| |
| |||||||
Log-Analyse und Auswertung: Unterschiedliche Pop-upsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.09.2014, 12:35
| #1 |
 |  Unterschiedliche Pop-ups Hallo, habe folgendes Problem. Habe mir am Freitag einen neuen Rechner mit Windows 8.1 gekauft. Kaspersky als Sicherheitssoftware raufgehauen und mir Firefox gedownloaded. Jetzt habe ich seit Samstag ständig irgdnwelche Pop-ups. Sei es Werbunbg oder die Info " ich benutze eine veraltete Software". Des Weiteren bekommen ich am rechten Browser-Fenster irgendwelche Werbung. Könnt ihr mit bitte helfen das zu beseitigen? Anbei die FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dennis (administrator) on DENNIS on 14-09-2014 13:31:34
Running from C:\Users\Dennis\Downloads
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(PokerStars) C:\Program Files (x86)\PokerStars.EU\PokerStars.exe
() C:\Program Files (x86)\PokerStars.EU\gameutil1.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(TableNinja) C:\Program Files (x86)\PASG\TN2\tableninja2.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-06-24] (cyberlink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3656314769-1064978787-4233295665-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-19] (AMD)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-12]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 2B68679307CD89AF5750DACE6795E086445A6566B3C48BF136781D3D4224E58B
CHR DefaultSearchProvider: Default -> F2811A452EEF687EB632B2F1CD69B5C6698073D99770A61B9B76F45E88097E7A
CHR DefaultSearchURL: Default -> 3A67F7884DAE179AC498699CE549676F9F99B74C93592DEF698E465D05E1A425
CHR Profile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-12]
CHR Extension: (Google Docs) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12]
CHR Extension: (Google Drive) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12]
CHR Extension: (Google-Suche) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-12]
CHR Extension: (Google Wallet) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]
CHR Extension: (Google Mail) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-05-15] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244696 2013-06-25] (CyberLink)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-01-13] (Microsoft Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2013-08-22] (Microsoft Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [89088 2014-07-22] (PostgreSQL Global Development Group) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [141376 2014-09-12] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [769600 2014-09-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:24 - 2014-09-14 11:47 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:54 - 2014-09-14 10:55 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:41 - 2014-09-13 15:44 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:35 - 2014-09-14 12:40 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 13:35 - 2014-09-14 11:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 11:55 - 2010-08-30 09:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 11:54 - 2014-09-13 11:55 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 02:04 - 2014-09-13 01:34 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:07 - 2014-09-13 00:09 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:50 - 2014-09-12 23:51 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:38 - 2014-09-13 11:48 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:38 - 2014-09-12 23:37 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-14 12:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-12 23:37 - 2014-09-12 23:49 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:37 - 2014-09-12 23:49 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2014-04-10 18:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-12 23:37 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:28 - 2014-09-12 23:33 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:10 - 2014-09-12 23:11 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:04 - 2014-09-12 23:05 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:47 - 2014-09-12 22:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:45 - 2014-09-13 13:32 - 00036623 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-12 22:44 - 2014-09-14 13:31 - 00026032 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-12 22:44 - 2014-09-14 13:31 - 00000000 ____D () C:\FRST
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:36 - 2014-09-12 22:42 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:14 - 2014-09-13 13:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 22:14 - 2014-09-12 22:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-13 01:27 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:11 - 2014-09-14 11:14 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:01 - 2014-09-14 11:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 22:00 - 2014-09-13 12:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-12 21:56 - 2014-09-14 11:32 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-12 21:56 - 2014-09-13 21:59 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-13 21:59 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-12 21:57 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:14 - 2014-09-14 11:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-12 21:13 - 2014-09-14 11:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-12 21:12 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:11 - 2014-09-14 11:05 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-12 21:11 - 2012-04-16 06:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMBB.DLL
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:08 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-12 21:08 - 2014-09-14 11:06 - 00023204 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-12 21:08 - 2014-09-12 23:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 21:08 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-13 02:14 - 00000000 ____D () C:\Users\Dennis
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-12 21:07 - 2014-01-13 12:44 - 00002114 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 13:31 - 2014-09-12 22:44 - 00026032 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-14 13:31 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST
2014-09-14 13:31 - 2014-04-10 20:27 - 02061346 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 13:31 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 13:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-14 12:44 - 2014-09-12 23:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-14 12:40 - 2014-09-13 13:35 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 11:50 - 2014-09-12 21:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-14 11:47 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:45 - 2014-01-13 12:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:32 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-14 11:24 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-14 11:18 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-14 11:15 - 2014-09-12 21:13 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-14 11:14 - 2014-09-12 22:11 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-14 11:10 - 2014-01-13 12:03 - 08365588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 11:10 - 2013-09-13 23:24 - 00450712 _____ () C:\Windows\system32\prfh0404.dat
2014-09-14 11:10 - 2013-09-13 23:24 - 00135868 _____ () C:\Windows\system32\prfc0404.dat
2014-09-14 11:10 - 2013-09-13 23:15 - 00436346 _____ () C:\Windows\system32\prfh0804.dat
2014-09-14 11:10 - 2013-09-13 23:15 - 00135868 _____ () C:\Windows\system32\prfc0804.dat
2014-09-14 11:10 - 2013-09-13 23:07 - 00789596 _____ () C:\Windows\system32\prfh0816.dat
2014-09-14 11:10 - 2013-09-13 23:07 - 00164166 _____ () C:\Windows\system32\prfc0816.dat
2014-09-14 11:10 - 2013-09-13 22:59 - 00798252 _____ () C:\Windows\system32\perfh013.dat
2014-09-14 11:10 - 2013-09-13 22:59 - 00162330 _____ () C:\Windows\system32\perfc013.dat
2014-09-14 11:10 - 2013-09-13 22:52 - 00794000 _____ () C:\Windows\system32\perfh010.dat
2014-09-14 11:10 - 2013-09-13 22:52 - 00156420 _____ () C:\Windows\system32\perfc010.dat
2014-09-14 11:10 - 2013-09-13 22:45 - 00802234 _____ () C:\Windows\system32\perfh00C.dat
2014-09-14 11:10 - 2013-09-13 22:45 - 00159184 _____ () C:\Windows\system32\perfc00C.dat
2014-09-14 11:10 - 2013-09-13 22:38 - 00800660 _____ () C:\Windows\system32\perfh00A.dat
2014-09-14 11:10 - 2013-09-13 22:38 - 00166550 _____ () C:\Windows\system32\perfc00A.dat
2014-09-14 11:10 - 2013-09-13 22:28 - 00542632 _____ () C:\Windows\system32\perfh008.dat
2014-09-14 11:10 - 2013-09-13 22:28 - 00089196 _____ () C:\Windows\system32\perfc008.dat
2014-09-14 11:10 - 2013-09-13 22:22 - 00763218 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 11:10 - 2013-09-13 22:22 - 00159364 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 11:09 - 2014-09-12 21:12 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-14 11:06 - 2014-09-12 21:08 - 00023204 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-14 11:05 - 2014-09-13 13:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 11:05 - 2014-09-12 21:11 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-14 11:05 - 2014-04-10 20:39 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-09-14 11:05 - 2014-01-13 11:53 - 00023700 _____ () C:\Windows\PFRO.log
2014-09-14 11:05 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 11:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-14 10:55 - 2014-09-14 10:54 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 21:59 - 2014-09-12 21:56 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-13 21:59 - 2014-09-12 21:56 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-13 18:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:44 - 2014-09-13 15:41 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:36 - 2014-09-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 13:32 - 2014-09-12 22:45 - 00036623 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-13 12:13 - 2014-09-12 22:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-13 11:55 - 2014-09-13 11:54 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 11:49 - 2013-08-22 16:46 - 00014700 _____ () C:\Windows\setupact.log
2014-09-13 11:48 - 2014-09-12 23:38 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-13 05:49 - 2014-01-13 11:53 - 00000000 ____D () C:\Windows\Panther
2014-09-13 02:14 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Dennis
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 01:34 - 2014-09-13 02:04 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:27 - 2014-09-12 22:12 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:09 - 2014-09-13 00:07 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:51 - 2014-09-12 23:50 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:49 - 2014-09-12 23:37 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:49 - 2014-09-12 23:37 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:37 - 2014-09-12 23:38 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-12 23:37 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-12 23:33 - 2014-09-12 23:28 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:18 - 2013-08-22 16:44 - 00424056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:11 - 2014-09-12 23:10 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:05 - 2014-09-12 23:04 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 23:02 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:48 - 2014-09-12 22:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:42 - 2014-09-12 22:36 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:18 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:06 - 2014-04-10 20:32 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 21:57 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:36 - 2014-01-13 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 21:36 - 2014-01-13 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-12 21:35 - 2014-04-10 20:32 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-12 21:35 - 2014-01-13 12:19 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:09 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
Files to move or delete:
====================
C:\Users\Dennis\postgresql_93.exe
Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\optprosetup.exe
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe
C:\Users\Dennis\AppData\Local\Temp\shutdown1410556665.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-01-13 11:53
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Dennis at 2014-09-14 13:31:55
Running from C:\Users\Dennis\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.03.00 - ASUSTeK Computer Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{C6B2127C-A9E0-411B-8EF1-2CE0ACDF265D}) (Version: 20.2.6362.11139 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.2.6362.11139 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.30819 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{641AA84B-59BE-D8EA-EE69-3D6697371E6E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASUS Launcher (HKLM-x32\...\{40376CD0-67E0-4190-86CA-8BD8CBAC331C}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.09 - ASUSTeK Computer Inc.)
ASUS Manager - Lighting (HKLM-x32\...\{2711E58B-6090-4C1B-9E06-529E4D37DA77}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.04 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.01.03 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.05.04 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
Built-in UPS (HKLM-x32\...\{8B4EF712-0FF8-4C2E-ADBD-3FF751AB103E}) (Version: 1.00.04 - ASUSTek Computer Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.4428 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
ICMIZER (HKCU\...\280387279.www.icmpoker.com) (Version: - www.icmpoker.com)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NFC Express Desktops (HKLM-x32\...\{90E075A8-A820-4CFC-8543-FD52A499764A}) (Version: 2.00.02 - ASUSTeK Computer Inc.)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.8 - Term Tutor)
TN2 (HKLM-x32\...\{6B636FF5-14E8-48DD-A251-6C6FF0C761A7}) (Version: 2.3.93 - PASG)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-09-2014 19:35:55 Installed AI Suite II
13-09-2014 19:59:27 Installed TN2
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2BECD49A-B7CA-41AA-A47E-9B4EB5E92129} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A7B0FA4-343B-483B-A0E0-0010120F906C} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-03] (ASUSTek Computer Inc.)
Task: {52B2427F-B9E4-44F7-B9FB-5BECFDED4810} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] ()
Task: {536DF914-A4E5-4C67-8345-8F203979BA50} - System32\Tasks\ASUS\ASUS Launcher Helper => C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe [2013-10-29] (Microsoft)
Task: {5CC38DE7-90D5-4FE9-B550-8A5E851F8807} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - NFC Checker => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\AsNFCChecker.exe [2013-08-20] (ASUSTeK Computer Inc.)
Task: {5FE7D8A9-7A35-487E-978C-A3755A850E25} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - NFC Controller => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe [2013-08-29] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8DEE8A43-8191-4542-A8CC-8134D7C27261} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - File Transfer Server => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe [2013-08-20] (ASUSTeK Computer Inc.)
Task: {97CC14CF-ADB4-42FE-AA1A-FC82EE403EC0} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-19] (ASUSTeK Computer Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CAA74D54-69F2-4D14-9C4B-FEC26363CEE4} - System32\Tasks\ASUS\ASUS_M Lighting Execute => C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe [2013-07-22] (ASUSTeK)
Task: {CEF4BE47-8C87-4BB5-A57E-4136512F2B6E} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2013-09-07] (ASUSTeK)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D7427E82-DFE8-45A4-B1C0-A7420BE673F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D94A2B35-82CD-4120-BE36-D92CC0EC2AA8} - System32\Tasks\ASUS\Built-in UPS => C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe [2013-09-10] (ASUSTeK Computer Inc.)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DEFA3160-E6AF-4AE6-9467-A21808C1E3BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F0A58545-8ED5-44CC-B1F7-81AEB65BDDD6} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2013-08-05] (ASUSTeK)
Task: {F631B273-4F9E-403B-9738-E69FD99B0D14} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {F930ACFE-C856-440A-B57D-2F1645B88DDC} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-10] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-10 20:29 - 2013-09-26 20:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-04-10 20:33 - 2013-08-08 20:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2014-09-13 00:15 - 2014-07-22 09:50 - 00178176 _____ () C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2014-01-13 12:33 - 2012-04-24 12:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-13 00:16 - 2014-02-05 11:16 - 01336832 _____ () C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2014-04-10 20:33 - 2013-08-09 03:33 - 01114768 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
2014-04-10 20:33 - 2013-08-29 02:50 - 00894232 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
2014-01-13 12:24 - 2013-10-10 02:35 - 00879104 _____ () C:\Windows\AsusLauncherContextMenu64.dll
2014-04-10 20:32 - 2013-08-28 17:24 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-06-06 01:51 - 2013-06-06 01:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-06-06 01:51 - 2013-06-06 01:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2012-03-08 04:27 - 2012-03-08 04:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ACVsWin.dll
2013-08-16 10:25 - 2013-08-16 10:25 - 01255744 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe
2014-09-13 00:15 - 2014-07-22 09:53 - 00165376 _____ () C:\Program Files\PostgreSQL\9.3\lib\plpgsql.dll
2014-09-12 22:00 - 2014-09-12 22:00 - 00584000 _____ () C:\Program Files (x86)\PokerStars.EU\gameutil1.exe
2014-08-12 00:18 - 2014-08-12 00:18 - 00226304 _____ () C:\Program Files (x86)\PASG\TN2\TNv2Common.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00023552 _____ () C:\Program Files (x86)\PASG\TN2\TNLog.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00203264 _____ () C:\Program Files (x86)\PASG\TN2\TN2licensing.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00071680 _____ () C:\Program Files (x86)\PASG\TN2\TNRelRects.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00018944 _____ () C:\Program Files (x86)\PASG\TN2\TNUnfuscated.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00112128 _____ () C:\Program Files (x86)\PASG\TN2\TNCommonFT.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00061952 _____ () C:\Program Files (x86)\PASG\TN2\NinjaVision.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00051712 _____ () C:\Program Files (x86)\PASG\TN2\TNCommonPP.dll
2014-03-06 16:00 - 2014-03-06 16:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2014-04-10 20:33 - 2013-06-11 21:02 - 00068096 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\library\ProximityDll_CPP.dll
2014-04-10 20:32 - 2014-09-14 11:06 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-04-10 20:32 - 2010-06-29 04:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-04-10 20:26 - 2013-08-19 21:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-14 11:09 - 2014-09-12 04:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-30 15:58 - 2014-01-30 15:58 - 37016064 ____R () C:\Program Files (x86)\PokerTracker 4\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Dennis\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2014 10:56:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215d0bb
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d557d
Ausnahmecode: 0x00000004
Fehleroffset: 0x000000000000ab78
ID des fehlerhaften Prozesses: 0x19f4
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5
Error: (09/12/2014 11:17:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PokerTracker4.exe, Version: 4.11.11.0, Zeitstempel: 0x53da8901
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d45fa
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e2fd8
ID des fehlerhaften Prozesses: 0x1170
Startzeit der fehlerhaften Anwendung: 0xPokerTracker4.exe0
Pfad der fehlerhaften Anwendung: PokerTracker4.exe1
Pfad des fehlerhaften Moduls: PokerTracker4.exe2
Berichtskennung: PokerTracker4.exe3
Vollständiger Name des fehlerhaften Pakets: PokerTracker4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PokerTracker4.exe5
Error: (09/13/2014 06:00:35 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Die indizierten Daten von Windows Search für den Benutzer '<Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2014-09-13T04:00:35.000000000Z'/><EventRecordID>961</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Dennis</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440065006E006E00690073005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>' können im Zuge der Löschung des Benutzerprofils nicht entfernt werden. Fehlercode %2.
%3.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
System errors:
=============
Error: (09/14/2014 11:02:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (09/13/2014 11:48:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 13.09.2014 um 00:42:31 unerwartet heruntergefahren.
Error: (09/13/2014 11:47:55 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841146464
Error: (09/12/2014 11:42:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 12.09.2014 um 22:18:14 unerwartet heruntergefahren.
Error: (09/12/2014 11:40:47 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (09/12/2014 11:35:56 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (09/12/2014 11:35:26 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (09/12/2014 11:34:56 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (09/12/2014 11:17:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (09/12/2014 09:42:11 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Microsoft Office Sessions:
=========================
Error: (09/14/2014 10:56:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.163845215d0bbKERNELBASE.dll6.3.9600.16408523d557d00000004000000000000ab7819f401cfcff9ba9ba436C:\Windows\system32\wwahost.exeC:\Windows\system32\KERNELBASE.dllf9ec3e84-3bec-11e4-825e-54271ea445acmicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail
Error: (09/12/2014 11:17:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PokerTracker4.exe4.11.11.053da8901ntdll.dll6.3.9600.16408523d45fac0000374000e2fd8117001cfceced89ade3bC:\Program Files (x86)\PokerTracker 4\PokerTracker4.exeC:\Windows\SYSTEM32\ntdll.dll3db395eb-3ac2-11e4-8259-54271ea445ac
Error: (09/13/2014 06:00:35 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: <Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2014-09-13T04:00:35.000000000Z'/><EventRecordID>961</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Dennis</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440065006E006E00690073005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/CIMV2
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/subscription
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 8131.02 MB
Available physical RAM: 4341.23 MB
Total Pagefile: 10051.02 MB
Available Pagefile: 4360.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:102.42 GB) (Free:65.01 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.39 GB) (Free:931.18 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 895339B1)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
Baum-Darstellung