| danielSN | 04.02.2015 14:00 |
Hallo, danke
in der vorherigen scans wurde nix gefunden.
First.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Kaddy (administrator) on KADDY-PC on 04-02-2015 13:53:55
Running from C:\Users\Kaddy\Downloads
Loaded Profiles: Kaddy (Available profiles: Kaddy)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Hi-Rez Studios) D:\Games\HiRezGames\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\SMINST\BLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1560872 2008-07-24] (Synaptics, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [442368 2009-06-03] (IDT, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-830267165-1917154193-1489087868-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-830267165-1917154193-1489087868-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-03-17] ()
HKU\S-1-5-21-830267165-1917154193-1489087868-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-830267165-1917154193-1489087868-1000\...\MountPoints2: {5d0b070f-5065-11e4-8fb4-00247e2c956f} - H:\startme.exe
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-830267165-1917154193-1489087868-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-830267165-1917154193-1489087868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-830267165-1917154193-1489087868-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
SearchScopes: HKLM -> DefaultScope {B42DEE2B-2177-4E8F-9C96-AB64435A0084} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM -> {304BB59F-E284-4547-B408-B92A3017B103} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {7E4E7EE4-DF3F-4B9D-BCC9-88B8E125E2A6} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM -> {B42DEE2B-2177-4E8F-9C96-AB64435A0084} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM-x32 -> DefaultScope {B42DEE2B-2177-4E8F-9C96-AB64435A0084} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM-x32 -> {304BB59F-E284-4547-B408-B92A3017B103} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {7E4E7EE4-DF3F-4B9D-BCC9-88B8E125E2A6} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 -> {B42DEE2B-2177-4E8F-9C96-AB64435A0084} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKU\S-1-5-21-830267165-1917154193-1489087868-1000 -> DefaultScope {B42DEE2B-2177-4E8F-9C96-AB64435A0084} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKU\S-1-5-21-830267165-1917154193-1489087868-1000 -> {304BB59F-E284-4547-B408-B92A3017B103} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-830267165-1917154193-1489087868-1000 -> {7E4E7EE4-DF3F-4B9D-BCC9-88B8E125E2A6} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKU\S-1-5-21-830267165-1917154193-1489087868-1000 -> {B42DEE2B-2177-4E8F-9C96-AB64435A0084} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKU\S-1-5-21-830267165-1917154193-1489087868-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Kaddy\AppData\Roaming\Mozilla\Firefox\Profiles\a2ghfayl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Games\Arc\Arc\Plugins\npArcPluginFF.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Kaddy\AppData\Roaming\Mozilla\Firefox\Profiles\a2ghfayl.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-12]
FF Extension: HP Detect - C:\Users\Kaddy\AppData\Roaming\Mozilla\Firefox\Profiles\a2ghfayl.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-07-30]
FF Extension: BetterTTV - C:\Users\Kaddy\AppData\Roaming\Mozilla\Firefox\Profiles\a2ghfayl.default\Extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi [2014-10-21]
FF Extension: FlashGot - C:\Users\Kaddy\AppData\Roaming\Mozilla\Firefox\Profiles\a2ghfayl.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-07-06]
FF Extension: Adblock Edge - C:\Users\Kaddy\AppData\Roaming\Mozilla\Firefox\Profiles\a2ghfayl.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-03-26]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-09]
Chrome:
=======
CHR Profile: C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-30]
CHR Extension: (BetterTTV) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-10-30]
CHR Extension: (Google Docs) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-30]
CHR Extension: (Google Drive) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-30]
CHR Extension: (YouTube) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-30]
CHR Extension: (Google-Suche) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-30]
CHR Extension: (Google Tabellen) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-30]
CHR Extension: (AdBlock) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-30]
CHR Extension: (Google Wallet) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-30]
CHR Extension: (Google Mail) - C:\Users\Kaddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HiPatchService; D:\Games\HiRezGames\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [223232 2008-10-23] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5284208 2013-10-30] (INCA Internet Co., Ltd.)
S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3273552 2011-11-17] (O&O Software GmbH)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-12-17] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [239104 2009-06-03] (IDT, Inc.)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 1394hub; C:\Windows\System32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-20] (DT Soft Ltd)
S2 Htsysm; C:\Windows\SysWOW64\HtsysmNT.sys [2304 2010-11-04] () [File not signed]
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-07-20] (ManyCam LLC)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [95552 2004-01-26] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 hxsyol; \??\D:\Games\AeriaGames\Aura Kingdom\AuraKingdom\avital\hxsy64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 slb; \??\D:\Games\Scarlet Blade\ScarletBlade\avital\scarlb64.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 13:53 - 2015-02-04 13:54 - 00023186 _____ () C:\Users\Kaddy\Downloads\FRST.txt
2015-02-04 13:53 - 2015-02-04 13:54 - 00000000 ____D () C:\FRST
2015-02-04 13:52 - 2015-02-04 13:53 - 02131456 _____ (Farbar) C:\Users\Kaddy\Downloads\FRST64.exe
2015-02-03 19:52 - 2015-02-03 19:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-03 18:53 - 2015-02-03 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-03 18:53 - 2015-02-03 18:53 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-16 16:19 - 2015-01-16 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flyff
2015-01-16 15:57 - 2015-01-16 15:57 - 00001078 _____ () C:\Users\Kaddy\Desktop\GrandFantasia-DE.lnk
2015-01-16 02:19 - 2015-01-16 02:19 - 00000000 ____D () C:\Users\Kaddy\AppData\Roaming\com.infinite-interactive.GoW
2015-01-15 13:24 - 2014-12-19 01:26 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 13:24 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-15 13:24 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-15 13:24 - 2014-12-06 03:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 13:24 - 2014-12-06 03:54 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 13:24 - 2014-12-06 03:54 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-11 15:05 - 2015-01-11 15:05 - 00002824 _____ () C:\Users\Kaddy\AppData\Local\recently-used.xbel
2015-01-11 03:01 - 2015-01-11 03:01 - 00000300 _____ () C:\Windows\setupact.log
2015-01-11 03:01 - 2015-01-11 03:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01005.Wdf
2015-01-11 03:01 - 2015-01-11 03:01 - 00000000 _____ () C:\Windows\setuperr.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 13:54 - 2012-10-11 19:21 - 00000000 ____D () C:\Users\Kaddy\AppData\Roaming\Skype
2015-02-04 13:25 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 13:25 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 13:19 - 2014-10-30 16:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 13:09 - 2014-04-23 02:23 - 00000000 ____D () C:\Users\Kaddy\AppData\Local\LogMeIn Hamachi
2015-02-04 13:03 - 2012-10-05 21:27 - 01617761 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 13:01 - 2013-12-22 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-04 12:55 - 2012-12-12 16:47 - 00976140 _____ () C:\Windows\system32\oodbs.lor
2015-02-04 12:55 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 07:01 - 2012-10-05 21:27 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-02-04 07:01 - 2006-11-02 16:42 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-04 00:14 - 2014-10-30 16:00 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 00:14 - 2014-10-30 16:00 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 00:14 - 2014-10-30 16:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-03 21:21 - 2012-10-29 19:23 - 00000000 ____D () C:\Users\Kaddy\AppData\Local\Adobe
2015-02-03 21:20 - 2012-10-11 21:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 21:20 - 2012-10-11 21:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 20:49 - 2012-10-06 19:22 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKaddy
2015-02-03 20:49 - 2012-10-06 19:22 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForKaddy.job
2015-02-03 20:02 - 2014-06-19 11:58 - 00000000 ____D () C:\Program Files (x86)\Everything
2015-02-03 18:52 - 2014-12-12 12:03 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-21 16:42 - 2014-11-05 23:48 - 00086306 _____ () C:\Windows\PFRO.log
2015-01-17 14:58 - 2014-10-24 21:45 - 00000000 ____D () C:\Users\Kaddy\Documents\Gameforge Live
2015-01-16 21:48 - 2014-08-01 09:44 - 00000000 ____D () C:\Users\Kaddy\AppData\Local\Akamai
2015-01-16 15:58 - 2014-06-11 22:37 - 00000000 ____D () C:\ProgramData\WEBZEN
2015-01-16 15:57 - 2012-11-14 16:01 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-01-16 02:20 - 2014-05-27 16:09 - 00000000 ____D () C:\Users\Kaddy\Downloads\Programme
2015-01-15 13:24 - 2013-08-14 21:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 13:04 - 2006-11-02 13:35 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-01-14 11:32 - 2014-04-23 02:24 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-11 15:06 - 2013-10-24 12:49 - 00000000 ____D () C:\Users\Kaddy\.gimp-2.8
2015-01-11 15:01 - 2013-10-24 14:57 - 00000000 ____D () C:\Users\Kaddy\AppData\Local\gtk-2.0
2015-01-10 21:36 - 2014-02-02 02:16 - 00000000 ____D () C:\Users\Kaddy\AppData\Local\Daedalic Entertainment
==================== Files in the root of some directories =======
2012-10-06 19:23 - 2012-10-06 19:23 - 0000000 _____ () C:\Users\Kaddy\AppData\Local\AtStart.txt
2014-06-28 09:15 - 2014-06-28 09:15 - 0000552 _____ () C:\Users\Kaddy\AppData\Local\d3d8caps.dat
2013-03-06 08:41 - 2014-06-28 09:15 - 0000680 _____ () C:\Users\Kaddy\AppData\Local\d3d9caps.dat
2012-10-08 20:02 - 2014-10-11 18:16 - 0148480 _____ () C:\Users\Kaddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-21 22:25 - 2014-02-22 23:25 - 0866228 _____ () C:\Users\Kaddy\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2012-12-21 22:25 - 2012-12-21 22:25 - 0000002 _____ () C:\Users\Kaddy\AppData\Local\dd_dotnetfx35error.txt
2014-02-03 20:00 - 2014-02-03 20:00 - 0000002 _____ () C:\Users\Kaddy\AppData\Local\dd_dotnetfx35error_lp.txt
2012-12-21 22:25 - 2014-02-22 23:25 - 0960738 _____ () C:\Users\Kaddy\AppData\Local\dd_dotnetfx35install.txt
2014-02-03 20:00 - 2014-02-22 23:25 - 0183386 _____ () C:\Users\Kaddy\AppData\Local\dd_dotnetfx35install_lp.txt
2014-02-22 23:25 - 2014-02-22 23:25 - 0974886 _____ () C:\Users\Kaddy\AppData\Local\dd_NET_Framework35_LangPack_MSI5FCA.txt
2014-02-03 20:00 - 2014-02-03 20:01 - 0976530 _____ () C:\Users\Kaddy\AppData\Local\dd_NET_Framework35_LangPack_MSI76FC.txt
2014-02-22 23:24 - 2014-02-22 23:24 - 2831584 _____ () C:\Users\Kaddy\AppData\Local\dd_NET_Framework35_x64_MSI5EFC.txt
2014-02-03 19:59 - 2014-02-03 20:00 - 2834702 _____ () C:\Users\Kaddy\AppData\Local\dd_NET_Framework35_x64_MSI75FA.txt
2013-05-15 23:31 - 2013-05-15 23:31 - 0361318 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI04B8.txt
2013-02-10 13:51 - 2013-02-10 13:51 - 0373508 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI18B6.txt
2013-02-10 13:51 - 2013-02-10 13:51 - 0381544 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI18E7.txt
2013-05-16 22:18 - 2013-05-16 22:18 - 0355898 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI1B84.txt
2014-01-09 18:48 - 2014-01-09 18:48 - 0357994 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI1DFE.txt
2013-07-15 01:12 - 2013-07-15 01:12 - 0365510 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI2255.txt
2013-09-07 01:21 - 2013-09-07 01:21 - 0437450 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI241F.txt
2014-04-13 15:06 - 2014-04-13 15:06 - 0368440 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI24B9.txt
2012-11-14 16:10 - 2012-11-14 16:10 - 0417824 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI26FD.txt
2012-11-06 13:21 - 2012-11-06 13:21 - 0327584 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI3502.txt
2013-12-26 23:39 - 2013-12-26 23:40 - 0366512 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI3777.txt
2013-07-20 18:17 - 2013-07-20 18:17 - 0364868 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI397A.txt
2013-08-16 22:37 - 2013-08-16 22:37 - 0356262 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI3E0D.txt
2012-11-08 18:49 - 2012-11-08 18:50 - 0441234 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI4C75.txt
2012-12-26 12:41 - 2012-12-26 12:41 - 0355222 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI591F.txt
2014-02-22 23:22 - 2014-02-22 23:22 - 0389300 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI5D95.txt
2014-02-22 23:22 - 2014-02-22 23:22 - 0376370 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI5DA5.txt
2012-10-20 15:22 - 2012-10-20 15:23 - 0590318 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI613E.txt
2014-03-02 18:13 - 2014-03-02 18:14 - 0423006 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI6222.txt
2013-06-30 03:07 - 2013-06-30 03:07 - 0350576 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI6603.txt
2014-07-10 11:53 - 2014-07-10 11:53 - 0422336 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI6C7B.txt
2014-02-03 20:01 - 2014-02-03 20:01 - 0388406 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI7758.txt
2014-02-03 20:01 - 2014-02-03 20:01 - 0376972 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI7765.txt
2013-12-21 16:58 - 2013-12-21 16:58 - 0368048 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistMSI7DD0.txt
2013-05-15 23:31 - 2013-05-15 23:31 - 0032294 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI04B8.txt
2013-02-10 13:51 - 2013-02-10 13:51 - 0022188 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI18B6.txt
2013-02-10 13:51 - 2013-02-10 13:51 - 0022076 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI18E7.txt
2013-05-16 22:18 - 2013-05-16 22:18 - 0013498 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI1B84.txt
2014-01-09 18:48 - 2014-01-09 18:48 - 0027990 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI1DFE.txt
2013-07-15 01:12 - 2013-07-15 01:12 - 0019662 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI2255.txt
2013-09-07 01:21 - 2013-09-07 01:21 - 0011380 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI241F.txt
2014-04-13 15:06 - 2014-04-13 15:06 - 0011222 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI24B9.txt
2012-11-14 16:10 - 2012-11-14 16:10 - 0011478 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI26FD.txt
2012-11-06 13:21 - 2012-11-06 13:21 - 0011414 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI3502.txt
2013-12-26 23:39 - 2013-12-26 23:40 - 0011142 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI3777.txt
2013-07-20 18:17 - 2013-07-20 18:17 - 0069374 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI397A.txt
2013-08-16 22:37 - 2013-08-16 22:37 - 0013518 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI3E0D.txt
2012-11-08 18:49 - 2012-11-08 18:50 - 0014222 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI4C75.txt
2012-12-26 12:41 - 2012-12-26 12:41 - 0011142 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI591F.txt
2014-02-22 23:22 - 2014-02-22 23:22 - 0022354 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI5D95.txt
2014-02-22 23:22 - 2014-02-22 23:22 - 0022258 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI5DA5.txt
2012-10-20 15:22 - 2012-10-20 15:23 - 0014554 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI613E.txt
2014-03-02 18:13 - 2014-03-02 18:14 - 0025708 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI6222.txt
2013-06-30 03:07 - 2013-06-30 03:07 - 0014146 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI6603.txt
2014-07-10 11:53 - 2014-07-10 11:53 - 0011172 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI6C7B.txt
2014-02-03 20:01 - 2014-02-03 20:01 - 0012198 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI7758.txt
2014-02-03 20:01 - 2014-02-03 20:01 - 0012166 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI7765.txt
2013-12-21 16:58 - 2013-12-21 16:58 - 0011206 _____ () C:\Users\Kaddy\AppData\Local\dd_vcredistUI7DD0.txt
2012-10-06 19:23 - 2012-10-06 19:23 - 0000000 _____ () C:\Users\Kaddy\AppData\Local\DSwitch.txt
2014-10-15 17:52 - 2014-11-30 19:46 - 28112224 _____ (Sony Mobile Communications ) C:\Users\Kaddy\AppData\Local\pcc.exe
2012-10-06 19:23 - 2012-10-06 19:23 - 0000000 _____ () C:\Users\Kaddy\AppData\Local\QSwitch.txt
2015-01-11 15:05 - 2015-01-11 15:05 - 0002824 _____ () C:\Users\Kaddy\AppData\Local\recently-used.xbel
2012-12-21 22:25 - 2014-02-22 23:25 - 0038214 _____ () C:\Users\Kaddy\AppData\Local\uxeventlog.txt
2013-09-23 00:54 - 2011-05-16 12:36 - 1654869 _____ (Dynu Systems Inc.) C:\ProgramData\DynuEncrypt.dll
2013-12-23 23:56 - 2013-10-24 23:56 - 0000032 ____R () C:\ProgramData\hash.dat
2012-10-06 19:23 - 2015-02-04 13:54 - 0088805 _____ () C:\ProgramData\HPWALog.txt
2012-10-05 22:30 - 2012-10-05 22:30 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-01-13 06:27 - 2009-01-13 06:28 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-10-05 22:28 - 2012-10-05 22:28 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-01-13 06:21 - 2009-01-13 06:22 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-05 22:26 - 2012-10-05 22:26 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2012-10-05 22:29 - 2012-10-05 22:29 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-01-13 06:20 - 2009-01-13 06:21 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-01-13 06:23 - 2009-01-13 06:27 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2012-10-05 22:30 - 2012-10-05 22:30 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Files to move or delete:
====================
C:\ProgramData\DynuEncrypt.dll
C:\ProgramData\hash.dat
Some content of TEMP:
====================
C:\Users\Kaddy\AppData\Local\Temp\avgnt.exe
C:\Users\Kaddy\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Kaddy\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-04 13:03
==================== End Of Log ============================
--- --- ---
Addition-txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Kaddy at 2015-02-04 13:55:28
Running from C:\Users\Kaddy\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1954 Alcatraz (HKLM-x32\...\Steam App 255280) (Version: - Daedalic Entertainment)
A New Beginning - Final Cut (HKLM-x32\...\Steam App 105000) (Version: - Daedalic Entertainment)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 1.1.18.0 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
Akamai NetSession Interface (HKU\S-1-5-21-830267165-1917154193-1489087868-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version: - )
Avira (HKLM-x32\...\{166a49c9-9f8d-4d64-a131-ff053b76a081}) (Version: 1.0.5142.23462 - Avira Operations GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Black Mirror (HKLM-x32\...\Steam App 292930) (Version: - Future Games)
Captain Morgane and the Golden Turtle (HKLM-x32\...\Steam App 264320) (Version: - WizarBox)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version: - Daedalic Entertainment)
Common Desktop Agent (Version: 1.50.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Divinity II: Developer's Cut (HKLM-x32\...\Steam App 219780) (Version: - Larian Studios)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.1.2.2 - DivX, Inc. )
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Dragon Nest Europe (HKLM-x32\...\Steam App 258700) (Version: - Eyedentity Games)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
Elsword (HKLM-x32\...\Elsword_de_is1) (Version: - )
Enclave (HKLM-x32\...\Steam App 253980) (Version: - Topware)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
Face Noir (HKLM-x32\...\Steam App 244690) (Version: - Mad Orange)
ffdshow [rev 497] [2006-11-04] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FINAL FANTASY III (HKLM-x32\...\Steam App 239120) (Version: - Square Enix)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
FlashGet 1.9.6.1073 (HKLM-x32\...\FlashGet) (Version: 1.9.6.1073 - hxxp://www.FlashGet.com)
Flyff (HKLM-x32\...\{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1) (Version: Flyff - WEBZEN Inc)
GameCatalog07.2013 (x32 Version: 1.00.0000 - Intenium GmbH) Hidden
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Gems of War (HKLM-x32\...\Steam App 329110) (Version: - Infinity Plus 2)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Goodbye Deponia (HKLM-x32\...\Steam App 241910) (Version: - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GrandFantasia-DE (HKLM-x32\...\GrandFantasia-DE) (Version: - )
Gray Matter (HKLM-x32\...\Steam App 260570) (Version: - WizarBox Production)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Active Support Library (HKLM-x32\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Help and Support (HKLM-x32\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.1.2425 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}) (Version: 2.1.7 - Hewlett-Packard)
HP MediaSmart TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.1.1219 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.1.1124 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch Buttons 6.40 L1 (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 L1 - Hewlett-Packard)
HP Total Care Advisor (HKLM-x32\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5991.2847 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0134 (HKLM-x32\...\{6ABE0E28-3A8E-4ADC-A050-784064B76236}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{E5E29403-3D25-40C6-892B-F9FEE2A95585}) (Version: 3.50 A6 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 2.0.64.3 - Hewlett-Packard) Hidden
ICQ 8.0 (build 5999, für aktuellen Benutzer) (HKU\S-1-5-21-830267165-1917154193-1489087868-1000\...\ICQ) (Version: 8.0.5999.0 - Mail.Ru)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.22 - IDT)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.30 - IObit)
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LightScribe System Software 1.14.17.1 (HKLM-x32\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Livestreamer 1.9.0 (HKLM-x32\...\Livestreamer) (Version: - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Maestia (HKLM-x32\...\Maestia) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mata Hari (HKLM-x32\...\Steam App 18480) (Version: - 4Head Studios)
Memento Mori (HKLM-x32\...\Steam App 200490) (Version: - Bohemia Interactive)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Ninjas (HKLM-x32\...\Steam App 35000) (Version: - IO Interactive)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
Nikopol: Secrets of the Immortals (HKLM-x32\...\Steam App 11370) (Version: - White Birds Productions)
Nostradamus: The Last Prophecy (HKLM-x32\...\Steam App 287720) (Version: - Anuman)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{BC39713D-B14D-4BB0-9663-BC9F7B8AB1F2}) (Version: 15.0.107 - O&O Software GmbH)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
Post Mortem (HKLM-x32\...\Steam App 46550) (Version: - Anuman / Microids)
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProtectSmart Hard Drive Protection (HKLM\...\{191C1158-D287-4074-B749-D4CDD321E062}) (Version: 3.10.1.7 - Hewlett-Packard)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Ragnarok Online - Free to Play - European Version (HKLM-x32\...\Steam App 250740) (Version: - Gravity Europe SAS)
Ragnarok Online 2 (HKLM-x32\...\{717BD14A-BE61-40A4-9865-17AACF611FE0}) (Version: 1.0.0 - Gravity Interactive, Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.35.01 - Samsung Electronics Co., Ltd.)
Samsung ML-1860 Series (HKLM-x32\...\Samsung ML-1860 Series) (Version: - Samsung Electronics Co., Ltd.)
Scratches: Director's Cut (HKLM-x32\...\Steam App 46460) (Version: - Nucleosys)
Secrets of Grindea (HKLM-x32\...\Steam App 269770) (Version: - )
Secrets of Grindea v0.56g (HKLM-x32\...\Secrets of Grindea_is1) (Version: - Pixel Ferrets)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2379.10 - Hi-Rez Studios)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Still Life (HKLM-x32\...\Steam App 46480) (Version: - Anuman / Microids)
Still Life 2 (HKLM-x32\...\Steam App 46490) (Version: - Anuman / Microids)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Syberia (HKLM-x32\...\Steam App 46500) (Version: - Anuman)
Syberia 2 (HKLM-x32\...\{EDBE322C-5CF0-46AC-A6DE-C6713F84B68A}) (Version: - )
Syberia 2 (HKLM-x32\...\Steam App 46510) (Version: - Anuman / Microids)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.1.0 - Synaptics)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Whispered World Special Edition (HKLM-x32\...\Steam App 268540) (Version: - Daedalic Entertainment)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version: - Black Pants Game Studio)
Trine (HKLM-x32\...\Steam App 35700) (Version: - Frozenbyte)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Valdis Story: Abyssal City (HKLM-x32\...\Steam App 252030) (Version: - )
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version: - )
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.1.0.0 - Azureus Software, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-830267165-1917154193-1489087868-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (HKLM\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-830267165-1917154193-1489087868-1000_Classes\CLSID\{19170A69-A883-40D5-AF97-F6DC41495F15}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-830267165-1917154193-1489087868-1000_Classes\CLSID\{ECF41531-0840-4361-955F-1157A091842F}\InprocServer32 -> No File Path
==================== Restore Points =========================
12-11-2014 23:16:12 Windows Update
13-11-2014 03:00:15 Windows Update
19-11-2014 22:14:26 Windows Update
26-11-2014 13:48:28 Geplanter Prüfpunkt
30-11-2014 13:19:48 DirectX wurde installiert
30-11-2014 19:47:11 Sony Ericsson PC Suite Drivers
30-11-2014 19:48:10 Sony PC Companion
02-12-2014 17:21:58 DirectX wurde installiert
04-12-2014 17:16:35 Geplanter Prüfpunkt
07-12-2014 19:42:20 Geplanter Prüfpunkt
11-12-2014 18:57:53 Windows Update
12-12-2014 12:15:53 Configured PlayOnline Viewer & Tetra Master
12-12-2014 12:19:07 Konfiguriert PowerStarter
12-12-2014 12:20:26 Gerätetreiber-Paketinstallation: JMicron Technology Corp. Speichertechnologietreiber
12-12-2014 12:21:22 Konfiguriert PowerDirector
12-12-2014 12:31:17 Konfiguriert LabelPrint
14-12-2014 00:12:44 DirectX wurde installiert
17-12-2014 11:33:27 Windows Update
01-01-2015 15:39:44 Geplanter Prüfpunkt
11-01-2015 03:00:23 Windows Update
15-01-2015 13:02:04 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 13:34 - 2014-12-12 12:30 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {17BB3D74-F715-46A3-83DC-00E60A54B8C2} - System32\Tasks\{2CC78A50-65D6-41D8-91F3-071AEB506B7F} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/go/help.faq.installer?LastError=1601
Task: {241F66CD-0468-410E-834D-8D957B104BCC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {4063B54F-2665-4005-9E93-84A234871EDB} - System32\Tasks\Uninstaller_SkipUac_Kaddy => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-12] (IObit)
Task: {53FFC562-0B26-4F6D-88E2-8071A90CF878} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {5582EC9C-27D7-4CE3-A43A-43DE02D18D4B} - System32\Tasks\{0E3B3F45-FAD4-41F4-A86B-F35EB0CDC47D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/go/help.faq.installer?LastError=1601
Task: {5C7B00D1-9D12-4081-9DC1-E80CA4D874A4} - System32\Tasks\{8CD236AD-498C-4DBB-8929-79AA7096484A} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/go/help.faq.installer?LastError=1601
Task: {8AAA05B5-86E4-4BDD-B84D-4AFF6C18EE9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {A3AFF1C5-3875-4417-8590-AC00C9941864} - System32\Tasks\{21B1864A-1A8D-4590-963A-6D6AB244932D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/go/help.faq.installer?LastError=1601
Task: {A9838A07-6E25-4347-9C1F-001F3DC7C879} - System32\Tasks\HPCeeScheduleForKaddy => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2008-05-19] (Hewlett-Packard)
Task: {C8A238EA-C9B8-4C2A-89EF-FB60E227699F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {D441D384-2D38-4B2F-91E8-A8B7C93CF326} - System32\Tasks\{8C7CBC60-6815-4936-A17D-0EBBF51ACDB7} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/go/help.faq.installer?LastError=1601
Task: {DEE77938-9CC6-430C-9036-080BB1E80338} - System32\Tasks\{2672A604-272B-411C-AA02-FC548F156EF3} => Firefox.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/go/help.faq.installer?LastError=1601
Task: {FC305A24-7A01-48AE-956A-97E2CB096005} - System32\Tasks\{4777507D-B430-4546-A06B-83F5B8752B6B} => pcalua.exe -a G:\Setup.exe -d G:\
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKaddy.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2013-10-22 17:00 - 2010-07-29 13:42 - 00027648 _____ () C:\Windows\System32\ssb6mlm.dll
2012-11-16 20:37 - 2012-11-16 20:37 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2013-03-20 14:30 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2012-11-16 14:09 - 2012-11-16 14:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-01-13 06:35 - 2008-12-17 16:11 - 00365952 _____ () C:\Program Files (x86)\SMINST\BLService.exe
2008-11-26 16:13 - 2008-11-26 16:13 - 00296320 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
2008-11-26 16:13 - 2008-11-26 16:13 - 00116096 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
2008-10-22 10:32 - 2008-10-22 10:32 - 00628016 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2013-03-20 14:30 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2009-01-13 06:35 - 2008-12-17 16:11 - 00132480 _____ () C:\Program Files (x86)\SMINST\STWmiM.dll
2008-11-26 16:13 - 2008-11-26 16:13 - 00263560 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
2008-11-26 16:13 - 2008-11-26 16:13 - 00038184 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
2008-11-26 16:13 - 2008-11-26 16:13 - 00124288 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLSchMgr.dll
2008-11-26 16:13 - 2008-11-26 16:13 - 00349480 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll
2015-02-03 19:52 - 2015-02-03 19:52 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-02-03 21:20 - 2015-02-03 21:20 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk => C:\Windows\pss\BTTray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Kaddy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Kaddy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Kaddy\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: CLMLServer for HP TouchSmart => "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DVDAgent => "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
MSCONFIG\startupreg: EADM => "D:\Games\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: ICQ => C:\Users\Kaddy\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: ManyCam => "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QlbCtrl.exe => "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartMenu => %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: Steam => "D:\Games\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SyncManPath => "C:\Users\Kaddy\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe" -autostart
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TSMAgent => "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
MSCONFIG\startupreg: TVAgent => "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDIRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
========================= Accounts: ==========================
Administrator (S-1-5-21-830267165-1917154193-1489087868-500 - Administrator - Disabled)
Gast (S-1-5-21-830267165-1917154193-1489087868-501 - Limited - Disabled)
Kaddy (S-1-5-21-830267165-1917154193-1489087868-1000 - Administrator - Enabled) => C:\Users\Kaddy
==================== Faulty Device Manager Devices =============
Name: JMB38X SD/MMC Host Controller
Description: JMB38X SD/MMC Host Controller
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: JMicron Technology Corp.
Service: JMCR
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: JMB38X SD Host Controller
Description: JMB38X SD Host Controller
Class Guid: {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
Manufacturer: JMicron Technology Corp.
Service: sdbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: JMB38X MS Host Controller
Description: JMB38X MS Host Controller
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: JMicron Technology Corp.
Service: JMCR
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: JMB38X xD Host Controller
Description: JMB38X xD Host Controller
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: JMicron Technology Corp.
Service: JMCR
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/04/2015 01:26:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung puush.exe, Version 1.0.0.0, Zeitstempel 0x51e350ae, fehlerhaftes Modul msvcrt.dll, Version 7.0.6002.18551, Zeitstempel 0x4ee8cc5a, Ausnahmecode 0xc0000005, Fehleroffset 0x00009b2b,
Prozess-ID 0x%9, Anwendungsstartzeit puush.exe0.
Error: (02/04/2015 00:56:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/03/2015 06:55:19 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/03/2015 06:55:19 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/03/2015 06:55:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/03/2015 06:55:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/03/2015 06:55:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/03/2015 06:55:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/03/2015 06:55:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/03/2015 06:55:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KADDY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
System errors:
=============
Error: (02/04/2015 00:56:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: prodrv06
prohlp02
prosync1
sfhlp01
SRTSP
SRTSPX
Error: (02/04/2015 00:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Htsysm%%2
Error: (02/04/2015 00:54:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (02/03/2015 07:16:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Steam Client Service%%1053
Error: (02/03/2015 07:16:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Steam Client Service
Error: (02/03/2015 06:53:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: LogMeIn Hamachi Tunneling Engine
Error: (02/03/2015 06:51:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: prodrv06
prohlp02
prosync1
sfhlp01
SRTSP
SRTSPX
Error: (02/03/2015 06:51:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Htsysm%%2
Error: (02/03/2015 06:51:08 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.2.104 für die Netzwerkkarte mit der Netzwerkadresse 0022FAB5ED24 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (02/03/2015 06:50:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-02-04 13:54:41.879
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-04 13:54:41.640
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-04 13:54:41.418
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-04 13:54:41.206
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:55:34.125
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:55:33.865
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:55:33.594
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:55:33.274
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-11 20:48:37.042
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-11 18:54:17.068
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Percentage of memory in use: 54%
Total physical RAM: 4092.25 MB
Available physical RAM: 1858.97 MB
Total Pagefile: 8409.78 MB
Available Pagefile: 5403.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:453.29 GB) (Free:234.15 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:152.03 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.47 GB) (Free:1.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 317CEFB4)
Partition 1: (Active) - (Size=453.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 03C9EC5D)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
AdwCleaner auf deinen Desktop.
