Windows 7: Laptop friert oftmals ein

Divitius · 23.12.2016, 22:23

Alles klar, hier die beiden

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2016
Ran by flkr2104 (administrator) on UNGOEB-U1260RT5 (23-12-2016 22:14:45)
Running from C:\Users\flkr2104\Desktop
Loaded Profiles: flkr2104 (Available Profiles: flkr2104 & Administrator & DefaultAppPool)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: Norsk, bokmål (Norge)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\Runservice.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Akamai Technologies, Inc.) C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [OfficeScanNT Monitor] => C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe [1533720 2013-11-20] (Trend Micro Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2444016 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [1667164 2000-01-01] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Run: [Akamai NetSession Interface] => C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6775512 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {020048ac-b58c-11e6-9e05-68a3c484513c} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {1788b050-b8af-11e6-9092-68a3c484513c} - E:\setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {2bf59e40-ca7f-11e1-8c9d-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {45cf754d-af17-11e5-83e2-68a3c484513c} - E:\setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {5a673a96-e715-11e4-83ac-68a3c484513c} - E:\Setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {5a673a9a-e715-11e4-83ac-68a3c484513c} - F:\RunGame.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {8973e3ae-fe4c-11e4-a044-68a3c484513c} - E:\AutoRun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {a055b961-4b69-11e6-9d5e-68a3c484513c} - F:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {b2286f40-32fb-11e1-bea2-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {dec291b3-db35-11e4-a209-68a3c484513c} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {ff282818-2118-11e3-b096-68a3c484513c} - E:\PCSTART.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
Startup: C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-12-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\flkr2104\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2F6908F7-5324-4907-AB61-36D8C47D8549}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F3075377-C443-41F3-883B-A8B479B982D7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FA72C645-2B03-425E-AAB6-80878F656836}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.oppland.no
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
URLSearchHook: HKU\S-1-5-21-1113328611-58381748-87005590-109325 - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} -  No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll [2013-07-01] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-20] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll [2013-07-01] (Trend Micro Inc.)

FireFox:
========
FF DefaultProfile: 8wvhcelo.default
FF ProfilePath: C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default [2016-12-20]
FF Extension: (DOM Inspector) - C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default\Extensions\inspector@mozilla.org [2016-05-08]
FF Extension: (ChatZilla) - C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-12-06]
FF ProfilePath: C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788 [2016-12-22]
FF Homepage: Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788 -> hxxps://www.google.de/
FF Extension: (YouTube Download Plus) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\addon@ytdownloader.info.xpi [2016-09-03]
FF Extension: (MEGA) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\firefox@mega.co.nz.xpi [2016-12-08]
FF Extension: (WebSocket Monitor) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\websocketmonitor@getfirebug.com.xpi [2016-09-28]
FF Extension: (Adblock Plus) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension [2016-11-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-27] ()
FF Plugin: @raidcall.com/RCplugin -> C:\Users\flkr2104\AppData\LocalLow\raidcall\plugins\webplugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1113328611-58381748-87005590-109325: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1113328611-58381748-87005590-109325: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-27] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-10-29]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll => No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll => No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll ()
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (Unity Player) - C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Raidcall plugin) - C:\Users\flkr2104\AppData\LocalLow\raidcall\plugins\webplugin.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default [2016-12-23]
CHR Extension: (Adblock Plus) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-10-04] (BitRaider, LLC)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2014-01-30] (Intel Corporation)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [461024 2012-03-07] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-04-10] (Intel Corporation)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-07-04] () [File not signed]
S4 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
S3 npggsvc; C:\Windows\system32\GameMon.des [5150552 2013-03-19] (INCA Internet Co., Ltd.)
R2 ntrtscan; C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe [2320640 2013-11-16] (Trend Micro Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2119688 2016-12-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files\Origin\OriginWebHelperService.exe [2180624 2016-12-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2015-03-21] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [307282 2000-01-01] (IDT, Inc.) [File not signed]
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [345112 2013-10-23] (Trend Micro Inc.)
R2 tmlisten; C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe [2272488 2013-12-17] (Trend Micro Inc.)
R3 TmPfw; C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe [497272 2011-04-15] (Trend Micro Inc.)
R3 TmProxy; C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe [689176 2013-07-01] (Trend Micro Inc.)
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [2762032 2011-03-24] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 BRSptSvc; "C:\ProgramData\BitRaider\BRSptSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2016-08-27] ()
S3 BRDriver_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [66824 2016-10-15] (BitRaider)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2015-12-31] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-07-18] (Disc Soft Ltd)
S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2013-02-26] (DT Soft Ltd.) [File not signed]
S3 eapihdrv; C:\Windows\TEMP\ehdrv.sys [135760 2016-12-22] (ESET)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2016-08-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
R3 netr28; C:\Windows\System32\DRIVERS\netr28.sys [2075792 2014-12-10] (MediaTek Inc.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [11973 2016-07-23] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2484552 2015-07-16] (Sonix Tech. Co., Ltd.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324152 2016-07-18] (Duplex Secure Ltd.)
R1 SSHDRV85; C:\Windows\system32\drivers\SSHDRV85.sys [78848 2013-12-29] () [File not signed]
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [75600 2013-08-29] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [263072 2013-09-02] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [62704 2013-08-29] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys [294152 2015-07-02] (Trend Micro Inc.)
R1 TmLwf; C:\Windows\System32\DRIVERS\tmlwf.sys [146232 2012-06-21] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys [38152 2015-07-02] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [90712 2013-06-18] (Trend Micro Inc.)
R2 tmWfp; C:\Windows\System32\DRIVERS\tmwfp.sys [282936 2012-06-21] (Trend Micro Inc.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-07-28] (Apple, Inc.) [File not signed]
R2 VSApiNt; C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys [1608744 2015-07-02] (Trend Micro Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
S3 BRDriver; \??\C:\ProgramData\BitRaider\BRDriver.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 BTMUSB; System32\Drivers\btmusb.sys [X]
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp32.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-23 22:14 - 2016-12-23 22:16 - 00025401 _____ C:\Users\flkr2104\Desktop\FRST.txt
2016-12-23 22:14 - 2016-12-23 22:14 - 00000000 ____D C:\Users\flkr2104\Desktop\FRST-OlderVersion
2016-12-21 19:25 - 2016-12-21 19:25 - 02870984 _____ (ESET) C:\Users\flkr2104\Desktop\esetsmartinstaller_deu.exe
2016-12-21 19:10 - 2016-12-21 19:18 - 00000000 ____D C:\AdwCleaner
2016-12-21 19:04 - 2016-12-21 19:05 - 03977168 _____ C:\Users\flkr2104\Desktop\AdwCleaner_6.041.exe
2016-12-21 13:56 - 2016-12-21 14:01 - 00230474 _____ C:\TDSSKiller.3.1.0.12_21.12.2016_13.56.09_log.txt
2016-12-21 13:55 - 2016-12-21 13:55 - 04747704 _____ (AO Kaspersky Lab) C:\Users\flkr2104\Desktop\tdsskiller.exe
2016-12-19 20:33 - 2016-12-23 22:14 - 00000000 ____D C:\FRST
2016-12-19 20:32 - 2016-12-23 22:14 - 01762816 _____ (Farbar) C:\Users\flkr2104\Desktop\FRST.exe
2016-12-19 16:17 - 2016-12-19 16:19 - 00002071 _____ C:\Users\flkr2104\Desktop\Scan.txt
2016-12-18 15:48 - 2016-12-18 16:28 - 00000000 ____D C:\Users\flkr2104\Documents\FUSSBALL MANAGER 16-17
2016-12-18 15:48 - 2016-12-18 15:48 - 00001169 _____ C:\Users\flkr2104\Desktop\FM17 Editor.lnk
2016-12-18 15:48 - 2016-12-18 15:48 - 00001159 _____ C:\Users\flkr2104\Desktop\FIFA Manager  17.lnk
2016-12-18 15:48 - 2016-12-18 15:48 - 00001149 _____ C:\Users\flkr2104\Desktop\FM17 Auflösung.lnk
2016-12-18 15:26 - 2016-12-18 15:26 - 00000000 ____D C:\Users\flkr2104\Documents\FUSSBALL MANAGER 13
2016-12-18 14:26 - 2016-12-18 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
2016-12-17 22:10 - 2016-12-17 22:10 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-16 20:49 - 2016-12-16 20:49 - 00000000 ____D C:\Users\flkr2104\Downloads\FC Basel
2016-12-13 16:53 - 2016-12-13 16:53 - 00191002 _____ C:\Users\flkr2104\Downloads\2016-11-24--Uebersichtsplan-Linie-10-via-Kauslund.pdf
2016-12-12 09:35 - 2016-12-12 09:35 - 00000000 ____D C:\AeriaGames
2016-12-12 09:03 - 2016-12-12 09:03 - 00000000 ____D C:\ProgramData\Aeria Games
2016-12-12 09:01 - 2016-12-12 09:01 - 00001952 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2016-12-12 09:01 - 2016-12-12 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-12-12 09:01 - 2016-12-12 09:01 - 00000000 ____D C:\Program Files\Aeria Games
2016-12-12 08:59 - 2016-12-12 08:59 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Aeria Games & Entertainment
2016-12-12 08:49 - 2016-12-18 13:48 - 00000000 ____D C:\Program Files\Origin Games
2016-12-10 15:44 - 2016-09-12 21:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-12-10 15:44 - 2016-09-12 21:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-12-10 15:43 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-12-10 15:43 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-10 15:43 - 2016-10-11 16:24 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-10 15:43 - 2016-10-11 16:24 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-10 15:43 - 2016-10-11 16:21 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-10 15:43 - 2016-10-11 15:55 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-10 15:43 - 2016-10-11 15:55 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-10 15:43 - 2016-10-11 15:55 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-10 15:43 - 2016-10-11 15:55 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-10 15:43 - 2016-10-11 15:53 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-10 15:43 - 2016-10-11 15:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-10 15:43 - 2016-10-11 15:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-10 15:43 - 2016-10-11 15:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-10 15:43 - 2016-10-11 15:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-10 15:43 - 2016-10-11 15:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-10 15:43 - 2016-10-11 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-10 15:43 - 2016-10-11 15:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-10 15:43 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-10 15:43 - 2016-10-08 14:05 - 00534600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-10 15:43 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-10 15:43 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-10 15:42 - 2016-10-11 15:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-10 15:42 - 2016-10-11 15:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-10 15:42 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-10 15:42 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-10 15:40 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-12-10 15:40 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-10 15:40 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-10 15:40 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-10 15:40 - 2016-10-27 15:16 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-10 15:40 - 2016-10-25 15:54 - 02399744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-10 15:40 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-10 15:40 - 2016-10-22 18:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-10 15:40 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-10 15:40 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-10 15:40 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-10 15:40 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-10 15:40 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-10 15:40 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-10 15:40 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-10 15:40 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-10 15:40 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-10 15:40 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-10 15:40 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-10 15:40 - 2016-10-22 18:21 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-10 15:40 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-10 15:40 - 2016-10-22 18:13 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-10 15:40 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-10 15:40 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-10 15:40 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-10 15:40 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-10 15:40 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-10 15:40 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-10 15:40 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-10 15:40 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-10 15:40 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-10 15:40 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-10 15:40 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-10 15:40 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-10 15:40 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-10 15:40 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-10 15:40 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-10 15:40 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-10 15:40 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-10 15:40 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-10 15:40 - 2016-10-11 16:24 - 00250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-10 15:40 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-10 15:40 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-10 15:40 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-10 15:40 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-10 15:40 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-10 15:40 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-10 15:40 - 2016-10-05 15:50 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-10 15:40 - 2016-09-15 15:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-12-10 15:40 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-10 15:40 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-12-10 15:40 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-12-10 15:40 - 2016-09-12 20:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-12-10 15:40 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-10 15:40 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-10 15:40 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-12-10 15:40 - 2016-09-08 15:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-12-10 15:40 - 2016-09-08 15:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-12-10 15:40 - 2016-08-21 14:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-03 12:00 - 2016-11-15 21:44 - 00014299 _____ C:\Users\flkr2104\Downloads\Saison 3.xlsx
2016-12-03 12:00 - 2016-11-13 11:59 - 00012272 _____ C:\Users\flkr2104\Downloads\MeinUmfeld.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-23 21:50 - 2012-04-03 08:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-23 21:33 - 2010-11-21 00:42 - 00661468 _____ C:\Windows\system32\perfh014.dat
2016-12-23 21:33 - 2010-11-21 00:42 - 00153528 _____ C:\Windows\system32\perfc014.dat
2016-12-23 21:33 - 2010-11-20 22:01 - 01808420 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-23 21:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-12-23 21:27 - 2016-08-25 17:44 - 00000000 ____D C:\Users\flkr2104\Documents\MEGAsync Downloads
2016-12-23 17:14 - 2012-08-11 18:35 - 00000132 _____ C:\Users\flkr2104\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-12-23 13:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-12-23 12:29 - 2009-07-14 05:34 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-23 12:29 - 2009-07-14 05:34 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-23 12:18 - 2012-07-04 00:17 - 00002689 ___SH C:\Windows\system32\mmf.sys
2016-12-23 12:17 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-22 20:01 - 2012-01-14 21:49 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Skype
2016-12-21 13:37 - 2016-11-18 18:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-20 23:10 - 2013-03-16 19:22 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-20 21:21 - 2012-05-04 20:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-20 21:20 - 2016-11-19 10:48 - 00000000 ____D C:\Users\flkr2104\AppData\LocalLow\Mozilla
2016-12-19 16:14 - 2014-12-08 23:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-19 15:50 - 2016-08-24 08:18 - 00000000 ____D C:\Program Files\Steam
2016-12-18 15:27 - 2014-09-19 22:39 - 00000000 ____D C:\ProgramData\Origin
2016-12-18 15:26 - 2016-09-10 18:56 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Origin
2016-12-18 14:26 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-15 21:41 - 2012-07-19 15:19 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 16:28 - 2013-12-28 23:17 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 21:50 - 2012-04-03 08:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-13 21:50 - 2011-09-15 07:55 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-13 21:50 - 2011-08-02 09:22 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 15:38 - 2012-05-16 20:09 - 00183112 _____ C:\Windows\system32\PnkBstrB.exe
2016-12-13 15:38 - 2012-05-16 20:09 - 00183112 _____ C:\Windows\system32\PnkBstrB.ex0
2016-12-13 15:38 - 2012-05-16 20:09 - 00138184 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2016-12-12 09:54 - 2016-06-17 23:23 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-12-12 09:01 - 2012-09-12 17:53 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2016-12-12 08:45 - 2016-09-10 18:46 - 00000000 ____D C:\Program Files\Origin
2016-12-10 16:58 - 2011-09-22 20:10 - 00000000 ____D C:\Program Files\GIMP-2.0
2016-12-10 16:58 - 2011-08-24 10:03 - 00000000 ____D C:\Users\flkr2104
2016-12-10 16:31 - 2009-07-14 05:33 - 00543848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-10 16:28 - 2014-12-26 03:45 - 00000000 ____D C:\Windows\system32\appraiser
2016-12-10 16:28 - 2014-04-24 15:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-12-10 16:20 - 2013-09-06 11:43 - 00000000 ____D C:\Windows\system32\MRT
2016-12-10 16:02 - 2011-10-11 22:28 - 138444440 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-03 23:00 - 2011-08-08 10:23 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-03 20:19 - 2012-01-25 14:32 - 00330240 _____ (Trend Micro Inc.) C:\Windows\RegBootClean.exe
2016-12-02 21:26 - 2012-03-21 13:00 - 00000000 ____D C:\Windows\system32\directx
2016-12-02 21:23 - 2012-03-21 13:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-11-25 14:39 - 2015-10-12 11:25 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-11-23 20:40 - 2016-02-17 22:03 - 00000000 ___RD C:\Program Files\Skype
2016-11-23 20:40 - 2012-01-14 21:49 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2012-09-15 19:30 - 2012-09-14 07:30 - 0000044 ____H () C:\Program Files\e1697bb7.tmp
2012-06-09 10:39 - 2007-12-01 16:22 - 0315392 _____ () C:\Program Files\GMLMatting.8bf
2012-06-09 10:39 - 2012-06-09 10:39 - 0000053 _____ () C:\Program Files\GMLMatting.ini
2014-08-17 13:05 - 2014-08-17 13:15 - 6010880 _____ () C:\Program Files\GUT1FAF.tmp
2014-10-03 23:16 - 2014-10-03 23:16 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-08-11 18:35 - 2016-12-23 17:14 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-08-15 19:00 - 2015-06-05 23:37 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe Targa Format CS5 Prefs
2014-06-11 22:30 - 2014-06-11 22:30 - 0000097 _____ () C:\Users\flkr2104\AppData\Roaming\LauncherSettings_live.cfg
2012-05-16 20:09 - 2016-09-03 14:40 - 0022328 _____ () C:\Users\flkr2104\AppData\Roaming\PnkBstrK.sys
2012-05-26 18:28 - 2012-05-26 18:28 - 0003584 _____ () C:\Users\flkr2104\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-27 16:02 - 2013-10-27 16:02 - 0000058 _____ () C:\Users\flkr2104\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-06-07 19:00 - 2012-06-07 19:00 - 0000096 _____ () C:\Users\flkr2104\AppData\Local\fusioncache.dat
2013-10-23 22:20 - 2013-10-23 22:20 - 0007605 _____ () C:\Users\flkr2104\AppData\Local\Resmon.ResmonCfg
2015-07-28 12:49 - 2015-07-28 12:49 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{43D810FD-CDEE-452B-9007-907ECB224905}
2015-06-07 13:10 - 2015-06-07 13:10 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{51A80C3A-0B9D-45B6-8F1E-3DE9E66F8091}
2015-06-15 12:07 - 2015-06-15 12:07 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{7B741A37-DC76-4B3B-B7D5-3526204848E8}
2016-07-28 17:08 - 2016-07-28 17:08 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{B2881FF6-5740-48F7-870C-65A198F1BB07}
2015-11-28 14:50 - 2015-11-28 14:50 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{C6B3C03C-64C9-4B05-BA05-6DF46EDEA189}
2012-06-09 10:44 - 2007-12-01 16:22 - 0315392 _____ () C:\ProgramData\GMLMatting.8bf
2012-06-09 10:44 - 2012-06-09 10:44 - 0000053 _____ () C:\ProgramData\GMLMatting.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-23 12:51

==================== End of FRST.txt ============================

--- --- ---

und Addition

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x86) Version: 21-12-2016
Ran by flkr2104 (23-12-2016 22:17:14)
Running from C:\Users\flkr2104\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2011-08-02 07:11:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1890919210-445268223-3708981845-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-1890919210-445268223-3708981845-1002 - Administrator - Enabled)
FKone (S-1-5-21-1890919210-445268223-3708981845-1003 - Administrator - Enabled)
Gjest (S-1-5-21-1890919210-445268223-3708981845-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
FW: Trend Micro Personal Firewall (Enabled) {49A8346C-6900-54B6-B1B3-5F678736DDE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D9F3D66A-9885-4DDD-A800-9DDF488359A1}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
BitRaider Streaming Client (HKLM\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Echo of Soul (HKLM\...\Echo of Soul) (Version:  - )
FUSSBALL MANAGER 13 (HKLM\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
fx-9860G Manager PLUS (HKLM\...\{F5F8D7F9-8879-439E-8292-3386CD7BF06D}) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HP HotKey Support (HKLM\...\{931AED5E-545A-4802-B5CF-DD3B2086235F}) (Version: 4.0.18.1 - Hewlett-Packard Company)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
iFinger (HKLM\...\{A1CA0B3B-CFDB-440D-87C5-3F0EFED61731}) (Version: 4.0.4 - iFinger LTD)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{B62DB971-5B1E-4EAF-86DC-09B4D3A322D2}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Messenger Plus! 5 (HKLM\...\Messenger Plus!) (Version: 5.50.0.761 - Yuna Software)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (norsk språkpakke) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.2 (HKLM\...\{4F33D156-BF58-4BDB-A8CE-74123C7142C0}) (Version: 3.2.9502 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Ralink RT3592 802.11a/b/g/n 2x2 WiFi Adapter (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.01.18.0 - Ralink)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Språkpakke for Microsoft Visual Studio 2010 Tools for Office Runtime (x86) – NOR (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NOR) (Version: 10.0.50903 - Microsoft Corporation)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STRIKE NX GAMEPAD (HKLM\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Trend Micro OfficeScan Client (HKLM\...\OfficeScanNT) (Version: 10.6.5162 - Trend Micro)
Unity Web Player (HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Validity Fingerprint Sensor Driver (HKLM\...\{316430AA-68D4-4468-83FE-E5E088511C6C}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
Veetle TV (HKLM\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Virtua Tennis 4 (Version: 1.0.0001.130 - Sega) Hidden
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.1 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{079AA557-4A18-424A-8EEE-E39F0A8D41B9}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF90-7B36-11d2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF91-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF94-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3124C396-FB13-4836-A6AD-1317F1713688}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll ()
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373984C9-B845-449B-91E7-45AC83036ADE}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{379E501F-B231-11D1-ADC1-00805FC752D8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3D813DFE-6C91-4A4E-8F41-04346A841D9C}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3E784A01-F3AE-4DC0-9354-9526B9370EBA}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{4DD441AD-526D-4A77-9F1B-9841ED802FB0}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{550DDA30-0541-11D2-9CA9-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7E3FCEA1-31B4-11D2-AE1F-0080C7337EA1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{AFB40FFD-B609-40A3-9828-F88BBE11E4E3}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{D2423620-51A0-11D2-9CAF-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F19-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F27-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F31-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F33-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F34-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F35-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F36-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F37-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F39-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F3F-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F40-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F41-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F14-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{FC220AD8-A72A-4EE8-926E-0B7AD152A020}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14A8A810-9A39-4BFF-88E2-3D717AB5C923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03] (Google Inc.)
Task: {1E1AE2DC-56D6-41AF-BD36-E6487C2E4E12} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {473587FE-EE87-4C19-AF1A-8595AA63BB03} - System32\Tasks\{0927203C-0EBF-4520-A815-F850E80C4F86} => pcalua.exe -a "C:\Program Files\Trend Micro\OfficeScan Client\NTRmv.exe"
Task: {493D7DCC-B857-42E1-A4EF-776613C5B2AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {61BF19B3-147F-471D-A6A4-29015C250290} - System32\Tasks\{4E983F3D-CA62-4AB4-98AB-3C5DC4FF9BEC} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\World_of_Tanks\WOTLauncher.exe"
Task: {7561775F-91C7-40C6-B5DC-7F8CEC91274F} - System32\Tasks\{D4026E0E-5843-4B01-80A7-75692F195F72} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.22.0.107&amp;LastError=-9
Task: {7B9E3DBB-058A-414B-AE52-51944D3AFEA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {80E18999-C394-43F7-B3B0-D7803EE13670} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9469D411-F484-4F74-8CD0-900744EC7ED0} - System32\Tasks\{A5FADF4A-2EB7-482D-BE9A-4F59DC50A02E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=7.3.0.101&amp;LastError=-9
Task: {A6EC187B-E82C-41DF-9D86-D01C0644F620} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03] (Google Inc.)
Task: {C633C180-1ED1-4D11-9173-3C839FEFCDBA} - System32\Tasks\{015D73D5-7EF9-4344-9757-A8487F237BE9} => pcalua.exe -a "C:\Users\flkr2104\Downloads\fm bilder\FMC_2D_Spielerbilder_BorussiaDortmund.exe" -d "C:\Users\flkr2104\Downloads\fm bilder"
Task: {E6363805-31C2-441E-B0FE-A87A45036903} - System32\Tasks\{CA584D81-5E3F-4553-B31D-B85999D12BFD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.9.0.106&amp;LastError=-9
Task: {F492ED02-CF3A-4667-B829-C24B9F2D8F3F} - System32\Tasks\{06F9D0C9-EF0D-4815-8092-909961929903} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.16.0.105&amp;LastError=-9
Task: {F5FBDC70-34C1-40BC-B7E2-D39723268801} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-10-05 18:18 - 2016-10-05 18:18 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-04 00:17 - 2012-07-04 00:17 - 00002560 _____ () C:\Windows\runservice.exe
2012-07-04 00:17 - 2013-12-14 20:03 - 00048640 _____ () C:\Windows\mmfs.dll
2015-05-20 14:13 - 2014-02-15 07:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2012-03-19 14:29 - 2011-04-01 10:53 - 00499712 _____ () C:\Program Files\Trend Micro\OfficeScan Client\sqlite3.dll
2012-05-16 20:09 - 2015-03-21 22:26 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2016-06-30 12:24 - 2016-12-17 22:17 - 00564736 _____ () C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-08-02 10:19 - 2011-05-18 11:39 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-08-02 17:46 - 2011-03-26 07:28 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2012-12-18 01:10 - 2012-03-28 22:18 - 01198872 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-12-15 21:41 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 21:41 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1113328611-58381748-87005590-109325\Control Panel\Desktop\\Wallpaper -> C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^flkr2104^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OfficeScanNT Monitor => "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A622ABA6-3C92-41E6-B9A6-0180CB929627}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E1F8A0D8-4BD6-4314-9E5F-09CFA6031C64}] => LPort=2869
FirewallRules: [{8E016B2D-F2B2-426E-8EFA-46C122E87942}] => LPort=1900
FirewallRules: [{4D7BDA48-417D-4349-A980-9CA19BEAB9E8}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{931A377F-4D8D-4BBC-94E5-8D0F49139C46}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [TCP Query User{C964F64B-B4AF-422E-84E6-F447D39FF02F}C:\program files\internet explorer\iexplore.exe] => C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{C9A64660-BDEF-4E85-854C-1276BBF4AADE}C:\program files\internet explorer\iexplore.exe] => C:\program files\internet explorer\iexplore.exe
FirewallRules: [{5BB298CC-AA84-491D-80D0-7C095E61BA2C}] => LPort=56676
FirewallRules: [{89AC9ADD-DE5F-493A-BBBE-A09925FEEA86}] => LPort=56676
FirewallRules: [{E74843CA-D546-474B-BE2F-ECD88AF21AA3}] => LPort=56676
FirewallRules: [{3AF8905E-C8AE-4A8C-9333-FA4D6D943A83}] => LPort=56676
FirewallRules: [{3CEC8038-9CB9-492F-84BC-11FC042637BB}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{797BF723-8A67-4836-928C-480FA8891719}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [{5AE9581D-14F3-4469-A752-53338A798640}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A0723582-6F2B-43F5-8262-ABD550D5C792}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{3CBDDE4A-099C-4CE9-BC37-64F1FB39D9FA}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{9CE865C3-BEB8-4C6B-8655-306C4F5F2AD0}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{9247D1AC-E137-4A98-8136-5A6EE141EBFF}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{D69662A4-66F6-4384-88FA-FDEE02C03A6F}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EB93B812-9B9E-418E-A0E3-69C71D1D090E}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{BA336E0C-B36B-4607-8119-9BFE68EE3BDE}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A820FB9D-B99E-4B28-8661-A19B8852A77C}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [{47817B77-3C47-4FB4-B3D0-CCA335429855}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{67463958-AB41-41AA-9083-8800F123498F}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A4F25796-4A90-4E82-A333-45F7CC95EC65}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{984E4980-579B-47B0-BFE1-AF5D4A0C076A}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{F551A992-3141-4D89-BA76-75760F62E27C}] => LPort=57403
FirewallRules: [{1F578E27-FD89-4030-B8EC-A0BC1C526524}] => LPort=57403
FirewallRules: [{5D60EDFF-EA05-4007-8412-DFDE253D4577}] => LPort=57403
FirewallRules: [{13938A1A-81AF-4BD0-AB69-BED62589111D}] => LPort=57403
FirewallRules: [{0092FC27-0457-4EDA-AAEA-D9FFE024C45A}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{02EA3E90-A44B-4F73-A943-FBD12A097465}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{62B8955A-39F2-4EF4-A52D-5A09535CE188}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [{02FA5FC8-C781-4F53-938B-78F933EA2E88}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{8F19AA17-5BB2-40B4-A6F5-E40042625635}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7460F63E-D470-46D0-A656-8819767A619D}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{C7ADC506-CDA1-48A3-A2EF-F6FA057261AE}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{920F7FF0-D99B-4849-82C5-8BE8022DFAAE}] => LPort=80
FirewallRules: [{60E8E997-E151-4751-80E6-B7543F835BC7}] => LPort=443
FirewallRules: [{4CC79DDF-748F-47B4-BDC8-0B762A261560}] => LPort=20010
FirewallRules: [{C172F8BB-B73C-4E08-8919-C35EF9EE9C34}] => LPort=3478
FirewallRules: [{14E92C44-7822-41B8-A131-80E1F848083D}] => LPort=7850
FirewallRules: [{AB3AC8DD-BDB1-45B5-9217-4881FC7A0875}] => LPort=27022
FirewallRules: [{6A9CD13A-43B6-4631-8C68-4306185C1193}] => LPort=6881
FirewallRules: [{C717E6BE-C28A-4CB5-8DF9-FC719540A912}] => LPort=33333
FirewallRules: [{84D841DF-161C-4421-84BC-EB7E15BAA88F}] => LPort=20443
FirewallRules: [{413383F3-2547-481F-B70D-DC44AC04E62A}] => LPort=8090
FirewallRules: [TCP Query User{2FFBB76F-F899-485B-B3F0-625F7D62F4A5}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{B6DDDBD7-6C94-4A40-88DE-428852CFE2F4}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [{4EBA9F6A-0F8D-4F94-9942-73448314B269}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [{4A52C6EF-5F9A-4A0F-888F-D81C6E6E9574}] => LPort=7852
FirewallRules: [{1BE26DF6-7661-43CB-8FD0-EFDA92D6DA6F}] => LPort=7853
FirewallRules: [{B8F2D49B-2EBB-4C21-B719-02BC8571FE1B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97D84C21-793F-4F11-8AB5-B9DC278676BF}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF400853-AAAB-49E3-8387-75161C9283ED}] => LPort=60426
FirewallRules: [{EAE60802-9EC3-4DEF-AF04-D462FD75ABA9}] => LPort=5000
FirewallRules: [{63159383-EF26-4123-BCED-CAC58630E62D}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0741EA6B-43DD-4047-BDC2-D52CD5E9A75B}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{AC6FF4E6-BF42-466C-AA44-0ED710FFD7D4}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{D778DEAD-F211-4901-82C5-1346DFC7AE9C}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0F2DE732-315A-41A0-80C3-98255C8633AA}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AF54C738-61F5-4881-A6FD-8E55E03C30B6}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DCF6B2FB-B87E-4E0D-94C5-23304BCFE9C2}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{7DE68FF8-65F1-45C5-99E0-41708996614D}] => C:\Program Files\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{C29E0871-6BA7-4629-A635-8C7155D3D475}] => C:\Program Files\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{E3A21C6E-D9C6-4FEB-BB71-B515D4D68FB9}] => LPort=12345
FirewallRules: [{204EF0C2-5BDB-448E-BF9B-81CEB5B2C21F}] => LPort=49210
FirewallRules: [{EF4E3B63-763D-4155-8C90-3F26EFEB33E6}] => LPort=5000

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Messenger Plus! Virtual Camera
Description: Messenger Plus! Virtual Camera
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: YunaSoftware
Service: MsgPlusDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Messenger Plus! Virtual Camera
Description: Messenger Plus! Virtual Camera
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: YunaSoftware
Service: MsgPlusDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2016 12:18:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/22/2016 01:59:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/21/2016 07:21:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/21/2016 01:39:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/20/2016 07:41:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/20/2016 07:35:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/20/2016 01:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Kan ikke initialisere indeksen.

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kan ikke initialisere programmet.

Kontekst: Windows-program

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kan ikke initialisere Innsamler-objektet.

Kontekst: Windows-program, SystemIndex-katalog

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (12/23/2016 08:18:48 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Datamaskinen kan ikke sette opp en sikker økt med en 
domenekontroller i domene OPPLAND på grunn av følgende: 
Det er ingen tilgjengelige påloggingsservere som kan behandle påloggingsforespørselen.


Dette kan føre til godkjenningsproblemer. Kontroller at datamaskinen 
er koblet til nettverket. Hvis problemet vedvarer, 
kontakt domeneadministrator.



MER INFORMASJON

Hvis denne datamaskinen er domenekontroller for det angitte domenet,
setter den opp sikre økter for primærdomenets kontrolleremulator i det angitte 
domenet. Ellers setter denne datamaskinen opp den sikre økten for enhver domenekontroller
i det angitte domenet.

Error: (12/23/2016 04:18:25 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Datamaskinen kan ikke sette opp en sikker økt med en 
domenekontroller i domene OPPLAND på grunn av følgende: 
Det er ingen tilgjengelige påloggingsservere som kan behandle påloggingsforespørselen.


Dette kan føre til godkjenningsproblemer. Kontroller at datamaskinen 
er koblet til nettverket. Hvis problemet vedvarer, 
kontakt domeneadministrator.



MER INFORMASJON

Hvis denne datamaskinen er domenekontroller for det angitte domenet,
setter den opp sikre økter for primærdomenets kontrolleremulator i det angitte 
domenet. Ellers setter denne datamaskinen opp den sikre økten for enhver domenekontroller
i det angitte domenet.

Error: (12/23/2016 01:18:12 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Skyggekopiene av volum C: ble avbrutt fordi skyggekopilageret ikke kunne vokse på grunn av en brukerdefinert grense.

Error: (12/23/2016 12:19:32 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: OPPLAND)
Description: Behandlingen av gruppepolicyen mislyktes på grunn av manglende nettverkstilkobling til en domenekontroller. Dette kan være en forbigående tilstand. En melding om at det er utført, genereres når maskinen kobles til domenekontrolleren og gruppepolicyen har blitt behandlet. Kontakt systemansvarlig hvis du ikke får en melding om at det er utført innen noen timer.

Error: (12/23/2016 12:18:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Følgende oppstarts- eller systemstartdriver(e) kan ikke lastes inn: 
cdrom

Error: (12/23/2016 12:18:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Origin Web Helper Service kan ikke starte på grunn av følgende feil: 
Tjenesten svarte ikke på start- eller kontrollforespørselen innenfor tidsrammen.

Error: (12/23/2016 12:18:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Origin Web Helper Service skal koble til.

Error: (12/23/2016 12:18:04 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-MYNDIGHET)
Description: Behandlingen av gruppepolicyen mislyktes på grunn av manglende nettverkstilkobling til en domenekontroller. Dette kan være en forbigående tilstand. En melding om at det er utført, genereres når maskinen kobles til domenekontrolleren og gruppepolicyen har blitt behandlet. Kontakt systemansvarlig hvis du ikke får en melding om at det er utført innen noen timer.

Error: (12/23/2016 12:17:59 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Datamaskinen kan ikke sette opp en sikker økt med en 
domenekontroller i domene OPPLAND på grunn av følgende: 
Det er ingen tilgjengelige påloggingsservere som kan behandle påloggingsforespørselen.


Dette kan føre til godkjenningsproblemer. Kontroller at datamaskinen 
er koblet til nettverket. Hvis problemet vedvarer, 
kontakt domeneadministrator.



MER INFORMASJON

Hvis denne datamaskinen er domenekontroller for det angitte domenet,
setter den opp sikre økter for primærdomenets kontrolleremulator i det angitte 
domenet. Ellers setter denne datamaskinen opp den sikre økten for enhver domenekontroller
i det angitte domenet.

Error: (12/23/2016 12:25:11 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Serveren {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} ble ikke registrert hos DCOM innen fristen for tidsavbrudd.


CodeIntegrity:
===================================
  Date: 2016-12-23 21:53:03.336
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 21:45:34.268
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 21:37:54.329
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 20:17:55.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 20:13:35.930
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 18:51:35.331
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 18:22:00.039
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 17:26:03.691
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 17:25:37.621
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 13:44:06.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU B810 @ 1.60GHz
Percentage of memory in use: 49%
Total physical RAM: 3014.37 MB
Available physical RAM: 1516.77 MB
Total Virtual: 6027.06 MB
Available Virtual: 4020.76 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:116.44 GB) (Free:42.54 GB) NTFS
Drive d: (Data) (Fixed) (Total:116.14 GB) (Free:33.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 108E484F)
Partition 1: (Not Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.1 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=300 MB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

--- --- ---

Windows 7: Laptop friert oftmals ein

Plagegeister aller Art und deren Bekämpfung: Windows 7: Laptop friert oftmals ein

Windows 7: Laptop friert oftmals ein

Ähnliche Themen: Windows 7: Laptop friert oftmals ein