Alex1996 | 06.06.2015 12:58 | Logfiles Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Alex (administrator) on ALEX-MACBOOK on 06-06-2015 13:10:11
Running from C:\Users\Alex\Desktop
Loaded Profiles: Alex (Available Profiles: Alex)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\...\Run: [Spotify Web Helper] => C:\Users\Alex\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-05] (Spotify Ltd)
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\...\Run: [Spotify] => C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-05] (Spotify Ltd)
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\...\Run: [GoogleChromeAutoLaunch_AD2529C7DB5B63D28C23362385276129] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1144709705-1760910624-3481591003-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-05] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\kgs7OrqP.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-05] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-05] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\kgs7OrqP.default\Extensions\abs@avira.com [2015-03-22]
Chrome:
=======
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-04-26]
CHR Extension: (Google Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-05]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-05]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-26]
CHR Extension: (Google Search) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-05]
CHR Extension: (Tampermonkey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-26]
CHR Extension: (Google Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-26]
CHR Extension: (Bookmark Manager) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Avira SafeSearch) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2015-04-26]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-05]
CHR Extension: (Simple Startup Password) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoalkffommhmdmbohjphohoejjmgepc [2015-04-26]
CHR Extension: (Battlefield 4) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pecgmdpcolnkkmjanbjmpblniokfddgf [2015-04-26]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] ()
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-20] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-21] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AppleCamera; C:\Windows\system32\DRIVERS\AppleCamera.sys [1793664 2013-12-04] (Apple Inc.)
R3 applemtm; C:\Windows\system32\DRIVERS\applemtm.sys [12288 2013-09-06] (Apple Inc.)
R3 applemtp; C:\Windows\system32\DRIVERS\applemtp.sys [39424 2013-09-06] (Apple Inc.)
R3 AppleSDR; C:\Windows\system32\DRIVERS\AppleSDR.sys [12800 2013-09-03] (Apple Inc.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8497840 2014-01-10] (Broadcom Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFD.sys [56720 2013-10-17] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\system32\DRIVERS\CSUFD.sys [11928 2013-10-17] (Cirrus Logic Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-01-31] (Intel Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-06 13:10 - 2015-06-06 13:10 - 00013934 _____ C:\Users\Alex\Desktop\FRST.txt
2015-06-06 13:09 - 2015-06-06 13:10 - 00000000 ____D C:\FRST
2015-06-06 13:08 - 2015-06-06 13:08 - 02108928 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2015-06-06 13:06 - 2015-06-06 13:06 - 00000602 _____ C:\Windows\PFRO.log
2015-06-06 13:06 - 2015-06-06 13:06 - 00000232 _____ C:\Windows\setupact.log
2015-06-06 13:06 - 2015-06-06 13:06 - 00000000 _____ C:\Windows\setuperr.log
2015-06-06 02:47 - 2015-06-06 02:47 - 00056744 _____ C:\Users\Alex\Documents\cc_20150606_024749.reg
2015-06-06 02:38 - 2015-06-06 02:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-06 02:38 - 2015-06-06 02:38 - 00001126 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-06 02:38 - 2015-06-06 02:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-06 02:38 - 2015-06-06 02:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-06 02:38 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-06 02:38 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-06 02:38 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-06 02:37 - 2015-06-06 02:37 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Alex\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-06 02:33 - 2015-06-06 02:33 - 02231296 _____ C:\Users\Alex\Downloads\adwcleaner_4.206.exe
2015-06-06 02:28 - 2015-06-06 02:28 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-06-06 02:20 - 2015-06-06 02:20 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Alex\Downloads\tdsskiller.exe
2015-06-05 22:12 - 2015-06-05 22:12 - 00000000 ____D C:\Users\Alex\AppData\Local\GWX
2015-06-05 17:29 - 2015-06-05 17:29 - 00000000 ____D C:\TempDump
2015-06-05 16:48 - 2015-06-05 16:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-05 16:42 - 2015-06-05 16:42 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-05 16:42 - 2015-06-05 16:42 - 00000000 ____D C:\ProgramData\Sun
2015-06-05 16:42 - 2015-06-05 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-05 16:41 - 2015-06-05 16:41 - 00562272 _____ (Oracle Corporation) C:\Users\Alex\Downloads\chromeinstall-8u45.exe
2015-06-05 16:41 - 2015-06-05 16:41 - 00000000 ____D C:\ProgramData\Oracle
2015-06-05 16:41 - 2015-06-05 16:41 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-05 16:37 - 2015-06-05 16:37 - 00119249 _____ C:\Users\Alex\Downloads\vR_BR120EL_Sc01_DE_EN.rwp
2015-06-05 16:36 - 2015-06-05 16:36 - 00233557 _____ C:\Users\Alex\Downloads\vR_BR111_Dosto_Sc05_DE_EN.rwp
2015-06-05 16:36 - 2015-06-05 16:36 - 00216070 _____ C:\Users\Alex\Downloads\vR_BR111_Dosto_Sc01_DE_EN.rwp
2015-06-05 16:36 - 2015-06-05 16:36 - 00161016 _____ C:\Users\Alex\Downloads\vR_BR111_Dosto_Sc03_DE_EN.rwp
2015-06-05 16:36 - 2015-06-05 16:36 - 00117455 _____ C:\Users\Alex\Downloads\vR_BR111_Dosto_Sc06_DE_EN.rwp
2015-06-05 16:36 - 2015-06-05 16:36 - 00105503 _____ C:\Users\Alex\Downloads\vR_BR111_Dosto_Sc02_DE_EN.rwp
2015-06-05 16:36 - 2015-06-05 16:36 - 00102899 _____ C:\Users\Alex\Downloads\vR_BR111_Dosto_Sc07_DE_EN.rwp
2015-06-05 16:34 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-05 16:34 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-05 16:32 - 2015-06-05 16:32 - 00001198 _____ C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
2015-06-05 16:26 - 2015-06-05 16:34 - 152430272 _____ () C:\Users\Alex\Downloads\vr_db_br120_ic_el_en_de_v2.exe
2015-06-05 16:23 - 2015-06-05 16:31 - 119113307 _____ C:\Users\Alex\Downloads\vr_br111_dosto_v3.rwp
2015-06-05 16:21 - 2015-06-05 16:21 - 00053181 _____ C:\Users\Alex\Downloads\installer.zip
2015-06-05 16:11 - 2015-06-05 16:11 - 00000221 _____ C:\Users\Alex\Desktop\Train Simulator 2015.url
2015-06-05 16:10 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 16:10 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 16:10 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 16:10 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 16:10 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 16:10 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 16:10 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 16:10 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-05 16:10 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-05 16:10 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-05 16:10 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-05 16:10 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-05 16:10 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-05 16:10 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-05 16:10 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-05 16:10 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-05 16:10 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-05 16:10 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-06-05 16:10 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-05 16:10 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-05 16:10 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-05 16:10 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-05 16:10 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-05 16:10 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-05 16:10 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-05 16:10 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-05 16:10 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-05 16:10 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-05 16:10 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-05 16:10 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-05 16:10 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-05 16:10 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-05 16:10 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-05 16:10 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-05 16:10 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-05 16:10 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-05 16:10 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-05 16:10 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-06-05 16:10 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-05 16:10 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-05 16:10 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-05 16:10 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-05 16:10 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-05 16:10 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-05 16:10 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-05 16:10 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-05 16:10 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-05 16:10 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-05 16:10 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 16:10 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-05 16:10 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-06-05 16:10 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-06-05 16:10 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-05 16:10 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-06-05 16:10 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-05 16:10 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-06-05 16:10 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-06-05 16:10 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-06-05 16:10 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-06-05 16:10 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-06-05 16:10 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-06-05 16:10 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-06-05 16:10 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-06-05 16:10 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-06-05 16:10 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-06-05 16:10 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-05 16:10 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-06-05 16:10 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-06-05 16:10 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-06-05 16:10 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-06-05 16:10 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-06-05 16:10 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-06-05 16:10 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-06-05 16:10 - 2015-03-13 02:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-05 16:10 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-06-05 16:10 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-06-05 16:10 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-06-05 16:10 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-06-05 16:10 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-06-05 16:10 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-06-05 16:10 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-06-05 16:10 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-05 16:10 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-06-05 16:10 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-06-05 16:10 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 23:08 - 2015-05-12 23:08 - 00000000 ____D C:\Users\Alex\AppData\Roaming\WindSolutions
2015-05-12 23:07 - 2015-05-12 23:07 - 10388158 _____ C:\Users\Alex\Downloads\CopyTransManagerDEv1.015.zip
2015-05-12 23:07 - 2015-05-12 23:07 - 00000000 ____D C:\ProgramData\WindSolutions
2015-05-12 23:04 - 2015-05-12 23:04 - 00001773 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-05-12 23:04 - 2015-05-12 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-12 23:04 - 2015-05-12 23:04 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-12 23:04 - 2015-05-12 23:04 - 00000000 ____D C:\Program Files\iTunes
2015-05-12 23:04 - 2015-05-12 23:04 - 00000000 ____D C:\Program Files\iPod
2015-05-12 23:04 - 2015-05-12 23:04 - 00000000 ____D C:\Program Files (x86)\iTunes
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-06 13:08 - 2015-02-16 04:16 - 01331326 _____ C:\Windows\WindowsUpdate.log
2015-06-06 13:06 - 2015-04-05 19:05 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-06 13:06 - 2015-04-05 18:03 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-06 13:06 - 2015-02-16 05:28 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Spotify
2015-06-06 13:06 - 2015-02-16 05:28 - 00000000 ____D C:\Users\Alex\AppData\Local\Spotify
2015-06-06 13:06 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 02:53 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-06 02:52 - 2015-04-26 16:36 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1144709705-1760910624-3481591003-1001
2015-06-06 02:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-06 02:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-06 02:44 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Branding
2015-06-06 02:43 - 2014-09-24 08:16 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 02:43 - 2014-09-24 07:43 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-06-06 02:43 - 2014-09-24 07:43 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-06-06 02:36 - 2015-04-05 18:11 - 00000000 ____D C:\AdwCleaner
2015-06-06 02:35 - 2015-04-26 15:18 - 00000000 ____D C:\Windows\system32\log
2015-06-06 02:31 - 2013-08-22 16:44 - 00338016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-06 02:30 - 2015-03-08 20:00 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 02:30 - 2014-09-24 09:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-06 02:30 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-06-06 02:30 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-06 02:29 - 2015-02-16 04:16 - 00000000 ____D C:\Users\Alex
2015-06-06 02:18 - 2015-04-05 19:05 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-05 22:29 - 2015-02-16 05:23 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BC1C0BF7-B9AA-4FE2-B387-005F9482FF0A}
2015-06-05 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-05 16:38 - 2015-04-05 19:18 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-05 16:34 - 2015-03-21 17:36 - 00000000 ____D C:\Windows\system32\MRT
2015-06-05 16:34 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-05 16:32 - 2015-04-05 18:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-05 16:32 - 2015-04-05 18:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-05 16:32 - 2015-03-21 17:36 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-05 16:31 - 2014-09-24 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-05 16:13 - 2015-04-05 19:05 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-05 16:13 - 2015-04-05 19:05 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-12 23:04 - 2015-03-21 18:01 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-12 23:04 - 2015-03-21 18:01 - 00000000 ____D C:\Program Files\Common Files\Apple
==================== Files in the root of some directories =======
2015-03-21 01:08 - 2015-03-21 01:08 - 0000600 _____ () C:\Users\Alex\AppData\Local\PUTTY.RND
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-05 16:30
==================== End of log ============================ Code:
scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Alex at 2015-06-06 13:10:42
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1144709705-1760910624-3481591003-500 - Administrator - Disabled)
Alex (S-1-5-21-1144709705-1760910624-3481591003-1001 - Administrator - Enabled) => C:\Users\Alex
Gast (S-1-5-21-1144709705-1760910624-3481591003-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.1.5640 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{1BB8F10E-6512-4F07-B676-497659DCE4CD}) (Version: 6.1.4.0 - Husdawg, LLC)
Train Simulator 2015 (HKLM-x32\...\Steam App 24010) (Version: - Dovetail Games)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
Windows-Treiberpaket - AMD (amdkmafd) System (09/22/2012 9.002.0.0000) (HKLM\...\203795FBE6DF8F5E5F7AFFD457E83797A053787C) (Version: 09/22/2012 9.002.0.0000 - AMD)
Windows-Treiberpaket - Apple Inc. (AppleCamera) Image (11/21/2013 5.0.22.0) (HKLM\...\1FCF3C93707C46D648F0B00E216A55E96DEB5A17) (Version: 11/21/2013 5.0.22.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/10/2014 5.0.8.0) (HKLM\...\ABCCA6C3F97A148D7C69114CB55DFA9D46053BEA) (Version: 01/10/2014 5.0.8.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom)
Windows-Treiberpaket - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net (12/13/2013 6.30.223.215) (HKLM\...\59EE3461B77229A4F846543766A6EFF2F2BAFC6B) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA (10/03/2013 6.6001.3.13) (HKLM\...\9EBC96DD99F2C854D540FBF6A16A557BADDBC228) (Version: 10/03/2013 6.6001.3.13 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows-Treiberpaket - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows-Treiberpaket - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows-Treiberpaket - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows-Treiberpaket - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows-Treiberpaket - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
02-05-2015 03:11:53 Entfernt Grand Theft Auto V
05-06-2015 16:30:19 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-04-05 19:25 - 2015-04-05 19:25 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10F538CB-1F8B-4C05-92E1-2661184E69F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {2433C162-E20C-4976-95A7-CA6E4EFB61B0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {261EF52B-50FE-4447-835F-426227F073B8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {52628DFD-97A5-422C-A180-E94E37044FB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5689339C-1D9E-4C7E-B9C1-CCC4462784E4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-05] (Microsoft Corporation)
Task: {A8AF5B33-9585-4174-9BC0-F2B0181B3585} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {C4974F8F-E503-4B93-A097-B4E50CAE7F72} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {C939A09F-48EF-4709-B308-39530C93656E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-05] (Google Inc.)
Task: {F0DCF074-FD49-4823-BA0E-E4D250525AEB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F3D2BC8D-8DC3-4478-949E-2B761030B019} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {FE915B36-ED3E-48AF-81EF-7C18D43271FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-05] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-06 13:36 - 2014-02-06 13:36 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe
2015-03-21 13:18 - 2015-03-21 13:18 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-21 01:02 - 2015-06-05 21:47 - 41287224 _____ () C:\Users\Alex\AppData\Roaming\Spotify\libcef.dll
2015-03-21 01:02 - 2015-06-05 21:47 - 01488440 _____ () C:\Users\Alex\AppData\Roaming\Spotify\libglesv2.dll
2015-03-21 01:02 - 2015-06-05 21:47 - 00079928 _____ () C:\Users\Alex\AppData\Roaming\Spotify\libegl.dll
2015-03-21 01:02 - 2015-03-21 01:02 - 09305656 _____ () C:\Users\Alex\AppData\Roaming\Spotify\pdf.dll
2015-06-05 16:38 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-06-05 16:38 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-02-16 04:19 - 2014-01-31 18:54 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\.apdisk:com.apple.quarantine
AlternateDataStreams: C:\.apdisk:Mac_Metadata
AlternateDataStreams: C:\.fseventsd:Mac_Metadata
AlternateDataStreams: C:\.TemporaryItems:AFP_AfpInfo
AlternateDataStreams: C:\.TemporaryItems:com.apple.quarantine
AlternateDataStreams: C:\.TemporaryItems:Mac_Metadata
AlternateDataStreams: C:\.Trashes:AFP_AfpInfo
AlternateDataStreams: C:\.Trashes:Mac_Metadata
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87347620.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87347620.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1144709705-1760910624-3481591003-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{7D22109F-FE5A-49B1-991C-CFCCA85EF9E4}C:\users\alex\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alex\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{37122F4B-320D-481F-B34B-0AEF312E8F58}C:\users\alex\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alex\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{33613165-00F3-44E2-8488-3F1562294AAD}C:\users\alex\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alex\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{127B22BE-240F-46EE-AA69-B67B9319A443}C:\users\alex\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alex\appdata\roaming\spotify\spotify.exe
FirewallRules: [{97ADBC36-3E15-4C3E-B537-69A03ED7155E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B884E974-81FD-4B0F-BF01-011D06CA754D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3CC872EF-DB8A-47A9-91E1-725E746DBDE1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C1D8C9CA-53F3-4D8B-BD66-FED4741311F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{91778AC2-CAAD-4AD8-8112-D0F8E38E37AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{192A93D4-ED32-41C4-B477-A25AD37CFB05}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6E1FE0A6-A1CD-45E0-AEAB-1E63FE0CC89F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1519D71-F69C-41A5-A62E-8C9E1AA6C209}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F74B579B-7C45-4CDD-96D5-7144400A5BB9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{393041D7-A578-44BA-B206-21E966E101C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C28ED514-E043-4594-8293-88B589D45F93}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E1E6F92-B6CE-4B09-B0A5-07B89BEF2402}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{26416B90-60F5-4A1F-BA24-E66C08FB00B9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ADA76F2F-19E4-4140-9813-80C32BA17D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{FAC15B39-EC94-4D9A-97D3-D231CE23165C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{EF34F450-CF51-4CB9-8CD8-553076DA1934}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (06/06/2015 01:06:19 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (06/06/2015 01:06:12 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-06-05 16:41:36.306
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-05 16:41:36.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4278U CPU @ 2.60GHz
Percentage of memory in use: 24%
Total physical RAM: 8100.26 MB
Available physical RAM: 6145.86 MB
Total Pagefile: 9380.26 MB
Available Pagefile: 7405.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (BOOTCAMP) (Fixed) (Total:84.58 GB) (Free:45.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 233.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End of log ============================ |