {81E0578A-67EA-46B0-A57A-61D0283C0B50} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {8ACC16F0-E9D0-4A48-9219-2682DA335FAE} - System32\Tasks\{A8458133-5429-4D55-BCB6-C36D2EF5DE4B} => C:\Program Files\LucasArts\SWKotOR\uniws\uniws.exe [2006-01-28] () Task: {8C4CB118-C0CC-4F6F-83BE-EFBD297B7B13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.) Task: {8F8991E6-A6BE-40C8-B67B-D65BCE34256F} - System32\Tasks\{284F5EDC-6DC2-4488-A289-C8BC5EE4A380} => C:\Program Files (x86)\Guild Wars 2\Guild Wars 2\Gw2.exe Task: {97F54372-6BD7-4959-89D1-3276B073E156} - System32\Tasks\{76427C8B-1BFB-4DAD-A460-A334378991E0} => C:\Program Files (x86)\Borderlands The Pre-Sequel\Binaries\Win32\BorderlandsPreSequel.exe Task: {9A513D64-5EAF-4423-8970-1927C71B676D} - System32\Tasks\{EFB091A2-940E-4566-8A2B-D094D01497C0} => pcalua.exe -a C:\Users\Yusa-Enes\Downloads\UT2004MegaPack.exe -d C:\Users\Yusa-Enes\Downloads Task: {9E32CE6D-7CCD-4EA8-90F0-C7B8E4DB07DA} - System32\Tasks\{F21F3C7C-FDB1-4EE8-B91D-D8AAFAFA745E} => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe [2012-11-14] () Task: {A1ABAF6A-467A-4683-99A4-FB8064E18874} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated) Task: {A433BB73-49DA-4507-AD53-19EA80FFC37F} - System32\Tasks\{7D33723A-3AF5-4C8B-BA22-27DBFD827D2D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe" -c -runfromtemp -l0x0407 Task: {A4ECC441-260E-4C27-A003-80FFF7D8CBB5} - System32\Tasks\OFFICE2010ACT => C:\Windows\system32\OFFICEICON.vbs [2012-02-23] () Task: {A69A647E-6047-4C91-BA7E-A5C74C448188} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {AE202F55-7429-41DD-85FE-DF50DFFCEB9C} - System32\Tasks\{8979DACD-2EDC-44C5-B584-B1A90DA8B46C} => C:\JDownloader\Fahrenheit-OLDiGAMES\setup_fahrenheit.exe Task: {C6C49441-A62E-4A0A-B6A8-CD3267386F68} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {CA55E9E8-DF97-44DE-AB35-2D37362FC6A1} - System32\Tasks\{4B7568A1-E11C-4DDF-A6AD-6AE63056B574} => pcalua.exe -a "C:\JD\relink.us Container9e318e07f2de6587f614ea3d844429\SW_-_KOR1\Patch 1.03\SWKotOR1_03.exe" -d "C:\JD\relink.us Container9e318e07f2de6587f614ea3d844429\SW_-_KOR1\Patch 1.03" Task: {CFB1501D-E17B-4A1F-B823-CD94FB2E16CD} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2012-04-19] () Task: {D72CD9C8-BB4B-4906-9B9E-2315AFD3373A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-28] (Microsoft Corporation) Task: {DE543DED-4180-465A-BAFC-84794D9F9A9E} - System32\Tasks\{5EFA4A5A-2EFE-41CA-BF7F-09E50498794B} => pcalua.exe -a C:\Users\Yusa-Enes\Downloads\ps902.exe -d C:\Users\Yusa-Enes\Downloads Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-05-04 02:00 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2012-07-15 10:23 - 2012-07-15 10:23 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll 2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2011-03-31 17:08 - 2011-03-31 17:08 - 00080896 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2014-06-21 18:58 - 2015-04-17 21:16 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-06-21 18:58 - 2015-04-17 21:16 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2008-12-20 03:20 - 2012-07-15 10:26 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-04-19 16:22 - 2012-07-15 10:26 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-03-10 16:31 - 2012-07-15 10:26 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll 2008-12-20 03:20 - 2012-07-15 10:26 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2015-03-12 21:05 - 2013-10-29 15:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe 2015-03-12 21:05 - 2013-06-26 18:01 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe 2014-05-04 01:51 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2012-07-15 10:23 - 2012-07-15 10:23 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll 2014-12-23 14:54 - 2011-08-17 16:45 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL 2014-12-23 14:54 - 2011-12-16 18:17 - 00246272 _____ () C:\Windows\SysWOW64\APOMngr.DLL 2015-03-12 21:05 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll 2014-10-16 23:36 - 2014-10-16 23:36 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll 2012-07-15 09:44 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-07-15 09:44 - 2012-02-21 06:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-03-12 21:05 - 2013-11-05 17:31 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll 2012-11-29 23:59 - 2012-11-29 23:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-05-26 11:35 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll 2015-05-26 11:34 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-921053363-3756481614-3739615417-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebiha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Der Chef\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Hayrunnisa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Yusa-Enes\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\athbttray.exe" MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\btvstack.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe MSCONFIG\startupreg: Facebook Update => "C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: Uninstall C: => MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe" MSCONFIG\startupreg: WheelMouse => C:\REVOLT~1\wh_exec.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{2EA0981E-CC22-4FA2-B544-ABA9A79E692B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{8D798D5E-FDE0-458F-80FE-93C59BB24FD5}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [UDP Query User{159AA7A2-E70E-4639-A97C-C154F1A362A2}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [TCP Query User{89ABB8D3-CE55-40ED-AB1B-ADF1FB21AC9D}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe FirewallRules: [UDP Query User{81C1A83F-F988-40AD-AD1B-1B3BBD7CD221}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe FirewallRules: [{4632BB79-53DF-4294-839C-7337215F8488}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1DFC37BA-BE23-4066-915B-5015C7EB89F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{ED902B20-A2B6-4859-87BA-53A15B70D2EC}C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe] => (Allow) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe FirewallRules: [UDP Query User{221DFA4E-A50B-4A7E-9A6D-6832836BEF4C}C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe] => (Allow) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe FirewallRules: [{59EAFEBC-1D7B-47BC-9292-20EC7C2038CF}] => (Block) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe FirewallRules: [{A1030789-CD49-41A9-9789-E1B2689601F8}] => (Block) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe FirewallRules: [{34C10B0E-46A4-4BF3-A5B5-B2A1AFFF19A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{469FC9B8-F5EA-41E0-B6F4-A8686B71D082}] => (Allow) LPort=2869 FirewallRules: [{F1F4EB49-A43E-4A94-8BFC-AA67A50B8A3A}] => (Allow) LPort=1900 FirewallRules: [{3332493E-50AF-4B27-B1CB-2ED9C35E8701}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{2E19C0C0-B328-4A1B-8A6B-52B0E2DA85DC}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe FirewallRules: [UDP Query User{B50F8762-9813-4A9F-AB77-E80F763AE303}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe FirewallRules: [TCP Query User{571ADAA7-8DEE-49DD-9EBA-4E85687978EA}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [UDP Query User{E24C90DD-D8D2-403C-B9FA-9E1B97E4E665}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [{F6CBF58B-0068-436B-9311-7534292EF164}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{FF00D81D-A2CC-49FB-9D3D-CA74F991165B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{9FA6E545-3A1F-4C3A-ACD2-936420DF8F87}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{A09E9724-D646-4FF8-B07A-40DB669290BD}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{A5DD8102-1904-4CF2-BA56-230449610BFC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe FirewallRules: [{1D9D4FFD-F0E2-4024-8248-B99AB4E183EA}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe FirewallRules: [{477BA16F-F4AE-464B-9586-241FAC5B8311}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{44DA3DAA-8779-4A6C-8BDA-2CAF24BDFCE8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{8362658A-0B24-4E8E-A422-F9786204E8D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E97E1751-4DE5-4FE3-8209-04CE9B02755D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{EA499155-2DAF-4358-B2D2-EC070290A088}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe FirewallRules: [{E5D8DA30-57BF-4139-A4D4-AAA2D6D832B4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe FirewallRules: [TCP Query User{456C3C1A-BB5A-408F-9B8A-662A394D5BDC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{3632BA82-13C7-4E1A-B0FD-E292E772C686}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{E93CCB60-6254-4BB0-8E62-0ECE4FEAE940}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe FirewallRules: [UDP Query User{BCE165E5-F49C-4C83-A68F-E994BEF064DD}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe FirewallRules: [{E5B6425D-1798-40A6-9212-2803CAA6D924}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{B1A8FAB0-1BCC-4FE8-AE98-6249FDB6337A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{1F21BDD6-7E93-47A8-82F9-7FB61542A373}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{60CAFE12-3419-4379-826E-6E3CC25B0660}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{8E823B40-FA72-4EA6-8097-0F03EB8F9DB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{76C15274-FDEC-41BF-867E-1BDD335452FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{7DB98289-AD73-4161-A6B4-4BFDBEBC442D}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{C13F4411-7092-4A8E-A06C-2ABEE1A40CA1}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{8735D0A8-182E-4AD1-97EA-6E94B3C767F8}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{63EA9513-C2FD-4AEA-B67A-58022B3BFF09}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{0D5C38AF-4EC8-4370-9BA4-EDA50D9F3B74}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{1ACA08AB-2CAF-4E61-B264-3C827D702379}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{16F4C3CD-360F-4D81-8994-352B5D26E8CF}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{0664CFF3-CF69-43C1-909F-08A66C39C5AF}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe FirewallRules: [{1F980290-FE44-4FE7-8D00-15EC52C511AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{EC4A4B69-2A33-470C-BE15-26228C522550}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{95C32861-E938-4D2D-996F-F85B5EEAF35E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{640744A2-EBC6-4755-AA37-628ECFFB0516}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{86740E38-A439-45AF-9DE1-14C096843F2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{E623987A-92E8-4964-BB01-BA95265CE89A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{08B20E7E-8515-47FC-A773-FCFF55CBC03E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{CD243C6C-C822-4DA4-88E5-C46F1F6CD60F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{F624D647-BDD4-41A0-BB64-469127332685}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{8BFB56EC-F700-40A2-831A-EE5D7AC861DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{B2B41918-E533-4FBA-A238-A9380BBE1608}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{C7E6C696-5B68-4049-844B-7BA53C5742BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{2873CE12-93E5-43C6-9C22-3D0C26496225}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{23C78950-466E-4FAE-BE18-6B7BBCD70139}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{F551B704-55A6-4D3A-B446-36F3168B9DFD}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{D04967AD-1A72-4D0B-80A7-9E356FF13617}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{5EE00FFB-EFF9-4377-A1E5-DDE533B48894}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{A5715CDC-75A7-4BEC-92B1-BE7975C605B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{FE3D4D39-F8FB-4CD0-BCE5-1B546402CB3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{1063056F-3961-4223-952D-F58EB2E636A0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{844D64AC-DCBC-4163-8A8F-881AC387F3F6}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{347659E6-0C93-436B-94D2-9458EAF87073}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [TCP Query User{96C1B4B0-037B-4E0E-8E07-C488531380C8}C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe FirewallRules: [UDP Query User{103A7A58-5775-436F-AE62-97D487D5B1A3}C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe FirewallRules: [{BB63DD64-6DEC-43BB-9304-D6624FC5B9FA}] => (Allow) LPort=21 FirewallRules: [TCP Query User{622060AD-2C59-4787-A961-4757D761877B}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [UDP Query User{A7A5A3A1-9259-4306-AF5E-78C58371D11D}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [{08F3447C-97CC-451F-AB14-EBC8BD243C0E}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe FirewallRules: [TCP Query User{FE144AB8-760C-4A59-B6BF-6A1BECD5D9C2}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [UDP Query User{0FFE729E-9D51-4204-AAC3-9516E4E96984}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [{896FBA22-6AE5-444C-B05D-2A0A3B8C6531}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8BF6EAB4-F4F7-408D-9D84-E905AEF2DEFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{166542FA-41E2-4780-9E80-AA1C29FEE3A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2B6CEB43-0847-4F6C-BA49-CC0EA646B2F3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{FB2B6151-80D2-43BD-8A2B-9C3BFBF83DD6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A7E3DDA0-7FBE-438A-8408-9E27158D31D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{7B03A8A2-D082-4BBC-9C23-76465567A2B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{26DCF0FB-99A1-4484-9D92-8AC555C71FC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8299FA58-4C17-4906-9451-895E496621D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{7174CB66-8DAE-416E-A715-B51DF1226209}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{DB876BEE-5AC6-4353-8FFE-D4DAAD9FEFB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe FirewallRules: [{E7DA37F0-5529-4E04-9738-D0EAFB6F34B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe FirewallRules: [{81F14CF6-13E9-47F4-A9E6-539BCB0C807B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{F85E768F-F4AA-46D5-BE7E-B6074AE0CB8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe FirewallRules: [{BDA4193E-9A52-41C4-89FC-13519A48F814}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe FirewallRules: [{0A95B0AC-B9B1-4B7A-B108-0163DD2F129F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe FirewallRules: [{D72E1027-668C-487B-BA9E-AB8DA27377B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe ==================== Faulty Device Manager Devices ============= Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/04/2015 06:13:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/04/2015 06:13:32 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/04/2015 06:13:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/04/2015 06:13:17 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/04/2015 06:01:40 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList". Error: (06/04/2015 05:51:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/04/2015 04:40:16 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/04/2015 04:38:02 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1". Die abhängige Assemblierung "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (06/04/2015 04:37:49 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (06/04/2015 02:49:36 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. System errors: ============= Error: (06/04/2015 08:38:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (06/04/2015 08:38:10 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (06/04/2015 08:38:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (06/04/2015 08:38:09 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (06/04/2015 08:38:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (06/04/2015 08:38:09 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (06/04/2015 08:38:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (06/04/2015 08:38:09 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (06/04/2015 08:38:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (06/04/2015 08:38:08 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Microsoft Office: ========================= Error: (06/04/2015 06:13:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (06/04/2015 06:13:32 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (06/04/2015 06:13:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (06/04/2015 06:13:17 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Yusa-Enes\Downloads\esetsmartinstaller_deu.exe Error: (06/04/2015 06:01:40 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC) Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL) Error: (06/04/2015 05:51:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/04/2015 04:40:16 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe Error: (06/04/2015 04:38:02 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"C:\Program Files (x86)\Nero\Nero 12\Nero Recode\NeroBRServer.exe.Manifest Error: (06/04/2015 04:37:49 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Lenovo\Lenovo Solution Center\App\diag\flex_comm_sample.exe Error: (06/04/2015 02:49:36 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Yusa-Enes\Downloads\esetsmartinstaller_deu.exe CodeIntegrity Errors: =================================== Date: 2015-06-01 15:06:18.437 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-06-01 15:06:18.390 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 20:30:14.385 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 20:30:14.306 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 20:30:14.093 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 20:30:14.019 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-10-15 23:28:26.186 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-10-15 23:28:26.174 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-10-15 23:28:26.100 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-10-15 23:28:26.087 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Percentage of memory in use: 44% Total physical RAM: 6046.36 MB Available physical RAM: 3328.29 MB Total Pagefile: 12090.92 MB Available Pagefile: 9161.26 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:420.56 GB) (Free:121.86 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:5.62 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F110E6E9) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=420.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12) ==================== End of log ============================ |
05.06.2015, 17:11 | #19 |
/// the machine /// TB-Ausbilder | Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) Du hast aber auch noch ne alte Version von Java drauf, die deinstallieren Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {51E4BC7E-DA2B-454D-82B9-EE6AD2364AD7} - System32\Tasks\Core Temp Autostart Yusa-Enes => C:\Users\YUSA-E~1\AppData\Local\Temp\Rar$EXa0.712\Core Temp.exe <==== ATTENTION Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung: Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) |
abgebrochen, alarm, anleitung, anti-malware, automatische, automatischen, browser, cache, datei, download, fake, gen, installiert, kleine, link, malwarebytes, neu, nod32, ordner, recovery, redirect, scan, steam, tool, zeichen |