| |
| |||||||
Alles rund um Windows: Einige Programme starten nicht mehr unter Windows 7Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
25.05.2015, 15:58
| #1 |
| |  Problem: Einige Programme starten nicht mehr unter Windows 7 Hallo ich hoffe Ihr könnt mir weiterhelfen. Seit der Computer beim Zocken vorgestern einmal abgestürzt ist, fuhr er nicht mehr richtig hoch bzw. ich hatte nur einen schwarzen Bildschirm. Heute nach einer gründlichen Entstaubung, und dem Herausnehmen der einzelnen Komponenten RAM, Grafikkarte, Festplatte fährt der Computer wieder hoch. Aber seitdem starten einige Programme nicht mehr. Darunter z.B. Google Chrome, League of Legends. Auch als Administrator lassen sich diese nicht starten. Eine Fehlermeldung erscheint nicht, auch beim Beobachten des Taskmanagers fällt nur auf, dass der entsprechende Prozess kurz gestartet wird und dann sang und klanglos wieder verschwindet! Danach habe ich versucht einen Systemwiederherstellungspunkt zu benutzen, leider schlägt die Systemwiederherstellung immer mit einem unbekannten Fehler fehl. Komisch ist, das Firefox und IE starten. Genauso VLC und WMP. Auch sonst verhält sich der Rechner "normal". |
|
25.05.2015, 16:18
| #2 |
| /// the machine /// TB-Ausbilder    | Einige Programme starten nicht mehr unter Windows 7 Anleitung / Hilfe hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
25.05.2015, 17:06
| #3 |
| | Einige Programme starten nicht mehr unter Windows 7 DetailsCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01 Ran by nIKON (administrator) on PANDORASBOXIII on 25-05-2015 16:12:43 Running from C:\Users\nIKON\Downloads Loaded Profiles: nIKON (Available Profiles: nIKON & Gast) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe () C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe () C:\Windows\SysWOW64\DVAPTray.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files (x86)\Dell\Stage Remote\DMR.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Google Inc.) C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor) HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] () HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] () HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.) HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] () HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] () HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.) HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [DVAPTray] => C:\Windows\SysWOW64\DVAPTray.exe [192512 2012-06-08] () HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-25] (AVAST Software) HKLM-x32\...\Run: [My Movies Tray] => C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe [496160 2014-10-05] (Binnerup Consult) HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-15] (Samsung) HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [MusicManager] => C:\Users\nIKON\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-04-01] (Google Inc.) HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [Google Update] => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.) HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung) HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-15] (Samsung) HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [Amazon Music] => C:\Users\nIKON\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] () HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MountPoints2: {2d7d0c93-0b47-11e3-8321-180373b0859f} - E:\Setup.exe HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MountPoints2: {57fee42a-37d9-11e3-8120-180373b0859f} - E:\Unlock.exe autoplay=true HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MountPoints2: {99b0bc9f-1773-11e1-a409-180373b0859f} - I:\autorun_setup.bat HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2014-04-10] ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2013-03-29] ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2014-04-10] ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.) Startup: C:\Users\nIKON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2014-11-17] ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-10-03] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 SearchScopes: HKLM -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope value is missing SearchScopes: HKLM-x32 -> {8EE7BF29-2CA5-43A6-9524-945D37D2F8BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere SearchScopes: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere SearchScopes: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> {ADB07F51-995B-4511-8E8C-8D1218214ADD} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=12215ba5-44af-4029-abee-a0e8fb42599f&apn_sauid=2C96D840-C81C-4571-936A-1CD9DA5FE15D BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-14] (Oracle Corporation) BHO: No Name -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> No File BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-03] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-14] (Oracle Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26] (DivX, LLC) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-14] (Oracle Corporation) BHO-x32: No Name -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> No File BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-03] (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-14] (Oracle Corporation) BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll No File Toolbar: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default FF SearchEngineOrder.1: FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\system32\npdeployJava1.dll [2015-02-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-08] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-11-08] (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-02-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin HKU\S-1-5-21-1110382986-3051645244-2528077214-1000: @tools.google.com/Google Update;version=3 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin HKU\S-1-5-21-1110382986-3051645244-2528077214-1000: @tools.google.com/Google Update;version=9 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin HKU\S-1-5-21-1110382986-3051645244-2528077214-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\nIKON\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-11-02] (Unity Technologies ApS) FF user.js: detected! => C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\user.js [2014-09-05] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-07-14] (Apple Inc.) FF Extension: FireShot - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-03-30] FF Extension: iMacros for Firefox - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-04-11] FF Extension: ReminderFox - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2015-01-07] FF Extension: DownloadHelper - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05] FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2011-10-14] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-25] FF HKLM-x32\...\Firefox\Extensions: [fe_10.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_10.0 FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-16] FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-04-25] FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-04-25] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= CHR Profile: C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Freemake Video Downloader) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-04-29] CHR Extension: (Freemake Youtube Download Button) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-04-29] CHR Extension: (avast! Ad Blocker) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-06-16] CHR Extension: (No Name) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-23] CHR Extension: (Avast Online Security) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-16] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-22] CHR Extension: (Google Wallet) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-15] CHR Extension: (Deezer) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2012-03-27] CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-04-25] CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-04-25] CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-06-16] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-03] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-10-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-03] (AVAST Software) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-04-17] (Freemake) [] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-04-17] (Ellora Assets Corp.) [] R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [581632 2013-05-15] (Hauppauge Computer Works) [] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MSSQL$MYMOVIES; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation) R2 My Movies General Service; C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe [1167904 2014-10-05] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [] R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [] R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [] S4 SQLAgent$MYMOVIES; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital ) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital) R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital ) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-03] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-03] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-03] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-03] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-25] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-03] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-03] () R3 cecsvad; C:\Windows\System32\drivers\cecvad.sys [23040 2011-12-08] () S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2015-01-05] (Digiarty Software, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-25] (DT Soft Ltd) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [] S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658944 2013-04-22] (Hauppauge Computer Works, Inc.) [] S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19840 2013-04-22] (Hauppauge Computer Works, Inc.) [] R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-18] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-18] (RapidSolution Software AG) R1 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation) R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-05-30] (Wondershare) R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-04-14] (StdLib) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-25 16:12 - 2015-05-25 16:15 - 00031223 _____ () C:\Users\nIKON\Downloads\FRST.txt 2015-05-25 16:12 - 2015-05-25 16:12 - 02108416 _____ (Farbar) C:\Users\nIKON\Downloads\FRST64.exe 2015-05-25 16:12 - 2015-05-25 16:12 - 00000000 ____D () C:\FRST 2015-05-25 16:11 - 2015-05-25 16:11 - 00000472 _____ () C:\Users\nIKON\Downloads\defogger_disable.log 2015-05-25 16:11 - 2015-05-25 16:11 - 00000168 _____ () C:\Users\nIKON\defogger_reenable 2015-05-25 16:10 - 2015-05-25 16:10 - 00050477 _____ () C:\Users\nIKON\Downloads\Defogger.exe 2015-05-25 14:30 - 2015-05-25 14:30 - 03266394 _____ () C:\Users\nIKON\Desktop\FixDotNet20150525123008546.cab 2015-05-25 14:29 - 2015-05-25 14:30 - 00000000 ____D () C:\64763808994fe6d78eee5d9932 2015-05-25 12:50 - 2015-05-25 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2015-05-25 12:03 - 2015-05-25 12:03 - 00000000 ____D () C:\Intel ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-25 16:15 - 2011-09-29 17:51 - 02050441 _____ () C:\Windows\WindowsUpdate.log 2015-05-25 16:11 - 2011-10-05 22:37 - 00000000 ____D () C:\Users\nIKON 2015-05-25 16:10 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-25 16:10 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-25 16:09 - 2011-10-14 13:25 - 00000000 ____D () C:\Users\nIKON\AppData\Local\Adobe 2015-05-25 16:06 - 2010-11-21 08:50 - 00777126 _____ () C:\Windows\system32\perfh007.dat 2015-05-25 16:06 - 2010-11-21 08:50 - 00180128 _____ () C:\Windows\system32\perfc007.dat 2015-05-25 16:06 - 2009-07-14 07:13 - 01839636 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-25 16:05 - 2013-06-16 11:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-05-25 16:05 - 2013-06-16 11:16 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2015-05-25 16:03 - 2014-04-15 09:21 - 00000000 ____D () C:\ProgramData\boost_interprocess 2015-05-25 16:02 - 2011-09-29 18:20 - 00000000 ____D () C:\ProgramData\Sonic 2015-05-25 15:59 - 2011-09-29 18:29 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks 2015-05-25 15:59 - 2011-09-29 18:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks 2015-05-25 15:59 - 2011-09-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup 2015-05-25 15:58 - 2014-04-15 09:04 - 00009968 _____ () C:\Windows\setupact.log 2015-05-25 15:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-25 15:57 - 2015-03-05 12:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-05-25 15:57 - 2014-11-17 22:21 - 00000000 ____D () C:\ProgramData\Netzmanager 2015-05-25 15:57 - 2014-09-05 01:28 - 00000000 ____D () C:\Program Files\CamStudio 2.7 2015-05-25 15:57 - 2014-04-15 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-25 15:57 - 2014-04-15 08:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-05-25 15:57 - 2014-03-18 08:49 - 00000000 ____D () C:\Windows\Minidump 2015-05-25 15:57 - 2012-05-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-25 15:57 - 2012-01-25 15:09 - 00000000 ____D () C:\Users\Gast 2015-05-25 15:57 - 2011-11-28 13:46 - 00000000 ____D () C:\Users\nIKON\AppData\Roaming\vlc 2015-05-25 15:57 - 2011-10-15 11:40 - 00000000 ____D () C:\Users\nIKON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-25 15:57 - 2011-10-14 12:09 - 00000000 ____D () C:\Windows\system32\Macromed 2015-05-25 15:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-05-25 15:55 - 2011-10-14 15:24 - 00000000 ____D () C:\Users\nIKON\AppData\Roaming\SoftGrid Client 2015-05-25 15:54 - 2011-10-14 15:30 - 00000000 __RHD () C:\MSOCache 2015-05-25 13:54 - 2011-10-05 22:45 - 00000000 ____D () C:\Users\nIKON\AppData\Local\Nero ==================== Files in the root of some directories ======= 2014-09-05 04:42 - 2014-09-11 01:09 - 0000096 _____ () C:\Users\nIKON\AppData\Roaming\Camdata.ini 2014-09-05 04:42 - 2014-09-11 01:09 - 0000408 _____ () C:\Users\nIKON\AppData\Roaming\CamLayout.ini 2014-09-05 04:42 - 2014-09-11 01:09 - 0000408 _____ () C:\Users\nIKON\AppData\Roaming\CamShapes.ini 2014-09-05 01:31 - 2014-09-09 01:23 - 0004546 _____ () C:\Users\nIKON\AppData\Roaming\CamStudio.cfg 2013-08-23 20:46 - 2013-08-23 20:46 - 0000000 _____ () C:\Users\nIKON\AppData\Roaming\DVAP.set 2011-12-28 12:08 - 2011-12-28 12:41 - 0121190 _____ () C:\Users\nIKON\AppData\Roaming\gd.db 2011-12-28 12:08 - 2012-01-18 19:38 - 0000283 _____ () C:\Users\nIKON\AppData\Roaming\groovedown.settings 2013-08-24 16:42 - 2013-08-24 16:42 - 0000008 _____ () C:\Users\nIKON\AppData\Roaming\LatestInfra.ini 2013-08-23 20:47 - 2013-08-23 20:47 - 0000021 _____ () C:\Users\nIKON\AppData\Roaming\MediaFolder.ini 2013-06-15 20:58 - 2013-06-15 21:04 - 0000004 _____ () C:\Users\nIKON\AppData\Roaming\skype.ini 2014-09-05 01:29 - 2014-09-10 23:07 - 0000096 _____ () C:\Users\nIKON\AppData\Roaming\version2.xml 2012-03-24 14:19 - 2015-03-12 13:38 - 0243712 _____ () C:\Users\nIKON\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-02-02 14:08 - 2012-02-02 14:08 - 0000093 _____ () C:\Users\nIKON\AppData\Local\fusioncache.dat 2014-09-05 03:43 - 2014-09-05 03:43 - 0002146 _____ () C:\Users\nIKON\AppData\Local\recently-used.xbel 2014-03-22 14:31 - 2014-12-22 03:04 - 0007625 _____ () C:\Users\nIKON\AppData\Local\Resmon.ResmonCfg 2011-10-17 11:24 - 2013-09-24 20:32 - 0000166 ___SH () C:\ProgramData\.zreglib 2011-11-25 16:32 - 2011-11-25 16:53 - 0002004 _____ () C:\ProgramData\hpzinstall.log 2012-06-13 17:24 - 2012-06-13 17:24 - 0000144 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2012-07-25 19:17 - 2012-07-25 19:26 - 4503728 ____T () C:\ProgramData\z7_0ytr.pad Files to move or delete: ==================== C:\ProgramData\z7_0ytr.pad C:\Users\nIKON\AppData\Roaming\skype.ini Some files in TEMP: ==================== C:\Users\nIKON\AppData\Local\Temp\DrWindows_Update.exe C:\Users\nIKON\AppData\Local\Temp\FreemakeVideoDownloader_3.6.4.3.exe C:\Users\nIKON\AppData\Local\Temp\i4jdel0.exe C:\Users\nIKON\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\nIKON\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\nIKON\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\nIKON\AppData\Local\Temp\jre-8u31-windows-au.exe C:\Users\nIKON\AppData\Local\Temp\NOSEventMessages.dll C:\Users\nIKON\AppData\Local\Temp\PicasaUpdater_33af.exe C:\Users\nIKON\AppData\Local\Temp\PicasaUpdater_6f7a.exe C:\Users\nIKON\AppData\Local\Temp\PicasaUpdater_7b08.exe C:\Users\nIKON\AppData\Local\Temp\proxy_vole1335771476858207098.dll C:\Users\nIKON\AppData\Local\Temp\sdan.exe C:\Users\nIKON\AppData\Local\Temp\sdapk.exe C:\Users\nIKON\AppData\Local\Temp\sdaspwn.exe C:\Users\nIKON\AppData\Local\Temp\SHSetup.exe C:\Users\nIKON\AppData\Local\Temp\vlc-2.1.3-win32.exe C:\Users\nIKON\AppData\Local\Temp\vlc-2.1.5-win32.exe C:\Users\nIKON\AppData\Local\Temp\WindowsUpdateAgent30-x64.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-26 21:55 ==================== End of log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by nIKON at 2015-05-25 16:17:25
Running from C:\Users\nIKON\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1110382986-3051645244-2528077214-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1110382986-3051645244-2528077214-1002 - Limited - Enabled)
Gast (S-1-5-21-1110382986-3051645244-2528077214-501 - Limited - Enabled) => C:\Users\Gast
nIKON (S-1-5-21-1110382986-3051645244-2528077214-1000 - Administrator - Enabled) => C:\Users\nIKON
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 8.2.2 - Hewlett-Packard) Hidden
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.0 - PainteR)
Amazon Kindle (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon Music (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{81D00339-968D-15D1-3499-8431658E896F}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.2.3.0 - SlySoft)
ATI AVIVO64 Codecs (Version: 11.6.0.10419 - ATI Technologies Inc.) Hidden
Audials (HKLM-x32\...\{1DCFE675-3301-4511-AC32-788900B9BEC2}) (Version: 10.2.26201.100 - Audials AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Barcode Label Maker Deluxe (HKLM-x32\...\Barcode Label Maker Deluxe_is1) (Version: - Aulux Technologe, Inc.)
BDlot DVD ISO Master 3.0.2 (HKLM-x32\...\BDlot DVD ISO Master_is1) (Version: - LotSoft)
Bitcoin Core (32-bit) (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Bitcoin Core (32-bit)) (Version: 0.9.1 - Bitcoin Core project)
BitTorrent Sync (HKLM\...\BitTorrent Sync) (Version: 1.4.83 - BitTorrent Inc.)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.10.1.3 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{E2F57269-065E-4B19-8CDA-AB6C401FAF1A}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Easy Flyer Creator 3.0 (HKLM-x32\...\{B07CB2BA-819B-41C5-BBE0-484A4C23972E}) (Version: 3.0.0 - Peridot Technologies)
EMDB 2.03 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ffdshow v1.1.3425 [2010-05-08] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3425.0 - )
foobar2000 v1.3.7 (HKLM-x32\...\foobar2000) (Version: 1.3.7 - Peter Pawlowski)
Free FLV Converter V 7.5.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.5.0.0 - Koyote Soft)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.430 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
GS DVD-Verwaltung 2D Version 1 (HKLM-x32\...\{B4B2BC6D-A620-4B7C-B829-3EA9D688C643}_is1) (Version: 1 - Dipl.-Ing.(FH) Gert Spießhofer)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.31135 (CD 2.8) - Hauppauge Computer Works)
HP LaserJet M1522 MFP Series 4.2 (HKLM\...\{C8A37F1F-E13B-48ae-93F8-4669264969F9}) (Version: 4.2 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
Jagged Alliance 2 (HKLM-x32\...\Jagged Alliance 2) (Version: - )
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.8.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.5 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.3.0 - www.leaguereplays.com)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.86.0 - Firstload)
Lumac (x32 Version: 1.1.86.0 - Firstload) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Markt Fotoservice 4.4 (HKLM-x32\...\Media Markt Fotoservice_is1) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MoneyManagerEX 0.9.9.0 (HKLM-x32\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 0.9.9.0 - CodeLathe, LLC)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Music Manager (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MusicManager) (Version: - Google, Inc.)
My Movies for Windows (HKLM-x32\...\{5D99D2F5-59A2-4423-A13F-22EDBE44B4B4}) (Version: 5.1.1.103 - Binnerup Consult)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.41 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Scribus 1.4.4 (HKLM-x32\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shutdown4U (HKLM-x32\...\Shutdown4U) (Version: - )
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Sony Pictures Download Manager (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\4221943535.redeem.sonypicturesstore.com) (Version: - redeem.sonypicturesstore.com)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Stampit Home (HKLM-x32\...\{B83AAFD3-D8DE-46CE-9351-70C21AC6704E}) (Version: 3.3 - Deutsche Post AG)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.1.6.2 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Unity Web Player (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Videora Palm Pre Converter 6 (HKLM-x32\...\Videora Palm Pre Converter) (Version: 6 - Red Kawa)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
WiMP (HKLM-x32\...\{C7443867-AB43-48A0-B957-56115050EDEF}) (Version: 3.1.0 - WiMP Music AS)
WiMP 2.6.2 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.6.2 - Aspiro AS)
WiMP 2.6.2 (x32 Version: 2.6.2 - Aspiro AS) Hidden
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.1.0 - Shark007)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 1.1.0.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WiVideo (HKLM-x32\...\{2A9BA733-C465-400A-8AA0-937C656503FB}) (Version: 2.01.204 - )
x64 Components v4.0.9 (HKLM\...\x64 Components_is1) (Version: 4.0.9 - Shark007)
XMedia Recode 3.0.3.4 (HKLM-x32\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
15-04-2015 23:40:53 Windows Update
22-04-2015 01:27:40 Windows Update
26-04-2015 21:50:57 Windows Update
25-05-2015 12:01:49 avast! antivirus system restore point
25-05-2015 12:48:15 avast! antivirus system restore point
25-05-2015 14:49:49 Wiederherstellungsvorgang
25-05-2015 16:01:15 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-05-19 16:17 - 00001132 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {022DF3D1-1977-47E7-8E04-5CD1C6F55163} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {167BF6F5-1F26-40F6-B963-6A52F2659C6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {18C05490-9133-4400-BB5B-D94C8EE7D948} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {25D3F3F0-A748-44B4-B804-1F82A2E97856} - \DSite No Task File <==== ATTENTION
Task: {5D6A8A15-C80A-409D-AF72-1BB42E88A92E} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {5FE3A3EF-F4AF-496A-A0F6-C6BFB8E3CF1A} - System32\Tasks\{8AC0FAAB-EF23-4C3A-96D6-E2CD7112E97F} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/57940
Task: {758B17BA-3387-4AEC-9443-E6B12D54770C} - System32\Tasks\{CA504F70-4970-4986-8E58-92513707C492} => C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
Task: {A45E1F6A-FAC9-4DA8-8AD9-0CA3B695A2E9} - System32\Tasks\AdobeAAMUpdater-1.0-PandorasBoxIII-nIKON => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {A51D3847-E502-456B-ACB8-82BCC7789136} - System32\Tasks\{ADD15FFC-C7E7-4527-AFBF-1BA47120F5E5} => pcalua.exe -a C:\Users\nIKON\Downloads\ja2_105.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {B0D2360C-6587-491C-96E5-78785A63D8F3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {B8619E23-76AE-4C6E-BD6E-15A21B417614} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {CBFC4AEA-4EA9-42AE-A435-D2385EFF6112} - \Funmoods No Task File <==== ATTENTION
Task: {CE069FDA-39E3-47BB-B1DD-3E2406C33741} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-03] (AVAST Software)
Task: {CED191F9-F147-4184-84C7-61C82FDE7D7A} - System32\Tasks\Google Updater and Installer => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {CF2553A1-AAED-4248-878B-3AFDB34ABD4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F12887B8-7D07-4560-874E-310EB1CEDB2D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000UA => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {F50B1DED-1E95-4B08-A04D-DEF9311B2A14} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000Core => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000Core.job => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000UA.job => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2012-02-04 13:46 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-10-05 13:46 - 2014-10-05 13:46 - 01167904 _____ () C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
2011-09-29 18:04 - 2011-08-18 17:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-02-01 12:50 - 2012-02-01 12:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2011-08-08 18:26 - 2011-08-08 18:26 - 00475200 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2013-08-23 20:45 - 2012-06-08 16:37 - 00192512 _____ () C:\Windows\SysWOW64\DVAPTray.exe
2011-08-08 18:26 - 2011-08-08 18:26 - 00891456 _____ () C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
2012-08-06 12:07 - 2012-08-06 12:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-01 12:50 - 2012-02-01 12:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2014-10-03 23:31 - 2014-10-03 23:31 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-04-15 22:37 - 2015-04-15 22:37 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041501\algo.dll
2015-05-25 16:10 - 2015-05-25 16:10 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052500\algo.dll
2014-04-10 11:35 - 2011-08-23 10:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2014-04-10 11:35 - 2013-05-15 13:15 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2014-10-03 23:31 - 2014-10-03 23:31 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 15:52 - 2010-03-22 15:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-24 23:20 - 2011-06-24 23:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2007-04-13 09:39 - 2007-04-13 09:39 - 00252672 _____ () C:\Program Files (x86)\Dell\Stage Remote\kgl.dll
2011-07-17 10:35 - 2011-07-17 10:35 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-07-06 16:53 - 2011-07-06 16:53 - 00068160 _____ () C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\DMRUI.dll
2010-03-11 19:52 - 2010-03-11 19:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 15:07 - 2010-03-05 15:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 15:07 - 2010-03-05 15:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 19:52 - 2010-03-11 19:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2007-04-19 08:28 - 2007-04-19 08:28 - 00436992 _____ () C:\Program Files (x86)\Dell\Stage Remote\fpxlib.dll
2011-09-29 18:01 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-12 19:17 - 2014-08-12 19:17 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-02-05 11:46 - 2015-02-05 11:46 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:A39CFB89ADC01212
AlternateDataStreams: C:\ProgramData\Temp:0AA54ED9
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\microsoft.com -> *.update.microsoft.com
IE trusted site: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\windowsupdate.com -> windowsupdate.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{258AF83D-7A50-4761-8762-0E07D726B3FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6825D2AB-72B3-4567-86A6-EB9EBCCABAC9}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{21C1B271-9ADB-41C5-8436-92F7A8BD77E7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55F34F18-5B98-4891-ACBA-8B3640D09D52}] => (Allow) LPort=2869
FirewallRules: [{16830505-50CF-4D27-8422-485C04D9948B}] => (Allow) LPort=1900
FirewallRules: [{50BF9AB2-C497-452E-9E0E-F586688E0413}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{13A4C20E-2039-4174-AB4C-DD5F6E415B06}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{232BDFE5-B00B-4A20-B388-57F3AD0293D2}] => (Allow) LPort=9700
FirewallRules: [{C34E171E-0FA3-414A-B75E-9B3E3F7CD88F}] => (Allow) LPort=9701
FirewallRules: [{026F3B28-184B-4F7E-8BD3-E748614E6CC8}] => (Allow) LPort=9702
FirewallRules: [{6544BD1D-5908-46D1-8E81-6835F3BD2110}] => (Allow) LPort=9700
FirewallRules: [{77E0837E-7703-49D1-87B9-0592366D47BD}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{069F854C-1694-4037-8E42-A0E2745FBBA0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{3B1E7742-8942-4883-9A2F-1A2045F44172}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{0E5E7B2E-C0AB-4522-BC98-A2F773175F03}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{69EC9BCF-0DCD-4076-9719-A8B46322248B}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{B5196DBA-7761-4A9A-995A-1713B3B5FDEB}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{5E6E540F-BD9C-4CBD-AC52-79285739B354}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{2B664C21-1E3D-44C6-BCEF-8FE5D1C771E2}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{3415F0CE-DD25-4BAE-BEFD-61B0D8F9AEC9}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{FC00A1FC-0B6F-44DD-AD0A-80B78F271F82}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{7D061D45-0693-45CB-8AFD-7C8EF35C5F60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95572388-9456-4BC1-86B7-B48343CB3CB7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{78DB53B1-04C4-46E3-8965-BDE6885B207A}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
FirewallRules: [UDP Query User{C302C36A-5E07-4D63-BAD9-029609E24026}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
FirewallRules: [{42D29491-6D92-47F2-883C-F824AEDD4318}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9C587ADB-45C1-4037-B57B-4522E19867B2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{49FCF723-3051-4F1A-98E7-780A49B8BBC7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C6091EB7-F863-49D4-A3BB-B73B20E90B3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{EFD21E5C-3E8D-4F0F-8779-4849820097E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{B6697BC7-9A67-4292-BD95-77B32E3C90F1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{FDAE57D7-0CC8-4784-9292-72A70D80597A}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5B3A410F-4302-4C58-B796-B03ADAD1BB9F}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5596B941-5B2B-404F-B27C-9FD4A559A4DB}] => (Allow) LPort=1542
FirewallRules: [{951AD121-2C0A-450D-809D-37B0913DA441}] => (Allow) LPort=1542
FirewallRules: [{0793A086-9FE7-4885-87F1-E128C2AC1E67}] => (Allow) LPort=53
FirewallRules: [{54FA7F1D-36CE-4416-A4AC-38F4BB7A75F4}] => (Allow) LPort=67
FirewallRules: [{634CA601-9C8D-449D-9FE4-38C04A4FD6D3}] => (Allow) LPort=68
FirewallRules: [{D4DA3D94-3E7F-4FD2-9340-4552986DB2C3}] => (Allow) LPort=53
FirewallRules: [{18AB802F-8B49-4500-8676-3D12215A9EE3}] => (Allow) LPort=53
FirewallRules: [{D908AABF-4742-444E-8E1A-BA64EAFB601E}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{24A51643-DFC3-4168-8076-124A171C2DF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA2E9392-4567-4494-A81F-EDF7902E5FC3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F9722D9D-F649-47C5-953F-CF2C0D77AC2B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{272FC036-7C20-428D-9BDA-37DD92EA64D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{5B0DFF33-5FCD-4E79-A772-0D9B4A883FA4}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{3B5C0D5D-929A-4C94-80C1-4A3BBB94B8A8}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3A806CF6-39A0-4525-B4B6-A8E6263789AE}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{01C0947E-4652-481E-92BB-7F4B0DA1CED0}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{4D98A7FD-9AE0-44BE-81A4-203D4740BF25}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{57311F54-2A33-439D-B46A-1C8826339E54}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{C75C0ABC-B93D-4E6A-A148-ADFE37D35C7D}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{6FD7BAF7-E305-427C-BDF4-BAF31055C497}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{E63D8647-CDCA-43F2-BCDE-44B1D27D9BF0}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{BAFE2E2D-3104-4F45-958B-7CB106E6A042}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{4630C7BA-07A3-4AB4-B377-1394CBCD1188}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{68009CE5-18AC-4804-BF2D-193754849794}] => (Allow) LPort=12972
FirewallRules: [{3969126D-DFA4-4E80-9268-5430AC490F32}] => (Allow) LPort=14714
FirewallRules: [{51A8B0C4-EA99-43DF-BF2F-1AD44BAF656A}] => (Allow) LPort=31931
FirewallRules: [{02AA14CF-E696-44DE-927A-9E3B583DEC52}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{12BF4046-DE3C-4C32-884F-E541AA88373C}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{5D63A014-3A08-4EAC-BFC6-4D22FF8F4A42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38ECEE97-509C-4DAD-BE8B-4BBB0BF5FF19}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{68586BDF-C160-40C4-905D-E451E9BFB9C2}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{B29DE329-411E-4BAF-82A8-00C2C1A831FC}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{3A009D60-652D-4B27-8815-241811A59D1D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3F91ABBC-4CC3-4E24-A461-F1BEBEA7C799}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7FDF45CE-EB8F-4648-A8D4-9639ECA838DC}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{5A38B761-BB86-4C15-9BC0-85E6E53C1CA9}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{BE40462C-2240-4DB8-9839-08660BE89AC0}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{FC13454A-389F-4621-8FC5-B64E74497896}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [TCP Query User{5BA15389-7B97-40C5-9011-5BBD265391D7}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{A5E54FF4-B699-4C90-BBED-751A721FE2E3}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{B6F17FC1-A884-43EA-A3A9-B533442CE6F5}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E6495A45-F24E-4EC1-8E12-D411AC504F38}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E64CB60E-AFEF-4750-9EF3-18A6A8D8EA2E}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{CABD3A3A-156D-405A-89E2-BC6CBBAB429F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{17307BF0-2D56-4384-8F62-332003C52C2C}] => (Allow) C:\Users\nIKON\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D9EDA577-8A96-4321-AF85-0EC3CF7098C8}] => (Allow) C:\Users\nIKON\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{83D7D6E0-8FE7-4262-AFB9-650142704828}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{65F7CE79-8330-4751-B6F4-5C26D72E6576}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{5A36E06D-D0D5-46A6-A0B6-6343B29EA684}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{2749FF77-03B7-4028-B541-FD6266FD585D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{06E9AAA7-60D8-43BE-9758-E51252E38390}C:\program files (x86)\wintv\wintv7\wintv7.exe] => (Allow) C:\program files (x86)\wintv\wintv7\wintv7.exe
FirewallRules: [UDP Query User{22FC5E09-081C-4BB1-82B2-F91EC09EE189}C:\program files (x86)\wintv\wintv7\wintv7.exe] => (Allow) C:\program files (x86)\wintv\wintv7\wintv7.exe
FirewallRules: [{58C493B0-77B0-4219-BC3A-4A52268C266C}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{4627FCAF-9665-4DF7-B88D-70F706C1083B}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{4FCA31DA-A84E-4BD3-BFFF-BD1DD3D6F0CF}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{2DBBDA1F-5EA2-495D-8AA4-D492FD6F392E}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{C0A6E23B-0F87-4C69-943C-1572303F24AE}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{9005C5F2-22A6-4FA0-A99F-C4ADF789EFD3}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{D76278C5-18B5-445C-91AE-73A3D9354264}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{F8BAB2C1-3C7D-4B8D-A9CB-77B0C8E13E91}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [TCP Query User{469A0B8F-1AD9-4E3F-A73C-A0EBD9CCE319}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{663C0A88-920C-4D6B-B447-FC02560E4DFF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{914EED84-7BC9-40AC-B6B3-9576879CDE0B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{66381F70-3090-4437-8610-CC77AAAF3272}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D9F366B1-E076-4F7A-959F-CB95F09648E7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{A5DF63A4-0833-4AD1-8DDF-E254F1C02D00}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{D7CC44FC-2F09-44F4-9E23-0906F9DD0D13}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{F3B2F712-34F4-4F57-AA59-95E9E69ACF45}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [{D6E63C19-F19F-4E09-99DC-715145A2118F}] => (Allow) C:\Program Files\BitTorrent Sync\BTSync.exe
FirewallRules: [{718A3879-97AF-461E-8F88-7B357FED28FA}] => (Allow) C:\Program Files\BitTorrent Sync\BTSync.exe
FirewallRules: [TCP Query User{80B89959-C194-4F01-A137-E0C72B1BD592}C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe] => (Allow) C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe
FirewallRules: [UDP Query User{50DF4A2F-0DCC-4E65-ACC2-A77142D2F7D9}C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe] => (Allow) C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe
FirewallRules: [TCP Query User{036135DC-8F8E-45AB-B6E4-97EBC5996FCF}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{278BB809-0CB1-4BC2-93DB-85541F1F45CA}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{35F5D779-6B44-4C1C-A85E-88C15660C547}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{B560860A-9ED6-4E6D-BEE3-44E3F23DFBD8}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{C32DB7E0-806D-4331-9324-34DA67F64112}] => (Allow) LPort=51408
FirewallRules: [{67E56E1C-17CC-4AD8-820D-32E58C62950A}] => (Allow) LPort=51409
FirewallRules: [{4889C935-E63A-471E-A895-ED1AE1D73F88}] => (Allow) LPort=51410
FirewallRules: [{B36F3C06-1C1B-42CB-9CCE-37AEE3ED9BBE}] => (Allow) LPort=51411
FirewallRules: [{AABB8049-98BF-4789-BA6C-F6D46E93A9E8}] => (Allow) LPort=51412
FirewallRules: [{523642DF-972F-4F0B-8AD6-45B2AA128CFD}] => (Allow) LPort=51413
FirewallRules: [{3DAC83A5-E2AA-4A2C-9424-F9DBDCC2EDAC}] => (Allow) LPort=51414
FirewallRules: [{DB343319-7B43-45C3-B35B-CD7D756FB916}] => (Allow) LPort=51415
FirewallRules: [{36BB62E6-B765-4A97-BD2A-8883CDD0F695}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe
FirewallRules: [{6A47693C-D245-42A4-BCE8-A6196989F7FD}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [TCP Query User{D8FE7C55-D1D5-416C-A0EC-B75192AC693D}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [UDP Query User{1013C5A6-A369-4541-BD64-CE766FB64B73}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [TCP Query User{6F316787-E240-4F44-9A77-0EEEB4BDE43F}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [UDP Query User{1D3EB8BA-846A-4A16-B3B8-BA0240C8E9BF}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [TCP Query User{4AF84C25-FEAE-4158-8653-CBB2DB55EA80}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{6A632BD2-9028-4088-ACF6-2253D02F5255}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{84894B8A-0B0A-4DBF-A723-DDD971BE95ED}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [UDP Query User{36E2D941-3D5F-4264-ACE4-74B76AAB8751}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [TCP Query User{2DAD20CB-3725-4719-9D83-86B2874CBF93}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{15A853DD-227F-4337-BA41-271AB0415411}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/25/2015 04:08:53 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "M:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (05/25/2015 04:02:32 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x8000ffff.
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.118, Zeitstempel: 0x55199d5a
Name des fehlerhaften Moduls: chrome.dll, Version: 41.0.2272.118, Zeitstempel: 0x55199942
Ausnahmecode: 0x80000003
Fehleroffset: 0x004fe1b8
ID des fehlerhaften Prozesses: 0x1678
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: StageRemote.exe, Version: 2.0.0.50, Zeitstempel: 0x4e3fb38b
Name des fehlerhaften Moduls: MP4Muxer.ax, Version: 1.0.0.87, Zeitstempel: 0x4e1bf1b1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002a95
ID des fehlerhaften Prozesses: 0xb68
Startzeit der fehlerhaften Anwendung: 0xStageRemote.exe0
Pfad der fehlerhaften Anwendung: StageRemote.exe1
Pfad des fehlerhaften Moduls: StageRemote.exe2
Berichtskennung: StageRemote.exe3
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.118, Zeitstempel: 0x55199d5a
Name des fehlerhaften Moduls: chrome.dll, Version: 41.0.2272.118, Zeitstempel: 0x55199942
Ausnahmecode: 0x80000003
Fehleroffset: 0x004fe1b8
ID des fehlerhaften Prozesses: 0x15ac
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.118, Zeitstempel: 0x55199d5a
Name des fehlerhaften Moduls: chrome.dll, Version: 41.0.2272.118, Zeitstempel: 0x55199942
Ausnahmecode: 0x80000003
Fehleroffset: 0x004fe1b8
ID des fehlerhaften Prozesses: 0x1668
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/25/2015 04:00:49 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0xc0000022.
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24600F0A-10000001).
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7145.5001.sft' herstellen (Rückgabecode 24600F0A-10000001, ursprünglicher Rückgabecode 24600F0A-10000001).
Error: (05/25/2015 04:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/25/2015 03:49:26 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (05/25/2015 03:48:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:47:00 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (05/25/2015 03:46:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office:
=========================
Error: (05/25/2015 04:08:53 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: M:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (05/25/2015 04:02:32 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x8000ffff.
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.11855199d5achrome.dll41.0.2272.1185519994280000003004fe1b8167801d096f34139a106C:\Users\nIKON\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\nIKON\AppData\Local\Google\Chrome\Application\41.0.2272.118\chrome.dlla6fa5c5c-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StageRemote.exe2.0.0.504e3fb38bMP4Muxer.ax1.0.0.874e1bf1b1c000000500002a95b6801d096f33426d245C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exeC:\Program Files (x86)\Dell\Stage Remote\Codec\MP4Muxer.axa6f2940f-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.11855199d5achrome.dll41.0.2272.1185519994280000003004fe1b815ac01d096f33e5a17d2C:\Users\nIKON\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\nIKON\AppData\Local\Google\Chrome\Application\41.0.2272.118\chrome.dlla6f245ee-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.11855199d5achrome.dll41.0.2272.1185519994280000003004fe1b8166801d096f34128f764C:\Users\nIKON\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\nIKON\AppData\Local\Google\Chrome\Application\41.0.2272.118\chrome.dlla6f1d0bc-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:00:49 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0xc0000022
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
24600F0A-10000001
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7145.5001.sft24600F0A-1000000124600F0A-10000001
Error: (05/25/2015 04:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-06-15 23:37:23.522
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 23:37:23.519
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 23:37:23.517
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-15 13:34:34.432
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:34.410
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:32.217
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:32.182
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:28.204
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:28.182
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:26.079
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 66%
Total physical RAM: 6126.45 MB
Available physical RAM: 2068.32 MB
Total Pagefile: 12251.07 MB
Available Pagefile: 7434.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:749.21 GB) (Free:450.57 GB) NTFS
Drive z: (Volume) (Fixed) (Total:634.76 GB) (Free:229.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1397.3 GB) (Disk ID: 86D1B97D)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=749.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=634.8 GB) - (Type=OF Extended)
==================== End of log ============================
|
|
26.05.2015, 07:34
| #4 |
| /// the machine /// TB-Ausbilder | Lösung: Einige Programme starten nicht mehr unter Windows 7 Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Einige Programme starten nicht mehr unter Windows 7 |
| administrator, computer, einzelne, fehlermeldung, festplatte, firefox, gestartet, google, grafikkarte, komponenten, league, nicht mehr, platte, programme, programme starten nicht, prozess, ram, rechner, richtig, starten, starten nicht, unbekannte, verschwindet, versucht, windows, windows 7 |
Linear-Darstellung
