|
Log-Analyse und Auswertung: Farmaster.net nicht löschbarWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.09.2014, 23:53 | #1 |
| Farmaster.net nicht löschbar hallo forum ich habe folgendes problem wenn ich mein pc starte öffnet sich in chrome immer farmaster.net ich bekomme es einfach nicht weg ich suche seit tagen nach einer lösung manuelles löschen geht nicht spyhunter und adw cleaner bekommen es auch nicht raus ich weiß mir nicht mehr zu helfen ich hab frst.exe drüber laufen lassen hier sind die logs dazu hoffentlich könnt ihr mir helfen FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by Hausi (administrator) on HAUSI-PC on 19-09-2014 22:41:23 Running from C:\Users\Hausi\Desktop Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Jumping Bytes) C:\Program Files (x86)\PureSync\PureSyncTray.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Dropbox, Inc.) C:\Users\Hausi\AppData\Roaming\Dropbox\bin\Dropbox.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe () C:\Windows\SysWOW64\ASGT.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe (cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst II\spd.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-12] (Bitleader) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [CMD] => cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20140911 (exit) else (start hxxp://farmaster.net/ && exit) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe [5099840 2013-06-26] (ASUS Cloud Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.) HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [PureSync] => C:\Program Files (x86)\PureSync\PureSyncTray.exe [915120 2014-08-25] (Jumping Bytes) HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3113168 2012-12-27] (DT Soft Ltd) HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD) HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [GoogleChromeAutoLaunch_3F339158169F9F1532CF4D066D90CAC2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.) HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.) Startup: C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.) ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Hausi\AppData\Roaming\Mozilla\Firefox\Profiles\1e07yzpc.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hausi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26] Chrome: ======= CHR Profile: C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-29] CHR Extension: (Google Slides) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19] CHR Extension: (Google Docs) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19] CHR Extension: (Google Drive) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05] CHR Extension: (YouTube) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-27] CHR Extension: (Google Search) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-27] CHR Extension: (Google Sheets) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19] CHR Extension: (JDownloader Integration) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmochcijbhgjfdmojjenfabpafelhgdc [2014-07-27] CHR Extension: (JDownloader Integration for Google Chrome™) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2014-07-27] CHR Extension: (Two-Click JDownloader) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhooappahaeilmbekgcokgjjplambgo [2014-07-27] CHR Extension: (Into The Mist) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-09-19] CHR Extension: (Google Mail Checker) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-27] CHR Extension: (Google Wallet) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08] CHR Extension: (My Chrome Theme) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-07-27] CHR Extension: (Gmail) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-27] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-27] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-27] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-27] (AVAST Software) R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst II\spd.exe [860072 2012-08-09] (cFos Software GmbH) R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-06-27] (Portrait Displays, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251256 2010-10-28] (BUFFALO INC.) R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5739008 2011-12-05] (Native Instruments GmbH) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology) R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2013-01-08] () R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R2 AsRamDisk; C:\Windows\System32\DRIVERS\asramdisk.sys [105784 2013-05-13] (Asus) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-27] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-27] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-27] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-27] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-27] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-27] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-27] () S3 atillk64; C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.) S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21456 2012-12-20] (Olof Lagerkvist) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-08-15] (DT Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation) R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc) R3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [39080 2014-05-19] (Razer Inc) R3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [31400 2014-05-19] (Razer Inc) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 cleanhlp; \??\C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Virus\cleanhlp64.sys [X] S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-19 22:41 - 2014-09-19 22:41 - 00023045 _____ () C:\Users\Hausi\Desktop\FRST.txt 2014-09-19 22:41 - 2014-09-19 22:41 - 00000000 ____D () C:\FRST 2014-09-19 22:40 - 2014-09-19 22:40 - 02105856 _____ (Farbar) C:\Users\Hausi\Desktop\FRST64.exe 2014-09-19 02:30 - 2014-09-19 02:30 - 00000119 _____ () C:\Users\Hausi\Desktop\Farmaster.net nicht löschbar --( - Forum - CHIP Online.url 2014-09-19 02:25 - 2014-09-19 02:27 - 00114394 _____ () C:\Windows\DPINST.LOG 2014-09-19 02:25 - 2014-09-19 02:25 - 18056744 _____ (Razer Inc.) C:\Users\Hausi\Downloads\Razer_Synapse_Framework_V1.17.23.exe 2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Razer 2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2014-09-19 02:24 - 2014-09-19 02:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-09-19 02:23 - 2014-09-19 02:23 - 04901352 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\ccsetup417.exe 2014-09-19 02:23 - 2014-09-19 02:23 - 00713928 _____ ( ) C:\Users\Hausi\Downloads\FileExtractorSetup.exe 2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (2).exe 2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (1).exe 2014-09-19 01:53 - 2014-09-19 01:53 - 00135929 _____ () C:\Users\Hausi\Desktop\bookmarks_19.09.14.html 2014-09-19 01:51 - 2014-09-19 02:16 - 00000000 ____D () C:\Windows\system32\log 2014-09-19 01:50 - 2014-09-19 01:50 - 15568184 _____ (Elex do Brasil Participações Ltda) C:\Users\Hausi\Downloads\yet_another_cleaner_sk.exe 2014-09-18 23:45 - 2014-09-18 23:45 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group 2014-09-18 23:44 - 2014-09-19 01:56 - 00000000 ____D () C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP 2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Windows\ERUNT 2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Users\Hausi\Desktop\SpyHunter.v4.16.5.4290.inkl.Crack 2014-09-18 23:43 - 2014-09-18 23:43 - 01016830 _____ (Thisisu) C:\Users\Hausi\Downloads\JRT.exe 2014-09-18 23:38 - 2014-09-19 22:38 - 00003548 _____ () C:\Windows\setupact.log 2014-09-18 23:38 - 2014-09-18 23:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-18 23:31 - 2014-09-19 22:38 - 00005880 _____ () C:\Windows\PFRO.log 2014-09-18 23:31 - 2014-09-18 23:31 - 722053871 _____ () C:\Windows\MEMORY.DMP 2014-09-18 23:09 - 2014-09-18 23:09 - 00000000 _____ () C:\autoexec.bat 2014-09-18 23:06 - 2014-09-18 23:06 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-09-18 23:05 - 2014-09-18 23:29 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-09-18 23:02 - 2014-09-18 23:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer.exe 2014-09-18 22:57 - 2014-09-19 22:41 - 00027882 _____ () C:\Windows\WindowsUpdate.log 2014-09-14 16:23 - 2014-09-14 16:23 - 00000124 _____ () C:\Users\Hausi\Desktop\empfehlung zur osmoseanlage - riffaquaristikforum.de.url 2014-09-14 16:06 - 2014-09-14 16:06 - 00005572 _____ () C:\Users\Hausi\Downloads\af84wyx0rxv5j85.dlc 2014-09-14 15:56 - 2014-09-14 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-13 01:48 - 2014-09-13 01:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hausi\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-13 01:48 - 2014-09-13 01:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-13 01:42 - 2014-09-19 02:16 - 00000000 ____D () C:\AdwCleaner 2014-09-13 01:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-13 01:41 - 2014-09-13 01:41 - 01370467 _____ () C:\Users\Hausi\Downloads\adwcleaner_3.309 (1).exe 2014-09-13 01:41 - 2014-09-13 01:41 - 00000085 _____ () C:\Windows\wininit.ini 2014-09-13 01:39 - 2014-09-13 01:39 - 00816064 _____ ( ) C:\Users\Hausi\Downloads\adwcleaner_3.309_CB-DL-Manager.exe 2014-09-13 01:33 - 2014-09-13 01:44 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-09-13 01:33 - 2014-09-13 01:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-09-13 01:33 - 2014-09-13 01:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hausi\Downloads\spybot-2.4.exe 2014-09-13 01:33 - 2014-09-13 01:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-09-10 16:48 - 2014-09-10 18:01 - 00000000 ____D () C:\Users\Hausi\Documents\Garmin 2014-09-10 16:48 - 2014-09-10 18:01 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Garmin 2014-09-10 16:47 - 2014-09-10 18:01 - 00000000 ____D () C:\ProgramData\Garmin 2014-09-10 16:41 - 2014-09-10 18:01 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Garmin 2014-09-10 16:41 - 2014-09-10 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2014-09-10 16:41 - 2014-09-10 18:01 - 00000000 ____D () C:\Program Files (x86)\Garmin 2014-09-10 16:41 - 2014-09-10 16:48 - 00000000 ____D () C:\Program Files\DIFX 2014-09-10 16:41 - 2014-09-10 16:41 - 36576688 _____ (Garmin Ltd or its subsidiaries) C:\Users\Hausi\Downloads\GarminExpressInstaller.exe 2014-09-10 16:41 - 2014-09-10 16:41 - 11390192 _____ () C:\Users\Hausi\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe 2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\Program Files\Recuva 2014-09-10 16:28 - 2014-09-10 16:28 - 03161056 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\rcsetup151_slim.exe 2014-09-08 15:36 - 2014-09-08 15:36 - 00000147 _____ () C:\Users\Hausi\Desktop\mein erstes meerwasserbecken^^ anfängerfragen - Seite 6 - riffaquaristikforum.de.url 2014-09-08 15:15 - 2014-09-08 15:21 - 00000000 ____D () C:\Users\Hausi\Desktop\Neuer Ordner 2014-09-08 14:00 - 2014-09-15 22:45 - 00000000 ____D () C:\Users\Hausi\Documents\Outlook-Dateien 2014-09-07 13:13 - 2014-09-07 13:13 - 01067770 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM (1).zip 2014-09-07 13:12 - 2014-09-07 13:12 - 01062634 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM.zip 2014-09-06 23:55 - 2014-09-06 23:55 - 00079696 _____ (AppWork GmbH) C:\Users\Hausi\Downloads\Install.exe 2014-09-06 23:54 - 2014-09-06 23:54 - 31419822 _____ () C:\Users\Hausi\Downloads\JDownloader.zip 2014-09-06 00:15 - 2014-09-06 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast 2014-09-05 18:59 - 2014-09-05 19:02 - 528699198 _____ () C:\Users\Hausi\Downloads\The Forest vo.o6.7z 2014-09-05 18:57 - 2014-09-05 18:57 - 02034552 _____ () C:\Users\Hausi\Downloads\winrar-x64-511d.exe 2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\1170 2014-09-05 11:35 - 2012-11-26 11:10 - 00221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx 2014-09-05 11:35 - 2011-01-12 13:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71deu.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ita.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71fra.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71esp.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71enu.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71kor.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71jpn.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71cht.dll 2014-09-05 11:35 - 2011-01-12 13:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71chs.dll 2014-09-05 11:35 - 2011-01-12 13:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll 2014-09-05 11:35 - 2011-01-12 12:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll 2014-09-05 11:35 - 2010-02-16 14:22 - 00443488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshflxgd.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00415552 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00258880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00252240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00215880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00178512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00170080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00126800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00119616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00107840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll 2014-09-05 11:35 - 2010-02-16 14:22 - 00100160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx 2014-09-05 11:35 - 2010-02-16 14:22 - 00080208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx 2014-09-05 11:35 - 2007-01-30 22:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2014-09-05 11:35 - 2006-08-26 00:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll 2014-09-05 11:35 - 2006-08-26 00:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll 2014-09-05 11:35 - 2006-08-26 00:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll 2014-09-05 11:35 - 2006-08-25 23:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll 2014-09-05 11:35 - 2006-04-10 13:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl32.ocx 2014-09-05 11:35 - 2005-01-20 19:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll 2014-09-05 11:35 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll 2014-09-05 11:35 - 2001-08-23 00:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll 2014-09-05 11:35 - 1996-01-12 03:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll 2014-09-05 11:35 - 1993-07-23 19:31 - 00210944 _____ () C:\Windows\SysWOW64\msvcrt10.dll 2014-09-04 20:41 - 2014-09-04 20:41 - 00000000 ____D () C:\Users\Hausi\AppData\Local\4kdownload.com 2014-09-04 20:40 - 2014-09-04 20:40 - 22806384 _____ (Open Media LLC ) C:\Users\Hausi\Downloads\4kvideodownloader_3.4.1.exe 2014-09-04 15:09 - 2014-09-04 15:09 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-09-04 15:03 - 2014-09-04 18:59 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Origin 2014-09-04 15:03 - 2014-09-04 15:09 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Origin 2014-09-04 15:02 - 2014-09-13 01:31 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-04 15:02 - 2014-09-11 16:17 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-04 15:02 - 2014-09-04 15:02 - 01141680 _____ () C:\Users\Hausi\Downloads\SteamSetup.exe 2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-09-04 15:01 - 2014-09-04 15:02 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Hausi\Downloads\OriginThinSetup.exe 2014-09-03 16:56 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-09-03 15:50 - 2014-09-03 15:51 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\Documents\DVDFab9 2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DVDFab9 2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 2014-09-03 14:05 - 2014-09-03 14:05 - 00098197 _____ () C:\Users\Hausi\Downloads\royal_initialen.zip 2014-08-26 19:35 - 2014-09-11 17:14 - 00000000 ____D () C:\ProgramData\Origin 2014-08-26 19:20 - 2014-08-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync 2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\Program Files (x86)\PureSync 2014-08-24 14:39 - 2014-08-24 18:49 - 00000015 _____ () C:\Users\Hausi\AppData\Roaming\AquaCalculatorBL.AUsr 2014-08-24 14:39 - 2014-08-24 16:54 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\AquaCalculator 2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaCalculator 2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\Program Files (x86)\AquaCalculator 2014-08-22 20:34 - 2014-08-22 20:34 - 00000000 _____ () C:\dummy.wav 2014-08-22 12:09 - 2014-09-18 23:31 - 00000000 ____D () C:\Windows\Minidump ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-19 22:41 - 2014-09-19 22:41 - 00023045 _____ () C:\Users\Hausi\Desktop\FRST.txt 2014-09-19 22:41 - 2014-09-19 22:41 - 00000000 ____D () C:\FRST 2014-09-19 22:41 - 2014-09-18 22:57 - 00027882 _____ () C:\Windows\WindowsUpdate.log 2014-09-19 22:40 - 2014-09-19 22:40 - 02105856 _____ (Farbar) C:\Users\Hausi\Desktop\FRST64.exe 2014-09-19 22:38 - 2014-09-18 23:38 - 00003548 _____ () C:\Windows\setupact.log 2014-09-19 22:38 - 2014-09-18 23:31 - 00005880 _____ () C:\Windows\PFRO.log 2014-09-19 22:38 - 2014-08-15 01:28 - 01048576 _____ () C:\Windows\PE_Rom.dll 2014-09-19 22:38 - 2014-08-12 18:25 - 00000344 _____ () C:\Windows\lgfwup.ini 2014-09-19 22:38 - 2014-08-12 18:25 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate 2014-09-19 22:38 - 2014-08-02 16:48 - 00000000 ___RD () C:\Users\Hausi\Dropbox 2014-09-19 22:38 - 2014-08-02 16:44 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Dropbox 2014-09-19 22:38 - 2014-07-08 10:22 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-09-19 22:38 - 2014-07-08 10:06 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-19 22:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-19 11:47 - 2014-07-08 10:06 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-19 11:39 - 2014-07-11 22:29 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\vlc 2014-09-19 11:20 - 2014-07-08 10:36 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-09-19 11:19 - 2014-07-09 10:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-19 11:17 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-19 11:17 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-19 11:16 - 2011-04-12 09:43 - 00702198 _____ () C:\Windows\system32\perfh007.dat 2014-09-19 11:16 - 2011-04-12 09:43 - 00149836 _____ () C:\Windows\system32\perfc007.dat 2014-09-19 11:16 - 2009-07-14 07:13 - 01627004 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-19 11:15 - 2014-08-15 01:39 - 00000000 _____ () C:\Windows\Path.idx 2014-09-19 02:31 - 2014-07-08 10:34 - 00000000 ____D () C:\Users\Hausi\Desktop\Programme 2014-09-19 02:30 - 2014-09-19 02:30 - 00000119 _____ () C:\Users\Hausi\Desktop\Farmaster.net nicht löschbar --( - Forum - CHIP Online.url 2014-09-19 02:30 - 2009-07-14 06:45 - 05120944 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-19 02:27 - 2014-09-19 02:25 - 00114394 _____ () C:\Windows\DPINST.LOG 2014-09-19 02:27 - 2014-07-08 10:38 - 00000000 ____D () C:\Program Files (x86)\Razer 2014-09-19 02:26 - 2014-07-27 16:20 - 00112760 _____ () C:\Users\Hausi\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-19 02:26 - 2014-07-08 10:38 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Razer 2014-09-19 02:25 - 2014-09-19 02:25 - 18056744 _____ (Razer Inc.) C:\Users\Hausi\Downloads\Razer_Synapse_Framework_V1.17.23.exe 2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Razer 2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2014-09-19 02:24 - 2014-09-19 02:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-09-19 02:24 - 2014-07-10 09:55 - 00000000 ____D () C:\Program Files\CCleaner 2014-09-19 02:23 - 2014-09-19 02:23 - 04901352 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\ccsetup417.exe 2014-09-19 02:23 - 2014-09-19 02:23 - 00713928 _____ ( ) C:\Users\Hausi\Downloads\FileExtractorSetup.exe 2014-09-19 02:17 - 2014-07-26 14:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (2).exe 2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (1).exe 2014-09-19 02:16 - 2014-09-19 01:51 - 00000000 ____D () C:\Windows\system32\log 2014-09-19 02:16 - 2014-09-13 01:42 - 00000000 ____D () C:\AdwCleaner 2014-09-19 01:56 - 2014-09-18 23:44 - 00000000 ____D () C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP 2014-09-19 01:53 - 2014-09-19 01:53 - 00135929 _____ () C:\Users\Hausi\Desktop\bookmarks_19.09.14.html 2014-09-19 01:50 - 2014-09-19 01:50 - 15568184 _____ (Elex do Brasil Participações Ltda) C:\Users\Hausi\Downloads\yet_another_cleaner_sk.exe 2014-09-18 23:45 - 2014-09-18 23:45 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group 2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Windows\ERUNT 2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Users\Hausi\Desktop\SpyHunter.v4.16.5.4290.inkl.Crack 2014-09-18 23:43 - 2014-09-18 23:43 - 01016830 _____ (Thisisu) C:\Users\Hausi\Downloads\JRT.exe 2014-09-18 23:38 - 2014-09-18 23:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-18 23:31 - 2014-09-18 23:31 - 722053871 _____ () C:\Windows\MEMORY.DMP 2014-09-18 23:31 - 2014-08-22 12:09 - 00000000 ____D () C:\Windows\Minidump 2014-09-18 23:29 - 2014-09-18 23:05 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-09-18 23:09 - 2014-09-18 23:09 - 00000000 _____ () C:\autoexec.bat 2014-09-18 23:06 - 2014-09-18 23:06 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-09-18 23:02 - 2014-09-18 23:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer.exe 2014-09-18 11:08 - 2014-08-02 16:44 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-09-17 23:49 - 2014-07-09 09:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-17 00:31 - 2014-07-27 14:20 - 00044032 _____ () C:\Users\Hausi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-15 22:45 - 2014-09-08 14:00 - 00000000 ____D () C:\Users\Hausi\Documents\Outlook-Dateien 2014-09-14 23:52 - 2014-07-08 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-14 16:23 - 2014-09-14 16:23 - 00000124 _____ () C:\Users\Hausi\Desktop\empfehlung zur osmoseanlage - riffaquaristikforum.de.url 2014-09-14 16:06 - 2014-09-14 16:06 - 00005572 _____ () C:\Users\Hausi\Downloads\af84wyx0rxv5j85.dlc 2014-09-14 15:56 - 2014-09-14 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-13 01:54 - 2014-07-08 10:34 - 00000000 ____D () C:\Users\Hausi\Desktop\Spiele 2014-09-13 01:48 - 2014-09-13 01:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hausi\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-13 01:48 - 2014-09-13 01:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-13 01:44 - 2014-09-13 01:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-09-13 01:41 - 2014-09-13 01:41 - 01370467 _____ () C:\Users\Hausi\Downloads\adwcleaner_3.309 (1).exe 2014-09-13 01:41 - 2014-09-13 01:41 - 00000085 _____ () C:\Windows\wininit.ini 2014-09-13 01:41 - 2014-09-13 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-09-13 01:39 - 2014-09-13 01:39 - 00816064 _____ ( ) C:\Users\Hausi\Downloads\adwcleaner_3.309_CB-DL-Manager.exe 2014-09-13 01:33 - 2014-09-13 01:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hausi\Downloads\spybot-2.4.exe 2014-09-13 01:33 - 2014-09-13 01:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-09-13 01:31 - 2014-09-04 15:02 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-13 01:31 - 2014-08-15 01:28 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DAEMON Tools Pro 2014-09-11 17:14 - 2014-08-26 19:35 - 00000000 ____D () C:\ProgramData\Origin 2014-09-11 16:17 - 2014-09-04 15:02 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-10 23:19 - 2014-07-09 10:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-10 23:19 - 2014-07-09 10:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-10 23:19 - 2014-07-09 10:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-10 18:01 - 2014-09-10 16:48 - 00000000 ____D () C:\Users\Hausi\Documents\Garmin 2014-09-10 18:01 - 2014-09-10 16:48 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Garmin 2014-09-10 18:01 - 2014-09-10 16:47 - 00000000 ____D () C:\ProgramData\Garmin 2014-09-10 18:01 - 2014-09-10 16:41 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Garmin 2014-09-10 18:01 - 2014-09-10 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2014-09-10 18:01 - 2014-09-10 16:41 - 00000000 ____D () C:\Program Files (x86)\Garmin 2014-09-10 18:01 - 2014-07-09 09:50 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-10 16:48 - 2014-09-10 16:41 - 00000000 ____D () C:\Program Files\DIFX 2014-09-10 16:41 - 2014-09-10 16:41 - 36576688 _____ (Garmin Ltd or its subsidiaries) C:\Users\Hausi\Downloads\GarminExpressInstaller.exe 2014-09-10 16:41 - 2014-09-10 16:41 - 11390192 _____ () C:\Users\Hausi\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe 2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\Program Files\Recuva 2014-09-10 16:28 - 2014-09-10 16:28 - 03161056 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\rcsetup151_slim.exe 2014-09-10 10:15 - 2014-08-05 11:42 - 00000000 ____D () C:\Users\Hausi\Documents\Electronic Arts 2014-09-10 10:12 - 2014-07-09 22:21 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-09-08 15:36 - 2014-09-08 15:36 - 00000147 _____ () C:\Users\Hausi\Desktop\mein erstes meerwasserbecken^^ anfängerfragen - Seite 6 - riffaquaristikforum.de.url 2014-09-08 15:30 - 2014-08-17 21:22 - 00001456 _____ () C:\Users\Hausi\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-09-08 15:21 - 2014-09-08 15:15 - 00000000 ____D () C:\Users\Hausi\Desktop\Neuer Ordner 2014-09-08 03:16 - 2014-08-17 17:09 - 00000688 _____ () C:\Windows\MB.idx 2014-09-07 13:13 - 2014-09-07 13:13 - 01067770 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM (1).zip 2014-09-07 13:12 - 2014-09-07 13:12 - 01062634 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM.zip 2014-09-06 23:55 - 2014-09-06 23:55 - 00079696 _____ (AppWork GmbH) C:\Users\Hausi\Downloads\Install.exe 2014-09-06 23:54 - 2014-09-06 23:54 - 31419822 _____ () C:\Users\Hausi\Downloads\JDownloader.zip 2014-09-06 17:46 - 2014-07-09 10:10 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Awesomium 2014-09-06 00:15 - 2014-09-06 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast 2014-09-05 19:02 - 2014-09-05 18:59 - 528699198 _____ () C:\Users\Hausi\Downloads\The Forest vo.o6.7z 2014-09-05 18:57 - 2014-09-05 18:57 - 02034552 _____ () C:\Users\Hausi\Downloads\winrar-x64-511d.exe 2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\1170 2014-09-04 20:43 - 2014-07-29 14:21 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DVDVideoSoft 2014-09-04 20:43 - 2014-07-29 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2014-09-04 20:43 - 2014-07-29 14:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2014-09-04 20:41 - 2014-09-04 20:41 - 00000000 ____D () C:\Users\Hausi\AppData\Local\4kdownload.com 2014-09-04 20:40 - 2014-09-04 20:40 - 22806384 _____ (Open Media LLC ) C:\Users\Hausi\Downloads\4kvideodownloader_3.4.1.exe 2014-09-04 18:59 - 2014-09-04 15:03 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Origin 2014-09-04 17:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-09-04 17:32 - 2014-08-13 02:10 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Nero 2014-09-04 17:31 - 2014-08-15 20:23 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\dvdcss 2014-09-04 17:30 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-09-04 15:09 - 2014-09-04 15:09 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-09-04 15:09 - 2014-09-04 15:03 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Origin 2014-09-04 15:02 - 2014-09-04 15:02 - 01141680 _____ () C:\Users\Hausi\Downloads\SteamSetup.exe 2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-09-04 15:02 - 2014-09-04 15:01 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Hausi\Downloads\OriginThinSetup.exe 2014-09-04 15:02 - 2014-09-03 16:56 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-09-03 15:51 - 2014-09-03 15:50 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\Documents\DVDFab9 2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DVDFab9 2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 2014-09-03 14:05 - 2014-09-03 14:05 - 00098197 _____ () C:\Users\Hausi\Downloads\royal_initialen.zip 2014-09-02 20:21 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-31 11:45 - 2014-07-09 09:36 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DAEMON Tools Lite 2014-08-26 19:20 - 2014-08-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-08-26 19:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync 2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\Program Files (x86)\PureSync 2014-08-25 16:34 - 2014-07-09 21:48 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Jumping Bytes 2014-08-24 18:49 - 2014-08-24 14:39 - 00000015 _____ () C:\Users\Hausi\AppData\Roaming\AquaCalculatorBL.AUsr 2014-08-24 16:54 - 2014-08-24 14:39 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\AquaCalculator 2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaCalculator 2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\Program Files (x86)\AquaCalculator 2014-08-22 21:01 - 2014-08-18 14:06 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Adobe 2014-08-22 20:34 - 2014-08-22 20:34 - 00000000 _____ () C:\dummy.wav Some content of TEMP: ==================== C:\Users\Hausi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphcupwp.dll C:\Users\Hausi\AppData\Local\Temp\Quarantine.exe C:\Users\Hausi\AppData\Local\Temp\SHSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-18 01:11 ==================== End Of Log ============================ FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014 Ran by Hausi at 2014-09-19 22:41:39 Running from C:\Users\Hausi\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.) AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{22E2B25B-2FFE-1A69-E591-55DD72BC5F5B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AmpliTube 3 version 3.8.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.8.0 - IK Multimedia) ANNO 2070 - Complete Edition (HKLM-x32\...\{4916C011-3048-456A-8F34-1A5DF90ECC2B}_is1) (Version: 2.00.7780 - RAF) Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Aqua Calculator Version 4.0 (HKLM-x32\...\{957493A6-E72E-4477-931A-4AFABFBCC3EB}_is1) (Version: 4.0 - Kuhn Software Development (HSK)) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.) ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (x32 Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.) Auto Keyboard v1.3 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 1.3 - MurGee.com) Avast License by ZeNiX [2014-01-11] (HKLM-x32\...\Avast_2050_ZeNiX [2014-01-11]_is1) (Version: - ) avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: - ) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.) Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.) Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.) Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Profiles Desktop (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform) CPUID ROG CPU-Z 1.65 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.65 - CPUID, Inc.) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0350 - DT Soft Ltd) Daylight Version 1.2 (HKLM-x32\...\Daylight_is1) (Version: 1.2 - Zombie Studios) Divinity Original Sin (HKLM-x32\...\Divinity Original Sin_is1) (Version: 1.0 - ENiGMA) Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) DVDFab 9.1.6.4 (21/08/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.) E3MC - Windows Shutdown Timer v5.7 Full (HKLM-x32\...\{8A5458F0-0F3A-486E-8436-6CF05977093F}) (Version: 5.7.0.0 - E3MC Clan) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Free Mouse Auto Clicker 3.0 (HKLM-x32\...\{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1) (Version: - Advanced Mouse Auto Clicker ltd.) Free MP4 Video Converter version 5.0.45.806 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.45.806 - DVDVideoSoft Ltd.) Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.8.820 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.42.716 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.42.716 - DVDVideoSoft Ltd.) Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden GRID Autosport Limited Black Edition MULTi2 1.0 (HKLM-x32\...\GRID Autosport Limited Black Edition MULTi2 1.0) (Version: - ) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Guitar Pro 6 [cw2k Edition] Version 6.1.5 r11553 (HKLM-x32\...\Guitar Pro 6 [cw2k Edition]_is1) (Version: 6.1.5 r11553 - Arobas Music) HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 2.10.009 - Portrait Displays, Inc.) HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden IK Multimedia Authorization Manager version 1.0.5 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.5 - IK Multimedia) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel) Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) K-Lite Codec Pack 9.9.9 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.9 - ) LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.) Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.01 - ASUSTeK Computer Inc.) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation) Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments) Native Instruments Controller Editor (Version: 1.4.3.891 - Native Instruments) Hidden Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments) Native Instruments Guitar Rig 5 (Version: 5.1.0.2641 - Native Instruments) Hidden Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments) Native Instruments Rig Kontrol 3 (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments) Native Instruments Service Center (Version: 2.3.2.926 - Native Instruments) Hidden Nero 2014 (HKLM-x32\...\{CFF19D4A-F26D-4C6C-8535-A7C9107C9027}) (Version: 15.0.07100 - Nero AG) Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden Nero Disc to Device (x32 Version: 15.0.12032 - Nero AG) Hidden Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden Nero Express (x32 Version: 15.0.25001 - Nero AG) Hidden Nero Express Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG) Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden Nero Launcher (x32 Version: 15.0.12000 - Nero AG) Hidden Nero MediaHome (x32 Version: 1.22.3600 - Nero AG) Hidden Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden Nero Recode (x32 Version: 15.0.25000 - Nero AG) Hidden Nero Recode Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden Nero Video (x32 Version: 15.0.23000 - Nero AG) Hidden Nero Video Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.7 - Google) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Outlast Version 1.0.12046.0 (HKLM-x32\...\Outlast_is1) (Version: 1.0.12046.0 - Red Barrels) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) Photomatix Pro Version 5.0.4 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.4 - HDRsoft Ltd) Pivot Software (x32 Version: 9.03.004 - Portrait Displays, Inc.) Hidden Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden PureSync (x32 Version: 3.8.1 - Jumping Bytes) Hidden PureSync 3.8.1 (HKLM-x32\...\PureSync) (Version: 3.8.1 - Jumping Bytes) QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.) RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version: - ) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) ReValver Mk III (HKLM-x32\...\ReValver Mk III_is1) (Version: - ) ReValver Mk IIIdotV x64 (HKLM\...\ReValver Mk IIIdotV x64_is1) (Version: - ) ROG GameFirst II v8.03 (HKLM\...\ROG GameFirst II) (Version: 8.03 - cFos Software GmbH, Bonn) ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.01.01 - ASUSTeK Computer Inc.) SDK (x32 Version: 2.40.012 - Portrait Displays, Inc.) Hidden Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.6.4 - Shark007) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Sonic Radar (HKLM\...\{4AD04041-F286-4690-8555-38F175F0B50C}) (Version: 1.0.801 - ASUSTeKcomputer.Inc) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios) UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - ) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.1.213 - ASUS Cloud Corporation) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 10-09-2014 08:12:28 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 10-09-2014 08:15:26 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 10-09-2014 14:47:43 Garmin Express 10-09-2014 14:47:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 10-09-2014 16:01:18 Garmin Express 17-09-2014 23:18:29 Geplanter Prüfpunkt 18-09-2014 21:06:00 Installed SpyHunter 18-09-2014 21:29:23 Removed SpyHunter 18-09-2014 21:45:01 Installed SpyHunter 18-09-2014 23:55:41 Removed SpyHunter 19-09-2014 00:25:19 Removed Razer Synapse 2.0. 19-09-2014 00:25:53 Installed Razer Synapse 2.0. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-08-13 02:14 - 00005813 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 my.nero.com 127.0.0.1 secure.nero.com 127.0.0.1 activation.nero.com 127.0.0.1 Nero - CD DVD Burning, Video Editing Software, Backup Software - Official Site 127.0.0.1 Nero - 127.0.0.1 Nero - 127.0.0.1 Nero - Error2 127.0.0.1 Nero - 127.0.0.1 Nero - 127.0.0.1 Nero - Customer service and technical support 127.0.0.1 Nero - Nero Upgrade Center 127.0.0.1 Nero - Support - Customer Service - Product Registration 127.0.0.1 Nero - CD DVD Burning, Video Editing Software, Backup Software - Official Site 127.0.0.1 Nero - Error2 127.0.0.1 Nero - Support - Nero 8 - Overview 127.0.0.1 my.nero.com 127.0.0.1 secure.nero.com/us/secure.asp 127.0.0.1 activation@nero.com 127.0.0.1 registernero.com 127.0.0.1 Registernero.com 127.0.0.1 nero.com 127.0.0.1 Nero - Privacy. 127.0.0.1 legal@nero.com 127.0.0.1 support.nero.com 127.0.0.1 activate.adobe.com 127.0.0.1 192.150.14.69 127.0.0.1 192.150.18.101 127.0.0.1 192.150.18.108 127.0.0.1 192.150.22.40 There are 110 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {08ECF083-A544-4E43-87BC-97BB363BD4A1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.) Task: {1169B9F0-A0FE-4A25-AA31-91738DA977D8} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] () Task: {1E2A899B-8767-4ED9-871D-4C27B599EE71} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-27] (AVAST Software) Task: {2B816361-414C-4C59-9AB9-93EE62EF38DE} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.) Task: {36FC76CF-1871-46EC-A2B6-413B5223EE2A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.) Task: {3C26770F-2B81-48C9-B2C5-226F2923E6C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-08] (Google Inc.) Task: {3CC07351-D7DD-44AA-9788-A56B8CDD976F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-08] (Google Inc.) Task: {4FC94CD1-3BA6-4A68-A6B7-71C41CC37420} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG) Task: {68ED2931-7185-4007-801C-84925DEF52AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {949989AB-40A8-4B9A-9916-B26178EEABB1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated) Task: {A5A0A30F-71BF-40EC-BEAB-151B16203D99} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {AFB6E6E5-5820-4B7E-A434-7413CA13C13D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd) Task: {E9E35F46-8D3A-4BA2-AB9D-61D249CC6ECB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {EFEE48D6-240C-42B5-83F8-6962EFD21AA1} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-06-01 11:42 - 2012-06-01 11:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 2014-08-15 01:26 - 2013-07-24 10:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 2014-08-15 01:25 - 2013-08-08 14:34 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2014-07-27 16:21 - 2014-07-27 16:21 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-09-19 00:18 - 2014-09-19 00:18 - 02864128 _____ () C:\Program Files\AVAST Software\Avast\defs\14091804\algo.dll 2014-09-19 22:38 - 2014-09-19 22:38 - 02864128 _____ () C:\Program Files\AVAST Software\Avast\defs\14091901\algo.dll 2014-09-19 22:38 - 2014-09-19 22:38 - 00043008 _____ () c:\users\hausi\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphcupwp.dll 2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Hausi\AppData\Roaming\Dropbox\bin\libcef.dll 2014-08-15 01:29 - 2014-09-19 22:38 - 00031232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2014-08-15 01:29 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2014-07-27 16:21 - 2014-07-27 16:21 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-08-15 01:26 - 2013-07-31 20:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 2014-08-15 01:26 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll 2014-08-15 01:25 - 2013-08-07 19:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2014-08-15 01:25 - 2013-08-08 14:41 - 02747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll 2014-08-15 01:26 - 2013-08-29 15:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 2014-08-15 01:25 - 2013-06-04 11:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2014-08-15 01:25 - 2013-08-07 19:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll 2014-08-15 01:25 - 2013-08-08 14:35 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll 2014-08-15 01:26 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll 2014-08-15 01:25 - 2013-08-07 19:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll 2014-08-15 01:25 - 2013-08-07 19:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll 2014-08-15 01:25 - 2013-08-08 14:34 - 00190464 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll 2014-08-15 01:25 - 2013-08-08 14:34 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2014-08-15 01:25 - 2013-08-08 14:34 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll 2014-08-15 01:25 - 2013-08-08 14:34 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2014-08-15 01:25 - 2013-08-08 14:34 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2014-07-08 10:10 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide MSCONFIG\startupreg: MurGee.com Auto Keyboard => C:\ProgramData\Auto Keyboard\AutoKeyboard.exe :silent MSCONFIG\startupreg: ROG GameFirst II => C:\Program Files\ASUS\ROG GameFirst II\cFosSpeed.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/19/2014 10:38:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 11:57:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000007af2 ID des fehlerhaften Prozesses: 0xea0 Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0 Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1 Pfad des fehlerhaften Moduls: LVPrcSrv.exe2 Berichtskennung: LVPrcSrv.exe3 Error: (09/19/2014 11:10:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 02:32:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000007af2 ID des fehlerhaften Prozesses: 0xe8c Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0 Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1 Pfad des fehlerhaften Moduls: LVPrcSrv.exe2 Berichtskennung: LVPrcSrv.exe3 Error: (09/19/2014 02:32:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 02:31:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000007af2 ID des fehlerhaften Prozesses: 0xf28 Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0 Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1 Pfad des fehlerhaften Moduls: LVPrcSrv.exe2 Berichtskennung: LVPrcSrv.exe3 Error: (09/19/2014 02:30:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 02:30:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000007af2 ID des fehlerhaften Prozesses: 0xe2c Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0 Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1 Pfad des fehlerhaften Moduls: LVPrcSrv.exe2 Berichtskennung: LVPrcSrv.exe3 Error: (09/19/2014 02:25:53 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetDiskComponents" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070057, Falscher Parameter. . Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: ASR Writer Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd} Error: (09/19/2014 02:25:19 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetDiskComponents" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070057, Falscher Parameter. . Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: ASR Writer Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd} System errors: ============= Error: (09/19/2014 10:38:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (09/19/2014 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/19/2014 11:10:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (09/19/2014 02:32:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/19/2014 02:32:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (09/19/2014 02:31:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/19/2014 02:30:55 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (09/19/2014 02:30:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/19/2014 02:21:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (09/19/2014 02:20:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office Sessions: ========================= Error: (09/19/2014 10:38:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 11:57:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2ea001cfd3e98f0084c7C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe6387a098-3fe3-11e4-a654-e03f49866ddd Error: (09/19/2014 11:10:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 02:32:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2e8c01cfd3a12e84a608C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe77f33873-3f94-11e4-8970-e03f49866ddd Error: (09/19/2014 02:32:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 02:31:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2f2801cfd3a0f84a3b4eC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe555c4e90-3f94-11e4-885c-e03f49866ddd Error: (09/19/2014 02:30:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2014 02:30:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2e2c01cfd39fa95eca93C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe1fbb6786-3f94-11e4-a7e6-e03f49866ddd Error: (09/19/2014 02:25:53 AM) (Source: VSS) (EventID: 8193) (User: ) Description: IVssAsrWriterBackup::GetDiskComponents0x80070057, Falscher Parameter. Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: ASR Writer Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd} Error: (09/19/2014 02:25:19 AM) (Source: VSS) (EventID: 8193) (User: ) Description: IVssAsrWriterBackup::GetDiskComponents0x80070057, Falscher Parameter. Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: ASR Writer Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd} ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Percentage of memory in use: 23% Total physical RAM: 8129.61 MB Available physical RAM: 6221.25 MB Total Pagefile: 16257.4 MB Available Pagefile: 14180.51 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.47 GB) (Free:129.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Volume) (Fixed) (Total:784.83 GB) (Free:520.69 GB) NTFS Drive f: (Sicherung) (Fixed) (Total:146.48 GB) (Free:50 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 389E5E84) Partition 1: (Active) - (Size=223.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
20.09.2014, 00:12 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Farmaster.net nicht löschbar Hi,
__________________das mit der illegalen Software wurde dir von den Kollegen aus dem Chip-Forum bereits erklärt => http://forum.chip.de/viren-trojaner-...r-1810649.html Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ |
20.09.2014, 00:17 | #3 |
| Farmaster.net nicht löschbar ok also nero und photoshop ?
__________________wo kann man das denn da lesen |
20.09.2014, 00:32 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Farmaster.net nicht löschbarZitat:
Hast du selbst den Überblick über deine gecrackte Software verloren?
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Farmaster.net nicht löschbar |
4d36e972-e325-11ce-bfc1-08002be10318, adware, antivirus, avast, branding, browser, ccsetup, computer, converter, cpu-z, defender, dvdvideosoft ltd., error, excel, failed, flash player, google, helper, iexplore.exe, lws.exe, mozilla, photoshop, problem, registry, security, services.exe, software, svchost.exe, system, teredo, usb, windows |