![]() |
|
Log-Analyse und Auswertung: Unterschiedliche Pop-upsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() ![]() | ![]() Unterschiedliche Pop-ups Hallo, habe folgendes Problem. Habe mir am Freitag einen neuen Rechner mit Windows 8.1 gekauft. Kaspersky als Sicherheitssoftware raufgehauen und mir Firefox gedownloaded. Jetzt habe ich seit Samstag ständig irgdnwelche Pop-ups. Sei es Werbunbg oder die Info " ich benutze eine veraltete Software". Des Weiteren bekommen ich am rechten Browser-Fenster irgendwelche Werbung. Könnt ihr mit bitte helfen das zu beseitigen? Anbei die FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by Dennis (administrator) on DENNIS on 14-09-2014 13:31:34 Running from C:\Users\Dennis\Downloads Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe () C:\Windows\SysWOW64\AsHookDevice.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe () C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe (PokerStars) C:\Program Files (x86)\PokerStars.EU\PokerStars.exe () C:\Program Files (x86)\PokerStars.EU\gameutil1.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (TableNinja) C:\Program Files (x86)\PASG\TN2\tableninja2.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-13] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-06-24] (cyberlink) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-3656314769-1064978787-4233295665-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-19] (AMD) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\System32\shell32.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\System32\shell32.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB StartMenuInternet: IEXPLORE.EXE - iexplore.exe BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com () FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com () FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\user.js FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-12] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-12] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-12] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-12] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-12] Chrome: ======= CHR HomePage: Default -> CHR DefaultSearchKeyword: Default -> 2B68679307CD89AF5750DACE6795E086445A6566B3C48BF136781D3D4224E58B CHR DefaultSearchProvider: Default -> F2811A452EEF687EB632B2F1CD69B5C6698073D99770A61B9B76F45E88097E7A CHR DefaultSearchURL: Default -> 3A67F7884DAE179AC498699CE549676F9F99B74C93592DEF698E465D05E1A425 CHR Profile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-12] CHR Extension: (Google Docs) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12] CHR Extension: (Google Drive) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12] CHR Extension: (YouTube) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12] CHR Extension: (Google-Suche) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12] CHR Extension: (Kaspersky Protection) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-12] CHR Extension: (Google Wallet) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12] CHR Extension: (Google Mail) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12] CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-05-15] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed] R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed] R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed] S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244696 2013-06-25] (CyberLink) R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation) R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation) S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-01-13] (Microsoft Corporation) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.) S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2013-08-22] (Microsoft Corporation) R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [89088 2014-07-22] (PostgreSQL Global Development Group) [File not signed] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation) R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [141376 2014-09-12] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [769600 2014-09-12] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation ) R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia 2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe 2014-09-14 11:24 - 2014-09-14 11:47 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe 2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla 2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-14 10:54 - 2014-09-14 10:55 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe 2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk 2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources 2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java 2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources 2014-09-13 15:41 - 2014-09-13 15:44 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe 2014-09-13 13:35 - 2014-09-14 12:40 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-13 13:35 - 2014-09-14 11:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-09-13 11:55 - 2010-08-30 09:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-13 11:54 - 2014-09-13 11:55 - 00000000 ____D () C:\AdwCleaner 2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe 2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-09-13 02:04 - 2014-09-13 01:34 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip 2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws 2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage 2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk 2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql 2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3 2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL 2014-09-13 00:07 - 2014-09-13 00:09 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe 2014-09-12 23:50 - 2014-09-12 23:51 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe 2014-09-12 23:38 - 2014-09-13 11:48 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk 2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2014-09-12 23:38 - 2014-09-12 23:37 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2014-09-12 23:37 - 2014-09-14 12:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-09-12 23:37 - 2014-09-12 23:49 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2014-09-12 23:37 - 2014-09-12 23:49 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-09-12 23:37 - 2014-04-10 18:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys 2014-09-12 23:37 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload 2014-09-12 23:28 - 2014-09-12 23:33 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe 2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml 2014-09-12 23:10 - 2014-09-12 23:11 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe 2014-09-12 23:04 - 2014-09-12 23:05 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe 2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt 2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk 2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG 2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-12 22:47 - 2014-09-12 22:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe 2014-09-12 22:45 - 2014-09-13 13:32 - 00036623 _____ () C:\Users\Dennis\Downloads\Addition.txt 2014-09-12 22:44 - 2014-09-14 13:31 - 00026032 _____ () C:\Users\Dennis\Downloads\FRST.txt 2014-09-12 22:44 - 2014-09-14 13:31 - 00000000 ____D () C:\FRST 2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe 2014-09-12 22:36 - 2014-09-12 22:42 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe 2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk 2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk 2014-09-12 22:14 - 2014-09-13 13:36 - 00000000 ____D () C:\Program Files (x86)\Google 2014-09-12 22:14 - 2014-09-12 22:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google 2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment 2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0 2014-09-12 22:12 - 2014-09-13 01:27 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4 2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab 2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-09-12 22:11 - 2014-09-14 11:14 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4 2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-09-12 22:01 - 2014-09-14 11:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU 2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk 2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk 2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU 2014-09-12 22:00 - 2014-09-13 12:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2014-09-12 21:56 - 2014-09-14 11:32 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2 2014-09-12 21:56 - 2014-09-13 21:59 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk 2014-09-12 21:56 - 2014-09-13 21:59 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk 2014-09-12 21:56 - 2014-09-12 21:57 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager 2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG 2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla 2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla 2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor 2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files (x86)\TermTutor 2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk 2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp 2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia 2014-09-12 21:14 - 2014-09-14 11:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001 2014-09-12 21:13 - 2014-09-14 11:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261} 2014-09-12 21:12 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage 2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-09-12 21:11 - 2014-09-14 11:05 - 00000000 ___RD () C:\Users\Dennis\SkyDrive 2014-09-12 21:11 - 2012-04-16 06:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMBB.DLL 2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation 2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI 2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI 2014-09-12 21:08 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe 2014-09-12 21:08 - 2014-09-14 11:06 - 00023204 _____ () C:\Users\Dennis\AppData\Local\BTServer.log 2014-09-12 21:08 - 2014-09-12 23:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS 2014-09-12 21:08 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages 2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth 2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore 2014-09-12 21:07 - 2014-09-13 02:14 - 00000000 ____D () C:\Users\Dennis 2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini 2014-09-12 21:07 - 2014-01-13 12:44 - 00002114 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-14 13:31 - 2014-09-12 22:44 - 00026032 _____ () C:\Users\Dennis\Downloads\FRST.txt 2014-09-14 13:31 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST 2014-09-14 13:31 - 2014-04-10 20:27 - 02061346 _____ () C:\Windows\WindowsUpdate.log 2014-09-14 13:31 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-09-14 13:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2014-09-14 12:44 - 2014-09-12 23:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-09-14 12:40 - 2014-09-13 13:35 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-14 11:50 - 2014-09-12 21:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001 2014-09-14 11:47 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe 2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-09-14 11:45 - 2014-01-13 12:22 - 00000000 ____D () C:\ProgramData\Adobe 2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia 2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe 2014-09-14 11:32 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2 2014-09-14 11:24 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe 2014-09-14 11:18 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU 2014-09-14 11:15 - 2014-09-12 21:13 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261} 2014-09-14 11:14 - 2014-09-12 22:11 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4 2014-09-14 11:10 - 2014-01-13 12:03 - 08365588 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-14 11:10 - 2013-09-13 23:24 - 00450712 _____ () C:\Windows\system32\prfh0404.dat 2014-09-14 11:10 - 2013-09-13 23:24 - 00135868 _____ () C:\Windows\system32\prfc0404.dat 2014-09-14 11:10 - 2013-09-13 23:15 - 00436346 _____ () C:\Windows\system32\prfh0804.dat 2014-09-14 11:10 - 2013-09-13 23:15 - 00135868 _____ () C:\Windows\system32\prfc0804.dat 2014-09-14 11:10 - 2013-09-13 23:07 - 00789596 _____ () C:\Windows\system32\prfh0816.dat 2014-09-14 11:10 - 2013-09-13 23:07 - 00164166 _____ () C:\Windows\system32\prfc0816.dat 2014-09-14 11:10 - 2013-09-13 22:59 - 00798252 _____ () C:\Windows\system32\perfh013.dat 2014-09-14 11:10 - 2013-09-13 22:59 - 00162330 _____ () C:\Windows\system32\perfc013.dat 2014-09-14 11:10 - 2013-09-13 22:52 - 00794000 _____ () C:\Windows\system32\perfh010.dat 2014-09-14 11:10 - 2013-09-13 22:52 - 00156420 _____ () C:\Windows\system32\perfc010.dat 2014-09-14 11:10 - 2013-09-13 22:45 - 00802234 _____ () C:\Windows\system32\perfh00C.dat 2014-09-14 11:10 - 2013-09-13 22:45 - 00159184 _____ () C:\Windows\system32\perfc00C.dat 2014-09-14 11:10 - 2013-09-13 22:38 - 00800660 _____ () C:\Windows\system32\perfh00A.dat 2014-09-14 11:10 - 2013-09-13 22:38 - 00166550 _____ () C:\Windows\system32\perfc00A.dat 2014-09-14 11:10 - 2013-09-13 22:28 - 00542632 _____ () C:\Windows\system32\perfh008.dat 2014-09-14 11:10 - 2013-09-13 22:28 - 00089196 _____ () C:\Windows\system32\perfc008.dat 2014-09-14 11:10 - 2013-09-13 22:22 - 00763218 _____ () C:\Windows\system32\perfh007.dat 2014-09-14 11:10 - 2013-09-13 22:22 - 00159364 _____ () C:\Windows\system32\perfc007.dat 2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla 2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-14 11:09 - 2014-09-12 21:12 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage 2014-09-14 11:06 - 2014-09-12 21:08 - 00023204 _____ () C:\Users\Dennis\AppData\Local\BTServer.log 2014-09-14 11:05 - 2014-09-13 13:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-14 11:05 - 2014-09-12 21:11 - 00000000 ___RD () C:\Users\Dennis\SkyDrive 2014-09-14 11:05 - 2014-04-10 20:39 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini 2014-09-14 11:05 - 2014-01-13 11:53 - 00023700 _____ () C:\Windows\PFRO.log 2014-09-14 11:05 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-14 11:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-09-14 10:55 - 2014-09-14 10:54 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe 2014-09-13 21:59 - 2014-09-12 21:56 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk 2014-09-13 21:59 - 2014-09-12 21:56 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk 2014-09-13 18:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk 2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources 2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java 2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources 2014-09-13 15:44 - 2014-09-13 15:41 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe 2014-09-13 13:36 - 2014-09-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Google 2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-09-13 13:32 - 2014-09-12 22:45 - 00036623 _____ () C:\Users\Dennis\Downloads\Addition.txt 2014-09-13 12:13 - 2014-09-12 22:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2014-09-13 11:55 - 2014-09-13 11:54 - 00000000 ____D () C:\AdwCleaner 2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe 2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-09-13 11:49 - 2013-08-22 16:46 - 00014700 _____ () C:\Windows\setupact.log 2014-09-13 11:48 - 2014-09-12 23:38 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk 2014-09-13 05:49 - 2014-01-13 11:53 - 00000000 ____D () C:\Windows\Panther 2014-09-13 02:14 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Dennis 2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws 2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage 2014-09-13 01:34 - 2014-09-13 02:04 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip 2014-09-13 01:27 - 2014-09-12 22:12 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4 2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk 2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql 2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3 2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL 2014-09-13 00:09 - 2014-09-13 00:07 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe 2014-09-12 23:51 - 2014-09-12 23:50 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe 2014-09-12 23:49 - 2014-09-12 23:37 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2014-09-12 23:49 - 2014-09-12 23:37 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\ProgramData\McAfee 2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2014-09-12 23:37 - 2014-09-12 23:38 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-09-12 23:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2014-09-12 23:37 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-09-12 23:33 - 2014-09-12 23:28 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe 2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload 2014-09-12 23:18 - 2013-08-22 16:44 - 00424056 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml 2014-09-12 23:11 - 2014-09-12 23:10 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe 2014-09-12 23:05 - 2014-09-12 23:04 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe 2014-09-12 23:02 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS 2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt 2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk 2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG 2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-12 22:48 - 2014-09-12 22:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe 2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe 2014-09-12 22:42 - 2014-09-12 22:36 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe 2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk 2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk 2014-09-12 22:18 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google 2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment 2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0 2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab 2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-09-12 22:06 - 2014-04-10 20:32 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS 2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk 2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk 2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU 2014-09-12 21:57 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager 2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG 2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla 2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla 2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor 2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files (x86)\TermTutor 2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk 2014-09-12 21:36 - 2014-01-13 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2014-09-12 21:36 - 2014-01-13 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-12 21:35 - 2014-04-10 20:32 - 00000000 ____D () C:\ProgramData\ASUS 2014-09-12 21:35 - 2014-01-13 12:19 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp 2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia 2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-09-12 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation 2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI 2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI 2014-09-12 21:09 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages 2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth 2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore 2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini 2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys Files to move or delete: ==================== C:\Users\Dennis\postgresql_93.exe Some content of TEMP: ==================== C:\Users\Dennis\AppData\Local\Temp\optprosetup.exe C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe C:\Users\Dennis\AppData\Local\Temp\shutdown1410556665.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-01-13 11:53 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014 Ran by Dennis at 2014-09-14 13:31:55 Running from C:\Users\Dennis\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.03.00 - ASUSTeK Computer Inc.) Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{C6B2127C-A9E0-411B-8EF1-2CE0ACDF265D}) (Version: 20.2.6362.11139 - Alcor Micro Corp.) Alcor Micro USB Card Reader Driver (x32 Version: 20.2.6362.11139 - Alcor Micro Corp.) Hidden AMD Accelerated Video Transcoding (Version: 13.15.100.30819 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{641AA84B-59BE-D8EA-EE69-3D6697371E6E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) ASUS Launcher (HKLM-x32\...\{40376CD0-67E0-4190-86CA-8BD8CBAC331C}) (Version: 2.00.11 - ASUSTeK Computer Inc.) ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.11 - ASUSTeK Computer Inc.) ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.09 - ASUSTeK Computer Inc.) ASUS Manager - Lighting (HKLM-x32\...\{2711E58B-6090-4C1B-9E06-529E4D37DA77}) (Version: 2.00.05 - ASUSTeK Computer Inc.) ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.04 - ASUSTeK Computer Inc.) ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.01.03 - ASUSTeK Computer Inc.) ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.) ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.01.05 - ASUSTeK Computer Inc.) ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.) ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.05.04 - ASUSTeK Computer Inc.) ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG) ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK) Built-in UPS (HKLM-x32\...\{8B4EF712-0FF8-4C2E-ADBD-3FF751AB103E}) (Version: 1.00.04 - ASUSTek Computer Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.) CyberLink PhotoDirector 3 (x32 Version: 3.0.4428 - CyberLink Corp.) Hidden CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources) HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden ICMIZER (HKCU\...\280387279.www.icmpoker.com) (Version: - www.icmpoker.com) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel) Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) NFC Express Desktops (HKLM-x32\...\{90E075A8-A820-4CFC-8543-FD52A499764A}) (Version: 2.00.02 - ASUSTeK Computer Inc.) OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - ) PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group) Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.8 - Term Tutor) TN2 (HKLM-x32\...\{6B636FF5-14E8-48DD-A251-6C6FF0C761A7}) (Version: 2.3.93 - PASG) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation) Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live 软件包 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden 影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden 照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 12-09-2014 19:35:55 Installed AI Suite II 13-09-2014 19:59:27 Installed TN2 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2BECD49A-B7CA-41AA-A47E-9B4EB5E92129} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] () Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {4A7B0FA4-343B-483B-A0E0-0010120F906C} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-03] (ASUSTek Computer Inc.) Task: {52B2427F-B9E4-44F7-B9FB-5BECFDED4810} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] () Task: {536DF914-A4E5-4C67-8345-8F203979BA50} - System32\Tasks\ASUS\ASUS Launcher Helper => C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe [2013-10-29] (Microsoft) Task: {5CC38DE7-90D5-4FE9-B550-8A5E851F8807} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - NFC Checker => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\AsNFCChecker.exe [2013-08-20] (ASUSTeK Computer Inc.) Task: {5FE7D8A9-7A35-487E-978C-A3755A850E25} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - NFC Controller => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe [2013-08-29] () Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {8DEE8A43-8191-4542-A8CC-8134D7C27261} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - File Transfer Server => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe [2013-08-20] (ASUSTeK Computer Inc.) Task: {97CC14CF-ADB4-42FE-AA1A-FC82EE403EC0} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-19] (ASUSTeK Computer Inc.) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {CAA74D54-69F2-4D14-9C4B-FEC26363CEE4} - System32\Tasks\ASUS\ASUS_M Lighting Execute => C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe [2013-07-22] (ASUSTeK) Task: {CEF4BE47-8C87-4BB5-A57E-4136512F2B6E} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2013-09-07] (ASUSTeK) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D7427E82-DFE8-45A4-B1C0-A7420BE673F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.) Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {D94A2B35-82CD-4120-BE36-D92CC0EC2AA8} - System32\Tasks\ASUS\Built-in UPS => C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe [2013-09-10] (ASUSTeK Computer Inc.) Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DEFA3160-E6AF-4AE6-9467-A21808C1E3BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F0A58545-8ED5-44CC-B1F7-81AEB65BDDD6} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2013-08-05] (ASUSTeK) Task: {F631B273-4F9E-403B-9738-E69FD99B0D14} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.) Task: {F930ACFE-C856-440A-B57D-2F1645B88DDC} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-10] () Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-10 20:29 - 2013-09-26 20:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2014-04-10 20:33 - 2013-08-08 20:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe 2014-09-13 00:15 - 2014-07-22 09:50 - 00178176 _____ () C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll 2014-01-13 12:33 - 2012-04-24 12:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-09-13 00:16 - 2014-02-05 11:16 - 01336832 _____ () C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll 2014-04-10 20:33 - 2013-08-09 03:33 - 01114768 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe 2014-04-10 20:33 - 2013-08-29 02:50 - 00894232 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe 2014-01-13 12:24 - 2013-10-10 02:35 - 00879104 _____ () C:\Windows\AsusLauncherContextMenu64.dll 2014-04-10 20:32 - 2013-08-28 17:24 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 2013-06-06 01:51 - 2013-06-06 01:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll 2013-06-06 01:51 - 2013-06-06 01:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll 2012-03-08 04:27 - 2012-03-08 04:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ACVsWin.dll 2013-08-16 10:25 - 2013-08-16 10:25 - 01255744 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe 2014-09-13 00:15 - 2014-07-22 09:53 - 00165376 _____ () C:\Program Files\PostgreSQL\9.3\lib\plpgsql.dll 2014-09-12 22:00 - 2014-09-12 22:00 - 00584000 _____ () C:\Program Files (x86)\PokerStars.EU\gameutil1.exe 2014-08-12 00:18 - 2014-08-12 00:18 - 00226304 _____ () C:\Program Files (x86)\PASG\TN2\TNv2Common.dll 2014-08-12 00:18 - 2014-08-12 00:18 - 00023552 _____ () C:\Program Files (x86)\PASG\TN2\TNLog.dll 2014-08-12 00:18 - 2014-08-12 00:18 - 00203264 _____ () C:\Program Files (x86)\PASG\TN2\TN2licensing.dll 2014-08-12 00:18 - 2014-08-12 00:18 - 00071680 _____ () C:\Program Files (x86)\PASG\TN2\TNRelRects.dll 2014-08-12 00:18 - 2014-08-12 00:18 - 00018944 _____ () C:\Program Files (x86)\PASG\TN2\TNUnfuscated.dll 2014-08-12 00:18 - 2014-08-12 00:18 - 00112128 _____ () C:\Program Files (x86)\PASG\TN2\TNCommonFT.dll 2014-08-12 00:18 - 2014-08-12 00:18 - 00061952 _____ () C:\Program Files (x86)\PASG\TN2\NinjaVision.dll 2014-08-12 00:18 - 2014-08-12 00:18 - 00051712 _____ () C:\Program Files (x86)\PASG\TN2\TNCommonPP.dll 2014-03-06 16:00 - 2014-03-06 16:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll 2014-04-10 20:33 - 2013-06-11 21:02 - 00068096 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\library\ProximityDll_CPP.dll 2014-04-10 20:32 - 2014-09-14 11:06 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2014-04-10 20:32 - 2010-06-29 04:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2014-04-10 20:26 - 2013-08-19 21:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-09-14 11:09 - 2014-09-12 04:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-01-30 15:58 - 2014-01-30 15:58 - 37016064 ____R () C:\Program Files (x86)\PokerTracker 4\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Dennis\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/14/2014 10:56:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215d0bb Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d557d Ausnahmecode: 0x00000004 Fehleroffset: 0x000000000000ab78 ID des fehlerhaften Prozesses: 0x19f4 Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0 Pfad der fehlerhaften Anwendung: wwahost.exe1 Pfad des fehlerhaften Moduls: wwahost.exe2 Berichtskennung: wwahost.exe3 Vollständiger Name des fehlerhaften Pakets: wwahost.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5 Error: (09/12/2014 11:17:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: PokerTracker4.exe, Version: 4.11.11.0, Zeitstempel: 0x53da8901 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d45fa Ausnahmecode: 0xc0000374 Fehleroffset: 0x000e2fd8 ID des fehlerhaften Prozesses: 0x1170 Startzeit der fehlerhaften Anwendung: 0xPokerTracker4.exe0 Pfad der fehlerhaften Anwendung: PokerTracker4.exe1 Pfad des fehlerhaften Moduls: PokerTracker4.exe2 Berichtskennung: PokerTracker4.exe3 Vollständiger Name des fehlerhaften Pakets: PokerTracker4.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PokerTracker4.exe5 Error: (09/13/2014 06:00:35 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: ) Description: Die indizierten Daten von Windows Search für den Benutzer '<Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2014-09-13T04:00:35.000000000Z'/><EventRecordID>961</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Dennis</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440065006E006E00690073005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>' können im Zuge der Löschung des Benutzerprofils nicht entfernt werden. Fehlercode %2. %3. Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY) Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden. Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert. System errors: ============= Error: (09/14/2014 11:02:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10. Error: (09/13/2014 11:48:03 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 13.09.2014 um 00:42:31 unerwartet heruntergefahren. Error: (09/13/2014 11:47:55 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY) Description: 32212256841146464 Error: (09/12/2014 11:42:31 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 12.09.2014 um 22:18:14 unerwartet heruntergefahren. Error: (09/12/2014 11:40:47 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS) Description: {06622D85-6856-4460-8DE1-A81921B41C4B} Error: (09/12/2014 11:35:56 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (09/12/2014 11:35:26 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (09/12/2014 11:34:56 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (09/12/2014 11:17:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (09/12/2014 09:42:11 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Microsoft Office Sessions: ========================= Error: (09/14/2014 10:56:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: wwahost.exe6.3.9600.163845215d0bbKERNELBASE.dll6.3.9600.16408523d557d00000004000000000000ab7819f401cfcff9ba9ba436C:\Windows\system32\wwahost.exeC:\Windows\system32\KERNELBASE.dllf9ec3e84-3bec-11e4-825e-54271ea445acmicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail Error: (09/12/2014 11:17:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: PokerTracker4.exe4.11.11.053da8901ntdll.dll6.3.9600.16408523d45fac0000374000e2fd8117001cfceced89ade3bC:\Program Files (x86)\PokerTracker 4\PokerTracker4.exeC:\Windows\SYSTEM32\ntdll.dll3db395eb-3ac2-11e4-8259-54271ea445ac Error: (09/13/2014 06:00:35 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: ) Description: <Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2014-09-13T04:00:35.000000000Z'/><EventRecordID>961</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Dennis</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440065006E006E00690073005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event> Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY) Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033 Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2 Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: $Coreselect * from __TimerEvent__TimerEvent//./root Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: $Coreselect * from __SystemEvent__SystemEvent//./root/CIMV2 Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: $Coreselect * from __SystemEvent__SystemEvent//./root/subscription Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: $Coreselect * from __SystemEvent__SystemEvent//./root ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Percentage of memory in use: 46% Total physical RAM: 8131.02 MB Available physical RAM: 4341.23 MB Total Pagefile: 10051.02 MB Available Pagefile: 4360.68 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:102.42 GB) (Free:65.01 GB) NTFS Drive d: (New Volume) (Fixed) (Total:931.39 GB) (Free:931.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 895339B1) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ |