| nIKON25jsg | 25.05.2015 17:06 |
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by nIKON (administrator) on PANDORASBOXIII on 25-05-2015 16:12:43
Running from C:\Users\nIKON\Downloads
Loaded Profiles: nIKON (Available Profiles: nIKON & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
() C:\Windows\SysWOW64\DVAPTray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [DVAPTray] => C:\Windows\SysWOW64\DVAPTray.exe [192512 2012-06-08] ()
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-25] (AVAST Software)
HKLM-x32\...\Run: [My Movies Tray] => C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe [496160 2014-10-05] (Binnerup Consult)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-15] (Samsung)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [MusicManager] => C:\Users\nIKON\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-04-01] (Google Inc.)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [Google Update] => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-15] (Samsung)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Run: [Amazon Music] => C:\Users\nIKON\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MountPoints2: {2d7d0c93-0b47-11e3-8321-180373b0859f} - E:\Setup.exe
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MountPoints2: {57fee42a-37d9-11e3-8120-180373b0859f} - E:\Unlock.exe autoplay=true
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MountPoints2: {99b0bc9f-1773-11e1-a409-180373b0859f} - I:\autorun_setup.bat
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2014-04-10]
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2013-03-29]
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2014-04-10]
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\nIKON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2014-11-17]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-10-03] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
SearchScopes: HKLM -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {8EE7BF29-2CA5-43A6-9524-945D37D2F8BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> {ADB07F51-995B-4511-8E8C-8D1218214ADD} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=12215ba5-44af-4029-abee-a0e8fb42599f&apn_sauid=2C96D840-C81C-4571-936A-1CD9DA5FE15D
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-14] (Oracle Corporation)
BHO: No Name -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-03] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-14] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-14] (Oracle Corporation)
BHO-x32: No Name -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-03] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-14] (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll No File
Toolbar: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default
FF SearchEngineOrder.1:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\system32\npdeployJava1.dll [2015-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-08] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-11-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-02-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1110382986-3051645244-2528077214-1000: @tools.google.com/Google Update;version=3 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1110382986-3051645244-2528077214-1000: @tools.google.com/Google Update;version=9 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1110382986-3051645244-2528077214-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\nIKON\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-11-02] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\user.js [2014-09-05]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-07-14] (Apple Inc.)
FF Extension: FireShot - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-03-30]
FF Extension: iMacros for Firefox - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-04-11]
FF Extension: ReminderFox - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2015-01-07]
FF Extension: DownloadHelper - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Profiles\8t29s4fz.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2011-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-25]
FF HKLM-x32\...\Firefox\Extensions: [fe_10.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_10.0
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-04-25]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Freemake Video Downloader) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-04-29]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-04-29]
CHR Extension: (avast! Ad Blocker) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-06-16]
CHR Extension: (No Name) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-23]
CHR Extension: (Avast Online Security) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-22]
CHR Extension: (Google Wallet) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-15]
CHR Extension: (Deezer) - C:\Users\nIKON\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2012-03-27]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-04-25]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-04-25]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-06-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-10-26]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-03] (AVAST Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-04-17] (Freemake) []
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-04-17] (Ellora Assets Corp.) []
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [581632 2013-05-15] (Hauppauge Computer Works) []
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MSSQL$MYMOVIES; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation)
R2 My Movies General Service; C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe [1167904 2014-10-05] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) []
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) []
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) []
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) []
S4 SQLAgent$MYMOVIES; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-03] ()
R3 cecsvad; C:\Windows\System32\drivers\cecvad.sys [23040 2011-12-08] ()
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2015-01-05] (Digiarty Software, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-25] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () []
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658944 2013-04-22] (Hauppauge Computer Works, Inc.) []
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19840 2013-04-22] (Hauppauge Computer Works, Inc.) []
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-18] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-18] (RapidSolution Software AG)
R1 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-05-30] (Wondershare)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-04-14] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 16:12 - 2015-05-25 16:15 - 00031223 _____ () C:\Users\nIKON\Downloads\FRST.txt
2015-05-25 16:12 - 2015-05-25 16:12 - 02108416 _____ (Farbar) C:\Users\nIKON\Downloads\FRST64.exe
2015-05-25 16:12 - 2015-05-25 16:12 - 00000000 ____D () C:\FRST
2015-05-25 16:11 - 2015-05-25 16:11 - 00000472 _____ () C:\Users\nIKON\Downloads\defogger_disable.log
2015-05-25 16:11 - 2015-05-25 16:11 - 00000168 _____ () C:\Users\nIKON\defogger_reenable
2015-05-25 16:10 - 2015-05-25 16:10 - 00050477 _____ () C:\Users\nIKON\Downloads\Defogger.exe
2015-05-25 14:30 - 2015-05-25 14:30 - 03266394 _____ () C:\Users\nIKON\Desktop\FixDotNet20150525123008546.cab
2015-05-25 14:29 - 2015-05-25 14:30 - 00000000 ____D () C:\64763808994fe6d78eee5d9932
2015-05-25 12:50 - 2015-05-25 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2015-05-25 12:03 - 2015-05-25 12:03 - 00000000 ____D () C:\Intel
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 16:15 - 2011-09-29 17:51 - 02050441 _____ () C:\Windows\WindowsUpdate.log
2015-05-25 16:11 - 2011-10-05 22:37 - 00000000 ____D () C:\Users\nIKON
2015-05-25 16:10 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-25 16:10 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-25 16:09 - 2011-10-14 13:25 - 00000000 ____D () C:\Users\nIKON\AppData\Local\Adobe
2015-05-25 16:06 - 2010-11-21 08:50 - 00777126 _____ () C:\Windows\system32\perfh007.dat
2015-05-25 16:06 - 2010-11-21 08:50 - 00180128 _____ () C:\Windows\system32\perfc007.dat
2015-05-25 16:06 - 2009-07-14 07:13 - 01839636 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-25 16:05 - 2013-06-16 11:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-25 16:05 - 2013-06-16 11:16 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2015-05-25 16:03 - 2014-04-15 09:21 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-25 16:02 - 2011-09-29 18:20 - 00000000 ____D () C:\ProgramData\Sonic
2015-05-25 15:59 - 2011-09-29 18:29 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-05-25 15:59 - 2011-09-29 18:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-05-25 15:59 - 2011-09-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-05-25 15:58 - 2014-04-15 09:04 - 00009968 _____ () C:\Windows\setupact.log
2015-05-25 15:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 15:57 - 2015-03-05 12:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-05-25 15:57 - 2014-11-17 22:21 - 00000000 ____D () C:\ProgramData\Netzmanager
2015-05-25 15:57 - 2014-09-05 01:28 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2015-05-25 15:57 - 2014-04-15 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-25 15:57 - 2014-04-15 08:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-25 15:57 - 2014-03-18 08:49 - 00000000 ____D () C:\Windows\Minidump
2015-05-25 15:57 - 2012-05-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-25 15:57 - 2012-01-25 15:09 - 00000000 ____D () C:\Users\Gast
2015-05-25 15:57 - 2011-11-28 13:46 - 00000000 ____D () C:\Users\nIKON\AppData\Roaming\vlc
2015-05-25 15:57 - 2011-10-15 11:40 - 00000000 ____D () C:\Users\nIKON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-25 15:57 - 2011-10-14 12:09 - 00000000 ____D () C:\Windows\system32\Macromed
2015-05-25 15:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-25 15:55 - 2011-10-14 15:24 - 00000000 ____D () C:\Users\nIKON\AppData\Roaming\SoftGrid Client
2015-05-25 15:54 - 2011-10-14 15:30 - 00000000 __RHD () C:\MSOCache
2015-05-25 13:54 - 2011-10-05 22:45 - 00000000 ____D () C:\Users\nIKON\AppData\Local\Nero
==================== Files in the root of some directories =======
2014-09-05 04:42 - 2014-09-11 01:09 - 0000096 _____ () C:\Users\nIKON\AppData\Roaming\Camdata.ini
2014-09-05 04:42 - 2014-09-11 01:09 - 0000408 _____ () C:\Users\nIKON\AppData\Roaming\CamLayout.ini
2014-09-05 04:42 - 2014-09-11 01:09 - 0000408 _____ () C:\Users\nIKON\AppData\Roaming\CamShapes.ini
2014-09-05 01:31 - 2014-09-09 01:23 - 0004546 _____ () C:\Users\nIKON\AppData\Roaming\CamStudio.cfg
2013-08-23 20:46 - 2013-08-23 20:46 - 0000000 _____ () C:\Users\nIKON\AppData\Roaming\DVAP.set
2011-12-28 12:08 - 2011-12-28 12:41 - 0121190 _____ () C:\Users\nIKON\AppData\Roaming\gd.db
2011-12-28 12:08 - 2012-01-18 19:38 - 0000283 _____ () C:\Users\nIKON\AppData\Roaming\groovedown.settings
2013-08-24 16:42 - 2013-08-24 16:42 - 0000008 _____ () C:\Users\nIKON\AppData\Roaming\LatestInfra.ini
2013-08-23 20:47 - 2013-08-23 20:47 - 0000021 _____ () C:\Users\nIKON\AppData\Roaming\MediaFolder.ini
2013-06-15 20:58 - 2013-06-15 21:04 - 0000004 _____ () C:\Users\nIKON\AppData\Roaming\skype.ini
2014-09-05 01:29 - 2014-09-10 23:07 - 0000096 _____ () C:\Users\nIKON\AppData\Roaming\version2.xml
2012-03-24 14:19 - 2015-03-12 13:38 - 0243712 _____ () C:\Users\nIKON\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-02 14:08 - 2012-02-02 14:08 - 0000093 _____ () C:\Users\nIKON\AppData\Local\fusioncache.dat
2014-09-05 03:43 - 2014-09-05 03:43 - 0002146 _____ () C:\Users\nIKON\AppData\Local\recently-used.xbel
2014-03-22 14:31 - 2014-12-22 03:04 - 0007625 _____ () C:\Users\nIKON\AppData\Local\Resmon.ResmonCfg
2011-10-17 11:24 - 2013-09-24 20:32 - 0000166 ___SH () C:\ProgramData\.zreglib
2011-11-25 16:32 - 2011-11-25 16:53 - 0002004 _____ () C:\ProgramData\hpzinstall.log
2012-06-13 17:24 - 2012-06-13 17:24 - 0000144 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-07-25 19:17 - 2012-07-25 19:26 - 4503728 ____T () C:\ProgramData\z7_0ytr.pad
Files to move or delete:
====================
C:\ProgramData\z7_0ytr.pad
C:\Users\nIKON\AppData\Roaming\skype.ini
Some files in TEMP:
====================
C:\Users\nIKON\AppData\Local\Temp\DrWindows_Update.exe
C:\Users\nIKON\AppData\Local\Temp\FreemakeVideoDownloader_3.6.4.3.exe
C:\Users\nIKON\AppData\Local\Temp\i4jdel0.exe
C:\Users\nIKON\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\nIKON\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\nIKON\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\nIKON\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\nIKON\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\nIKON\AppData\Local\Temp\PicasaUpdater_33af.exe
C:\Users\nIKON\AppData\Local\Temp\PicasaUpdater_6f7a.exe
C:\Users\nIKON\AppData\Local\Temp\PicasaUpdater_7b08.exe
C:\Users\nIKON\AppData\Local\Temp\proxy_vole1335771476858207098.dll
C:\Users\nIKON\AppData\Local\Temp\sdan.exe
C:\Users\nIKON\AppData\Local\Temp\sdapk.exe
C:\Users\nIKON\AppData\Local\Temp\sdaspwn.exe
C:\Users\nIKON\AppData\Local\Temp\SHSetup.exe
C:\Users\nIKON\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\nIKON\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\nIKON\AppData\Local\Temp\WindowsUpdateAgent30-x64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-26 21:55
==================== End of log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by nIKON at 2015-05-25 16:17:25
Running from C:\Users\nIKON\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1110382986-3051645244-2528077214-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1110382986-3051645244-2528077214-1002 - Limited - Enabled)
Gast (S-1-5-21-1110382986-3051645244-2528077214-501 - Limited - Enabled) => C:\Users\Gast
nIKON (S-1-5-21-1110382986-3051645244-2528077214-1000 - Administrator - Enabled) => C:\Users\nIKON
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 8.2.2 - Hewlett-Packard) Hidden
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.0 - PainteR)
Amazon Kindle (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon Music (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{81D00339-968D-15D1-3499-8431658E896F}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.2.3.0 - SlySoft)
ATI AVIVO64 Codecs (Version: 11.6.0.10419 - ATI Technologies Inc.) Hidden
Audials (HKLM-x32\...\{1DCFE675-3301-4511-AC32-788900B9BEC2}) (Version: 10.2.26201.100 - Audials AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Barcode Label Maker Deluxe (HKLM-x32\...\Barcode Label Maker Deluxe_is1) (Version: - Aulux Technologe, Inc.)
BDlot DVD ISO Master 3.0.2 (HKLM-x32\...\BDlot DVD ISO Master_is1) (Version: - LotSoft)
Bitcoin Core (32-bit) (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Bitcoin Core (32-bit)) (Version: 0.9.1 - Bitcoin Core project)
BitTorrent Sync (HKLM\...\BitTorrent Sync) (Version: 1.4.83 - BitTorrent Inc.)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.10.1.3 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{E2F57269-065E-4B19-8CDA-AB6C401FAF1A}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Easy Flyer Creator 3.0 (HKLM-x32\...\{B07CB2BA-819B-41C5-BBE0-484A4C23972E}) (Version: 3.0.0 - Peridot Technologies)
EMDB 2.03 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ffdshow v1.1.3425 [2010-05-08] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3425.0 - )
foobar2000 v1.3.7 (HKLM-x32\...\foobar2000) (Version: 1.3.7 - Peter Pawlowski)
Free FLV Converter V 7.5.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.5.0.0 - Koyote Soft)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.430 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
GS DVD-Verwaltung 2D Version 1 (HKLM-x32\...\{B4B2BC6D-A620-4B7C-B829-3EA9D688C643}_is1) (Version: 1 - Dipl.-Ing.(FH) Gert Spießhofer)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.31135 (CD 2.8) - Hauppauge Computer Works)
HP LaserJet M1522 MFP Series 4.2 (HKLM\...\{C8A37F1F-E13B-48ae-93F8-4669264969F9}) (Version: 4.2 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
Jagged Alliance 2 (HKLM-x32\...\Jagged Alliance 2) (Version: - )
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.8.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.5 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.3.0 - www.leaguereplays.com)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.86.0 - Firstload)
Lumac (x32 Version: 1.1.86.0 - Firstload) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Markt Fotoservice 4.4 (HKLM-x32\...\Media Markt Fotoservice_is1) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MoneyManagerEX 0.9.9.0 (HKLM-x32\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 0.9.9.0 - CodeLathe, LLC)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Music Manager (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\MusicManager) (Version: - Google, Inc.)
My Movies for Windows (HKLM-x32\...\{5D99D2F5-59A2-4423-A13F-22EDBE44B4B4}) (Version: 5.1.1.103 - Binnerup Consult)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.41 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Scribus 1.4.4 (HKLM-x32\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shutdown4U (HKLM-x32\...\Shutdown4U) (Version: - )
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Sony Pictures Download Manager (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\4221943535.redeem.sonypicturesstore.com) (Version: - redeem.sonypicturesstore.com)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Stampit Home (HKLM-x32\...\{B83AAFD3-D8DE-46CE-9351-70C21AC6704E}) (Version: 3.3 - Deutsche Post AG)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.1.6.2 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Unity Web Player (HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Videora Palm Pre Converter 6 (HKLM-x32\...\Videora Palm Pre Converter) (Version: 6 - Red Kawa)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
WiMP (HKLM-x32\...\{C7443867-AB43-48A0-B957-56115050EDEF}) (Version: 3.1.0 - WiMP Music AS)
WiMP 2.6.2 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.6.2 - Aspiro AS)
WiMP 2.6.2 (x32 Version: 2.6.2 - Aspiro AS) Hidden
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.1.0 - Shark007)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 1.1.0.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WiVideo (HKLM-x32\...\{2A9BA733-C465-400A-8AA0-937C656503FB}) (Version: 2.01.204 - )
x64 Components v4.0.9 (HKLM\...\x64 Components_is1) (Version: 4.0.9 - Shark007)
XMedia Recode 3.0.3.4 (HKLM-x32\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\nIKON\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
15-04-2015 23:40:53 Windows Update
22-04-2015 01:27:40 Windows Update
26-04-2015 21:50:57 Windows Update
25-05-2015 12:01:49 avast! antivirus system restore point
25-05-2015 12:48:15 avast! antivirus system restore point
25-05-2015 14:49:49 Wiederherstellungsvorgang
25-05-2015 16:01:15 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-05-19 16:17 - 00001132 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {022DF3D1-1977-47E7-8E04-5CD1C6F55163} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {167BF6F5-1F26-40F6-B963-6A52F2659C6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {18C05490-9133-4400-BB5B-D94C8EE7D948} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {25D3F3F0-A748-44B4-B804-1F82A2E97856} - \DSite No Task File <==== ATTENTION
Task: {5D6A8A15-C80A-409D-AF72-1BB42E88A92E} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {5FE3A3EF-F4AF-496A-A0F6-C6BFB8E3CF1A} - System32\Tasks\{8AC0FAAB-EF23-4C3A-96D6-E2CD7112E97F} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/57940
Task: {758B17BA-3387-4AEC-9443-E6B12D54770C} - System32\Tasks\{CA504F70-4970-4986-8E58-92513707C492} => C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
Task: {A45E1F6A-FAC9-4DA8-8AD9-0CA3B695A2E9} - System32\Tasks\AdobeAAMUpdater-1.0-PandorasBoxIII-nIKON => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {A51D3847-E502-456B-ACB8-82BCC7789136} - System32\Tasks\{ADD15FFC-C7E7-4527-AFBF-1BA47120F5E5} => pcalua.exe -a C:\Users\nIKON\Downloads\ja2_105.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {B0D2360C-6587-491C-96E5-78785A63D8F3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {B8619E23-76AE-4C6E-BD6E-15A21B417614} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {CBFC4AEA-4EA9-42AE-A435-D2385EFF6112} - \Funmoods No Task File <==== ATTENTION
Task: {CE069FDA-39E3-47BB-B1DD-3E2406C33741} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-03] (AVAST Software)
Task: {CED191F9-F147-4184-84C7-61C82FDE7D7A} - System32\Tasks\Google Updater and Installer => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {CF2553A1-AAED-4248-878B-3AFDB34ABD4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F12887B8-7D07-4560-874E-310EB1CEDB2D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000UA => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {F50B1DED-1E95-4B08-A04D-DEF9311B2A14} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000Core => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000Core.job => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1110382986-3051645244-2528077214-1000UA.job => C:\Users\nIKON\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2012-02-04 13:46 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-10-05 13:46 - 2014-10-05 13:46 - 01167904 _____ () C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
2011-09-29 18:04 - 2011-08-18 17:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-02-01 12:50 - 2012-02-01 12:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2011-08-08 18:26 - 2011-08-08 18:26 - 00475200 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2013-08-23 20:45 - 2012-06-08 16:37 - 00192512 _____ () C:\Windows\SysWOW64\DVAPTray.exe
2011-08-08 18:26 - 2011-08-08 18:26 - 00891456 _____ () C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
2012-08-06 12:07 - 2012-08-06 12:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-01 12:50 - 2012-02-01 12:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2014-10-03 23:31 - 2014-10-03 23:31 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-04-15 22:37 - 2015-04-15 22:37 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041501\algo.dll
2015-05-25 16:10 - 2015-05-25 16:10 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052500\algo.dll
2014-04-10 11:35 - 2011-08-23 10:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2014-04-10 11:35 - 2013-05-15 13:15 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2014-10-03 23:31 - 2014-10-03 23:31 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 15:52 - 2010-03-22 15:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-24 23:20 - 2011-06-24 23:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2007-04-13 09:39 - 2007-04-13 09:39 - 00252672 _____ () C:\Program Files (x86)\Dell\Stage Remote\kgl.dll
2011-07-17 10:35 - 2011-07-17 10:35 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-07-06 16:53 - 2011-07-06 16:53 - 00068160 _____ () C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\DMRUI.dll
2010-03-11 19:52 - 2010-03-11 19:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 15:07 - 2010-03-05 15:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 15:07 - 2010-03-05 15:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 19:52 - 2010-03-11 19:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2007-04-19 08:28 - 2007-04-19 08:28 - 00436992 _____ () C:\Program Files (x86)\Dell\Stage Remote\fpxlib.dll
2011-09-29 18:01 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-12 19:17 - 2014-08-12 19:17 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-02-05 11:46 - 2015-02-05 11:46 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:A39CFB89ADC01212
AlternateDataStreams: C:\ProgramData\Temp:0AA54ED9
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\microsoft.com -> *.update.microsoft.com
IE trusted site: HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\...\windowsupdate.com -> windowsupdate.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1110382986-3051645244-2528077214-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\nIKON\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{258AF83D-7A50-4761-8762-0E07D726B3FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6825D2AB-72B3-4567-86A6-EB9EBCCABAC9}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{21C1B271-9ADB-41C5-8436-92F7A8BD77E7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55F34F18-5B98-4891-ACBA-8B3640D09D52}] => (Allow) LPort=2869
FirewallRules: [{16830505-50CF-4D27-8422-485C04D9948B}] => (Allow) LPort=1900
FirewallRules: [{50BF9AB2-C497-452E-9E0E-F586688E0413}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{13A4C20E-2039-4174-AB4C-DD5F6E415B06}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{232BDFE5-B00B-4A20-B388-57F3AD0293D2}] => (Allow) LPort=9700
FirewallRules: [{C34E171E-0FA3-414A-B75E-9B3E3F7CD88F}] => (Allow) LPort=9701
FirewallRules: [{026F3B28-184B-4F7E-8BD3-E748614E6CC8}] => (Allow) LPort=9702
FirewallRules: [{6544BD1D-5908-46D1-8E81-6835F3BD2110}] => (Allow) LPort=9700
FirewallRules: [{77E0837E-7703-49D1-87B9-0592366D47BD}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{069F854C-1694-4037-8E42-A0E2745FBBA0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{3B1E7742-8942-4883-9A2F-1A2045F44172}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{0E5E7B2E-C0AB-4522-BC98-A2F773175F03}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{69EC9BCF-0DCD-4076-9719-A8B46322248B}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{B5196DBA-7761-4A9A-995A-1713B3B5FDEB}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{5E6E540F-BD9C-4CBD-AC52-79285739B354}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{2B664C21-1E3D-44C6-BCEF-8FE5D1C771E2}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{3415F0CE-DD25-4BAE-BEFD-61B0D8F9AEC9}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{FC00A1FC-0B6F-44DD-AD0A-80B78F271F82}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{7D061D45-0693-45CB-8AFD-7C8EF35C5F60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95572388-9456-4BC1-86B7-B48343CB3CB7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{78DB53B1-04C4-46E3-8965-BDE6885B207A}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
FirewallRules: [UDP Query User{C302C36A-5E07-4D63-BAD9-029609E24026}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
FirewallRules: [{42D29491-6D92-47F2-883C-F824AEDD4318}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9C587ADB-45C1-4037-B57B-4522E19867B2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{49FCF723-3051-4F1A-98E7-780A49B8BBC7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C6091EB7-F863-49D4-A3BB-B73B20E90B3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{EFD21E5C-3E8D-4F0F-8779-4849820097E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{B6697BC7-9A67-4292-BD95-77B32E3C90F1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{FDAE57D7-0CC8-4784-9292-72A70D80597A}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5B3A410F-4302-4C58-B796-B03ADAD1BB9F}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5596B941-5B2B-404F-B27C-9FD4A559A4DB}] => (Allow) LPort=1542
FirewallRules: [{951AD121-2C0A-450D-809D-37B0913DA441}] => (Allow) LPort=1542
FirewallRules: [{0793A086-9FE7-4885-87F1-E128C2AC1E67}] => (Allow) LPort=53
FirewallRules: [{54FA7F1D-36CE-4416-A4AC-38F4BB7A75F4}] => (Allow) LPort=67
FirewallRules: [{634CA601-9C8D-449D-9FE4-38C04A4FD6D3}] => (Allow) LPort=68
FirewallRules: [{D4DA3D94-3E7F-4FD2-9340-4552986DB2C3}] => (Allow) LPort=53
FirewallRules: [{18AB802F-8B49-4500-8676-3D12215A9EE3}] => (Allow) LPort=53
FirewallRules: [{D908AABF-4742-444E-8E1A-BA64EAFB601E}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{24A51643-DFC3-4168-8076-124A171C2DF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA2E9392-4567-4494-A81F-EDF7902E5FC3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F9722D9D-F649-47C5-953F-CF2C0D77AC2B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{272FC036-7C20-428D-9BDA-37DD92EA64D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{5B0DFF33-5FCD-4E79-A772-0D9B4A883FA4}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{3B5C0D5D-929A-4C94-80C1-4A3BBB94B8A8}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3A806CF6-39A0-4525-B4B6-A8E6263789AE}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{01C0947E-4652-481E-92BB-7F4B0DA1CED0}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{4D98A7FD-9AE0-44BE-81A4-203D4740BF25}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{57311F54-2A33-439D-B46A-1C8826339E54}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{C75C0ABC-B93D-4E6A-A148-ADFE37D35C7D}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{6FD7BAF7-E305-427C-BDF4-BAF31055C497}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{E63D8647-CDCA-43F2-BCDE-44B1D27D9BF0}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{BAFE2E2D-3104-4F45-958B-7CB106E6A042}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{4630C7BA-07A3-4AB4-B377-1394CBCD1188}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{68009CE5-18AC-4804-BF2D-193754849794}] => (Allow) LPort=12972
FirewallRules: [{3969126D-DFA4-4E80-9268-5430AC490F32}] => (Allow) LPort=14714
FirewallRules: [{51A8B0C4-EA99-43DF-BF2F-1AD44BAF656A}] => (Allow) LPort=31931
FirewallRules: [{02AA14CF-E696-44DE-927A-9E3B583DEC52}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{12BF4046-DE3C-4C32-884F-E541AA88373C}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{5D63A014-3A08-4EAC-BFC6-4D22FF8F4A42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38ECEE97-509C-4DAD-BE8B-4BBB0BF5FF19}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{68586BDF-C160-40C4-905D-E451E9BFB9C2}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{B29DE329-411E-4BAF-82A8-00C2C1A831FC}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{3A009D60-652D-4B27-8815-241811A59D1D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3F91ABBC-4CC3-4E24-A461-F1BEBEA7C799}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7FDF45CE-EB8F-4648-A8D4-9639ECA838DC}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{5A38B761-BB86-4C15-9BC0-85E6E53C1CA9}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{BE40462C-2240-4DB8-9839-08660BE89AC0}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{FC13454A-389F-4621-8FC5-B64E74497896}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [TCP Query User{5BA15389-7B97-40C5-9011-5BBD265391D7}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{A5E54FF4-B699-4C90-BBED-751A721FE2E3}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{B6F17FC1-A884-43EA-A3A9-B533442CE6F5}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E6495A45-F24E-4EC1-8E12-D411AC504F38}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E64CB60E-AFEF-4750-9EF3-18A6A8D8EA2E}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{CABD3A3A-156D-405A-89E2-BC6CBBAB429F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{17307BF0-2D56-4384-8F62-332003C52C2C}] => (Allow) C:\Users\nIKON\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D9EDA577-8A96-4321-AF85-0EC3CF7098C8}] => (Allow) C:\Users\nIKON\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{83D7D6E0-8FE7-4262-AFB9-650142704828}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{65F7CE79-8330-4751-B6F4-5C26D72E6576}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{5A36E06D-D0D5-46A6-A0B6-6343B29EA684}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{2749FF77-03B7-4028-B541-FD6266FD585D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{06E9AAA7-60D8-43BE-9758-E51252E38390}C:\program files (x86)\wintv\wintv7\wintv7.exe] => (Allow) C:\program files (x86)\wintv\wintv7\wintv7.exe
FirewallRules: [UDP Query User{22FC5E09-081C-4BB1-82B2-F91EC09EE189}C:\program files (x86)\wintv\wintv7\wintv7.exe] => (Allow) C:\program files (x86)\wintv\wintv7\wintv7.exe
FirewallRules: [{58C493B0-77B0-4219-BC3A-4A52268C266C}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{4627FCAF-9665-4DF7-B88D-70F706C1083B}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{4FCA31DA-A84E-4BD3-BFFF-BD1DD3D6F0CF}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{2DBBDA1F-5EA2-495D-8AA4-D492FD6F392E}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{C0A6E23B-0F87-4C69-943C-1572303F24AE}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{9005C5F2-22A6-4FA0-A99F-C4ADF789EFD3}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{D76278C5-18B5-445C-91AE-73A3D9354264}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{F8BAB2C1-3C7D-4B8D-A9CB-77B0C8E13E91}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [TCP Query User{469A0B8F-1AD9-4E3F-A73C-A0EBD9CCE319}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{663C0A88-920C-4D6B-B447-FC02560E4DFF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{914EED84-7BC9-40AC-B6B3-9576879CDE0B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{66381F70-3090-4437-8610-CC77AAAF3272}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D9F366B1-E076-4F7A-959F-CB95F09648E7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{A5DF63A4-0833-4AD1-8DDF-E254F1C02D00}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{D7CC44FC-2F09-44F4-9E23-0906F9DD0D13}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{F3B2F712-34F4-4F57-AA59-95E9E69ACF45}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [{D6E63C19-F19F-4E09-99DC-715145A2118F}] => (Allow) C:\Program Files\BitTorrent Sync\BTSync.exe
FirewallRules: [{718A3879-97AF-461E-8F88-7B357FED28FA}] => (Allow) C:\Program Files\BitTorrent Sync\BTSync.exe
FirewallRules: [TCP Query User{80B89959-C194-4F01-A137-E0C72B1BD592}C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe] => (Allow) C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe
FirewallRules: [UDP Query User{50DF4A2F-0DCC-4E65-ACC2-A77142D2F7D9}C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe] => (Allow) C:\users\nikon\downloads\bittorrent_sync_1.4.83.exe
FirewallRules: [TCP Query User{036135DC-8F8E-45AB-B6E4-97EBC5996FCF}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{278BB809-0CB1-4BC2-93DB-85541F1F45CA}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{35F5D779-6B44-4C1C-A85E-88C15660C547}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{B560860A-9ED6-4E6D-BEE3-44E3F23DFBD8}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{C32DB7E0-806D-4331-9324-34DA67F64112}] => (Allow) LPort=51408
FirewallRules: [{67E56E1C-17CC-4AD8-820D-32E58C62950A}] => (Allow) LPort=51409
FirewallRules: [{4889C935-E63A-471E-A895-ED1AE1D73F88}] => (Allow) LPort=51410
FirewallRules: [{B36F3C06-1C1B-42CB-9CCE-37AEE3ED9BBE}] => (Allow) LPort=51411
FirewallRules: [{AABB8049-98BF-4789-BA6C-F6D46E93A9E8}] => (Allow) LPort=51412
FirewallRules: [{523642DF-972F-4F0B-8AD6-45B2AA128CFD}] => (Allow) LPort=51413
FirewallRules: [{3DAC83A5-E2AA-4A2C-9424-F9DBDCC2EDAC}] => (Allow) LPort=51414
FirewallRules: [{DB343319-7B43-45C3-B35B-CD7D756FB916}] => (Allow) LPort=51415
FirewallRules: [{36BB62E6-B765-4A97-BD2A-8883CDD0F695}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe
FirewallRules: [{6A47693C-D245-42A4-BCE8-A6196989F7FD}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [TCP Query User{D8FE7C55-D1D5-416C-A0EC-B75192AC693D}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [UDP Query User{1013C5A6-A369-4541-BD64-CE766FB64B73}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [TCP Query User{6F316787-E240-4F44-9A77-0EEEB4BDE43F}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [UDP Query User{1D3EB8BA-846A-4A16-B3B8-BA0240C8E9BF}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [TCP Query User{4AF84C25-FEAE-4158-8653-CBB2DB55EA80}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{6A632BD2-9028-4088-ACF6-2253D02F5255}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{84894B8A-0B0A-4DBF-A723-DDD971BE95ED}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [UDP Query User{36E2D941-3D5F-4264-ACE4-74B76AAB8751}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [TCP Query User{2DAD20CB-3725-4719-9D83-86B2874CBF93}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{15A853DD-227F-4337-BA41-271AB0415411}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/25/2015 04:08:53 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "M:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (05/25/2015 04:02:32 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x8000ffff.
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.118, Zeitstempel: 0x55199d5a
Name des fehlerhaften Moduls: chrome.dll, Version: 41.0.2272.118, Zeitstempel: 0x55199942
Ausnahmecode: 0x80000003
Fehleroffset: 0x004fe1b8
ID des fehlerhaften Prozesses: 0x1678
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: StageRemote.exe, Version: 2.0.0.50, Zeitstempel: 0x4e3fb38b
Name des fehlerhaften Moduls: MP4Muxer.ax, Version: 1.0.0.87, Zeitstempel: 0x4e1bf1b1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002a95
ID des fehlerhaften Prozesses: 0xb68
Startzeit der fehlerhaften Anwendung: 0xStageRemote.exe0
Pfad der fehlerhaften Anwendung: StageRemote.exe1
Pfad des fehlerhaften Moduls: StageRemote.exe2
Berichtskennung: StageRemote.exe3
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.118, Zeitstempel: 0x55199d5a
Name des fehlerhaften Moduls: chrome.dll, Version: 41.0.2272.118, Zeitstempel: 0x55199942
Ausnahmecode: 0x80000003
Fehleroffset: 0x004fe1b8
ID des fehlerhaften Prozesses: 0x15ac
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.118, Zeitstempel: 0x55199d5a
Name des fehlerhaften Moduls: chrome.dll, Version: 41.0.2272.118, Zeitstempel: 0x55199942
Ausnahmecode: 0x80000003
Fehleroffset: 0x004fe1b8
ID des fehlerhaften Prozesses: 0x1668
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/25/2015 04:00:49 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0xc0000022.
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24600F0A-10000001).
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7145.5001.sft' herstellen (Rückgabecode 24600F0A-10000001, ursprünglicher Rückgabecode 24600F0A-10000001).
Error: (05/25/2015 04:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/25/2015 03:49:26 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (05/25/2015 03:48:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:48:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/25/2015 03:47:00 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (05/25/2015 03:46:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office:
=========================
Error: (05/25/2015 04:08:53 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: M:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (05/25/2015 04:02:32 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x8000ffff.
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.11855199d5achrome.dll41.0.2272.1185519994280000003004fe1b8167801d096f34139a106C:\Users\nIKON\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\nIKON\AppData\Local\Google\Chrome\Application\41.0.2272.118\chrome.dlla6fa5c5c-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StageRemote.exe2.0.0.504e3fb38bMP4Muxer.ax1.0.0.874e1bf1b1c000000500002a95b6801d096f33426d245C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exeC:\Program Files (x86)\Dell\Stage Remote\Codec\MP4Muxer.axa6f2940f-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.11855199d5achrome.dll41.0.2272.1185519994280000003004fe1b815ac01d096f33e5a17d2C:\Users\nIKON\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\nIKON\AppData\Local\Google\Chrome\Application\41.0.2272.118\chrome.dlla6f245ee-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.11855199d5achrome.dll41.0.2272.1185519994280000003004fe1b8166801d096f34128f764C:\Users\nIKON\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\nIKON\AppData\Local\Google\Chrome\Application\41.0.2272.118\chrome.dlla6f1d0bc-02e6-11e5-a79a-008725244a25
Error: (05/25/2015 04:00:49 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0xc0000022
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
24600F0A-10000001
Error: (05/25/2015 04:00:47 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=10F8}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7145.5001.sft24600F0A-1000000124600F0A-10000001
Error: (05/25/2015 04:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-06-15 23:37:23.522
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 23:37:23.519
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 23:37:23.517
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-15 13:34:34.432
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:34.410
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:32.217
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:32.182
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:28.204
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:28.182
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 13:34:26.079
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 66%
Total physical RAM: 6126.45 MB
Available physical RAM: 2068.32 MB
Total Pagefile: 12251.07 MB
Available Pagefile: 7434.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:749.21 GB) (Free:450.57 GB) NTFS
Drive z: (Volume) (Fixed) (Total:634.76 GB) (Free:229.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1397.3 GB) (Disk ID: 86D1B97D)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=749.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=634.8 GB) - (Type=OF Extended)
==================== End of log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
