| luke9440 | 15.07.2016 12:33 |
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
Ran by Lukas (administrator) on LUKAS-PC (15-07-2016 13:27:32)
Running from C:\Users\Lukas\Downloads
Loaded Profiles: Lukas (Available Profiles: Lukas)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Piriform Ltd) D:\Programme\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [246504 2010-01-11] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GamingMouse] => D:\Programme\Drakonia Configurator\hid.exe [246784 2012-06-07] ()
HKLM-x32\...\Run: [StartCCC] => D:\Programme\Catalyst\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Run: [CCleaner Monitoring] => D:\Programme\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\MountPoints2: {1b7e47d2-0946-11e6-9cb0-bc5ff438f084} - I:\autorun.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /A:"* " /L:"1031" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:5 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2460A66E-28A9-48BB-92BE-EF6A65E574CF}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{3131D63C-78B8-4B71-9115-737930D57C48}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{93C2AB2B-FBA6-4461-9A35-C0125F03301B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EB544BE8-8EE4-47CF-A33D-AAA6132185EC}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-32b9a2ed
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-32b9a2ed
HKU\S-1-5-21-764526889-93497828-4280948729-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-32b9a2ed
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
SearchScopes: HKU\S-1-5-21-764526889-93497828-4280948729-1000 -> DefaultScope {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
SearchScopes: HKU\S-1-5-21-764526889-93497828-4280948729-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-12-08] (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - D:\Programme\Terratec\ThcDeskBand.dll [2011-06-24] (TerraTec Electronic GmbH)
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Bing
FF SelectedSearchEngine: Search Provided by Bing
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Extension: YouTube Unblocker Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\Extensions\addon@ytunblocker.com.xpi [2016-07-08]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-06-10] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
CHR Extension: (Google Docs) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
CHR Extension: (Google Drive) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (YouTube) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
CHR Extension: (Google Search) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-25]
CHR Extension: (Google Sheets) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-28]
CHR Extension: (Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-09-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-08] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [98080 2015-04-01] (<Turtle Entertainment>)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45208 2016-03-05] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-09-16] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTSBDA; C:\Windows\System32\DRIVERS\TerraTecPCI.sys [360568 2010-11-19] (TerraTec Provide)
R3 MtsHID; C:\Windows\System32\DRIVERS\TerraTecPciHid.sys [24696 2010-11-19] (TerraTec Electronic GmbH.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software)
R3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14368 1968-04-08] () [File not signed]
R3 SPC630; C:\Windows\System32\drivers\SPC630.sys [587264 2008-07-07] ( )
R3 SPC630m; C:\Windows\System32\drivers\SPC630m.sys [8192 2008-07-07] ( )
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-15 12:43 - 2016-07-15 12:43 - 00003376 _____ C:\Users\Lukas\Desktop\JRT.txt
2016-07-15 12:41 - 2016-07-15 12:41 - 01610560 _____ (Malwarebytes) C:\Users\Lukas\Downloads\JRT.exe
2016-07-15 12:37 - 2016-07-15 13:00 - 00000000 ____D C:\AdwCleaner
2016-07-15 12:36 - 2016-07-15 12:36 - 03712064 _____ C:\Users\Lukas\Downloads\AdwCleaner_5.201(1).exe
2016-07-15 11:29 - 2016-07-15 11:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-15 11:28 - 2016-07-15 11:35 - 00000000 ____D C:\Users\Lukas\Desktop\mbar
2016-07-15 11:27 - 2016-07-15 11:28 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Lukas\Downloads\mbar-1.09.3.1001.exe
2016-07-15 10:30 - 2016-07-15 13:27 - 00017536 _____ C:\Users\Lukas\Downloads\FRST.txt
2016-07-15 10:30 - 2016-07-15 10:36 - 00058706 _____ C:\Users\Lukas\Downloads\Addition.txt
2016-07-15 10:29 - 2016-07-15 13:27 - 00000000 ____D C:\FRST
2016-07-15 10:29 - 2016-07-15 10:29 - 02390528 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2016-07-15 10:20 - 2016-07-15 10:20 - 00023598 _____ C:\Users\Lukas\Desktop\malware.txt
2016-07-15 09:26 - 2016-07-15 09:26 - 03712064 _____ C:\Users\Lukas\Downloads\AdwCleaner_5.201.exe
2016-07-15 09:21 - 2016-07-15 09:21 - 00145144 _____ C:\Users\Lukas\Documents\cc_20160715_092100.reg
2016-07-15 09:17 - 2016-07-15 09:17 - 00000207 _____ C:\Windows\tweaking.com-regbackup-LUKAS-PC-Windows-7-Ultimate-(64-bit).dat
2016-07-15 09:17 - 2016-07-15 09:17 - 00000000 ____D C:\RegBackup
2016-07-15 09:15 - 2016-07-15 09:15 - 00000000 ____D C:\Users\Lukas\Downloads\tweaking.com_windows_repair_aio
2016-07-15 09:11 - 2016-07-15 09:12 - 19731263 _____ C:\Users\Lukas\Downloads\tweaking.com_windows_repair_aio.zip
2016-07-15 08:51 - 2016-07-15 08:51 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-15 08:51 - 2016-07-15 08:51 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-15 07:44 - 2016-07-15 07:44 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-15 07:37 - 2016-07-15 07:37 - 00000984 _____ C:\Users\Lukas\Desktop\Adobe Lightroom.lnk
2016-07-15 07:37 - 2016-07-15 07:37 - 00000984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-07-15 06:12 - 2016-07-15 06:12 - 00000000 ____D C:\Users\Lukas\Downloads\backups
2016-07-14 12:19 - 2016-07-14 12:19 - 07511515 _____ C:\Users\Lukas\Downloads\Fragenkatalog FOBF29.pdf
2016-07-12 15:41 - 2016-07-12 15:42 - 04004197 _____ C:\Users\Lukas\Downloads\karteikarten laubba_ume.pdf
2016-07-12 15:41 - 2016-07-12 15:41 - 01273822 _____ C:\Users\Lukas\Downloads\karteikarten nadelba_ume.pdf
2016-07-11 17:13 - 2016-07-15 07:25 - 00000000 ____D C:\Users\Lukas\Downloads\Removewat Final
2016-07-11 15:54 - 2016-07-11 15:55 - 05165056 _____ C:\Users\Lukas\Downloads\Removewat Final.iso
2016-07-11 15:42 - 2016-07-15 07:25 - 00000000 ____D C:\Program Files\Darktable-2.0
2016-07-11 15:42 - 2016-07-11 15:43 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Darktable2.0
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Darktable-2.0
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Darktable
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\AppData\Local\lensfun
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\.dbus-keyrings
2016-07-11 15:35 - 2016-07-11 15:36 - 49038149 _____ C:\Users\Lukas\Downloads\darktable-2.0.4.dmg
2016-07-07 11:10 - 2016-07-07 11:10 - 00000000 ____D C:\Users\Lukas\Documents\Adobe
2016-07-07 10:55 - 2016-07-07 10:55 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-07-07 10:54 - 2016-07-15 07:38 - 00000000 ____D C:\Program Files\Adobe
2016-07-07 10:54 - 2016-07-15 07:35 - 00001526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-07-07 10:54 - 2016-07-15 07:35 - 00001514 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-07-07 10:51 - 2016-07-07 10:51 - 00000000 ____D C:\Users\Lukas\Desktop\Adobe
2016-07-07 10:36 - 2016-07-07 10:36 - 02113584 _____ C:\Users\Lukas\Downloads\winrar-x64-531d.exe
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\WinRAR
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\Program Files\WinRAR
2016-07-07 09:34 - 2016-07-07 10:37 - 00000000 ____D C:\Users\Lukas\Downloads\Adobe Photoshop Lightroom CC 2015 6.6
2016-07-07 09:34 - 2016-07-07 09:34 - 00002031 _____ C:\Users\Lukas\Desktop\JDownloader 2.lnk
2016-07-07 09:34 - 2016-07-07 09:34 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-07-07 09:33 - 2016-07-07 10:33 - 00000000 ____D C:\Users\Lukas\AppData\Local\JDownloader 2.0
2016-07-07 09:31 - 2016-07-07 09:31 - 00076504 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_adfree_2016_1.exe
2016-07-07 09:10 - 2016-07-07 09:09 - 00112128 _____ C:\dmg2img.exe
2016-07-07 09:10 - 2016-07-07 09:09 - 00018011 _____ C:\COPYING
2016-07-07 09:10 - 2016-07-07 09:09 - 00003996 _____ C:\README
2016-07-07 09:10 - 2015-04-21 20:40 - 764907520 _____ C:\lightroom.dmg
2016-07-07 09:09 - 2016-07-07 09:09 - 00000000 ____D C:\Users\Lukas\Downloads\dmg2img-1.6.5-win32
2016-07-07 09:08 - 2016-07-07 09:09 - 00065546 _____ C:\Users\Lukas\Downloads\dmg2img-1.6.5-win32.zip
2016-07-07 08:59 - 2016-07-07 08:59 - 00001003 _____ C:\Users\Lukas\Desktop\AnyToISO.lnk
2016-07-07 08:59 - 2016-07-07 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyToISO
2016-07-07 08:59 - 2016-07-07 08:59 - 00000000 ____D C:\Program Files (x86)\AnyToISO
2016-07-07 08:47 - 2016-07-07 08:47 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\PowerISO
2016-07-07 08:32 - 2016-07-15 11:02 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-07-07 08:32 - 2016-07-07 08:32 - 00002207 _____ C:\Users\Lukas\Desktop\Chromium.lnk
2016-07-07 08:31 - 2016-07-15 07:25 - 00000000 ____D C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}
2016-07-07 08:30 - 2016-07-15 07:25 - 00000000 ____D C:\Program Files\PowerISO
2016-07-07 08:19 - 2016-07-07 08:19 - 03589456 _____ (Power Software Ltd) C:\Users\Lukas\Downloads\PowerISO6-x64.exe
2016-07-07 07:39 - 2015-04-22 10:58 - 00000000 ____D C:\Users\Lukas\Downloads\Lightroom 6.0 MAC
2016-07-07 07:37 - 2016-07-07 03:31 - 240619916 _____ C:\Users\Lukas\Desktop\01424.part3(1).rar
2016-07-07 07:37 - 2016-07-06 22:44 - 262144000 _____ C:\Users\Lukas\Desktop\01424.part2.rar
2016-07-07 07:37 - 2016-07-06 22:15 - 262144000 _____ C:\Users\Lukas\Desktop\01424.part1.rar
2016-07-07 07:37 - 2015-04-22 10:58 - 00000000 ____D C:\Users\Lukas\Desktop\Lightroom 6.0 MAC
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\Sn_L - Str F
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\Rd. H. C. Pp. - T_G
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\F_V & Grx-Oxn(1)
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\Ds - Mg_F_v
2016-06-25 15:56 - 2016-06-25 15:57 - 23374808 _____ C:\Users\Lukas\Downloads\Ds - Mg_F_v.zip
2016-06-25 15:54 - 2016-06-25 16:00 - 130564557 _____ C:\Users\Lukas\Downloads\Rd. H. C. Pp. - T_G.zip
2016-06-25 15:53 - 2016-06-25 15:56 - 54821505 _____ C:\Users\Lukas\Downloads\Sn_L - Str F.zip
2016-06-25 15:43 - 2016-06-25 15:50 - 165580240 _____ C:\Users\Lukas\Downloads\F_V & Grx-Oxn(1).zip
2016-06-17 15:19 - 2016-06-17 15:19 - 00000561 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-17 15:18 - 2016-06-17 15:18 - 06893008 _____ (Piriform Ltd) C:\Users\Lukas\Downloads\ccsetup518.exe
2016-06-17 14:12 - 2016-06-17 14:12 - 00000000 ____D C:\Users\Lukas\Documents\Ashampoo Burning Studio FREE
2016-06-17 14:12 - 2016-06-17 14:12 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Ashampoo
2016-06-16 17:33 - 2016-06-16 17:33 - 00000000 ____D C:\Users\Lukas\Downloads\WinXP
2016-06-16 16:32 - 2016-06-16 16:37 - 00000000 ____D C:\Users\Lukas\AppData\Local\Ubisoft Game Launcher
2016-06-16 16:32 - 2016-06-16 16:32 - 00001197 _____ C:\Users\Lukas\Desktop\Uplay.lnk
2016-06-16 16:32 - 2016-06-16 16:32 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-16 16:32 - 2016-06-16 16:32 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-06-15 20:01 - 2016-06-15 23:56 - 00000000 ____D C:\Users\Lukas\AppData\Local\CallofDuty4MW
2016-06-15 20:00 - 2016-06-15 20:00 - 00000000 ____D C:\Users\Lukas\Documents\cod4x_client
2016-06-15 00:13 - 2016-06-10 19:37 - 201261009 ____N C:\Users\Lukas\Desktop\20160610_193658.mp4
2016-06-15 00:13 - 2016-06-10 19:31 - 221967038 ____N C:\Users\Lukas\Desktop\20160610_193038.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-15 13:26 - 2015-10-27 22:04 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\NetSpeedMonitor
2016-07-15 13:12 - 2015-09-09 17:07 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000UA.job
2016-07-15 12:56 - 2009-07-14 06:45 - 00028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-15 12:56 - 2009-07-14 06:45 - 00028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-15 12:55 - 2014-12-08 05:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-15 12:45 - 2014-12-08 04:13 - 00697968 _____ C:\Windows\system32\perfh007.dat
2016-07-15 12:45 - 2014-12-08 04:13 - 00149434 _____ C:\Windows\system32\perfc007.dat
2016-07-15 12:45 - 2009-07-14 07:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-15 12:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-15 12:41 - 2015-10-28 21:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-15 12:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-15 12:36 - 2015-10-28 21:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-15 11:29 - 2015-02-25 23:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-15 11:28 - 2015-02-25 23:54 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-15 11:17 - 2014-12-08 04:53 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-15 09:20 - 2009-07-14 04:34 - 00000541 _____ C:\Windows\win.ini
2016-07-15 09:07 - 2014-12-11 22:58 - 00282472 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-07-15 09:07 - 2014-12-11 22:58 - 00282472 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-07-15 08:51 - 2014-12-08 04:53 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146856552194705
2016-07-15 08:51 - 2014-12-08 04:53 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146856550183702
2016-07-15 08:35 - 2015-03-25 10:39 - 00000000 ____D C:\Users\Lukas\AppData\Local\Spotify
2016-07-15 08:35 - 2015-03-25 10:38 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Spotify
2016-07-15 07:57 - 2016-01-23 22:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-15 07:57 - 2015-08-04 18:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-15 07:55 - 2014-12-08 05:10 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-15 07:55 - 2014-12-08 05:10 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-15 07:55 - 2014-12-08 05:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-15 07:44 - 2014-12-08 05:37 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Dropbox
2016-07-15 07:37 - 2014-12-08 14:57 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-07-15 07:37 - 2014-12-08 05:10 - 00000000 ____D C:\Users\Lukas\AppData\Local\Adobe
2016-07-15 07:31 - 2014-12-08 03:44 - 00000000 ____D C:\Users\Lukas
2016-07-15 07:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-15 07:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-07-15 07:26 - 2014-12-08 04:00 - 00066976 _____ C:\Users\Lukas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-15 07:26 - 2009-07-14 06:45 - 00303472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-15 07:25 - 2015-12-03 18:48 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-07-15 07:25 - 2015-12-02 17:01 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Battle.net
2016-07-15 07:25 - 2015-09-09 17:07 - 00000000 ____D C:\Users\Lukas\AppData\Local\Dropbox
2016-07-15 07:25 - 2015-04-07 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-15 07:25 - 2015-02-26 00:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-07-15 07:25 - 2015-02-26 00:19 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-15 07:25 - 2014-12-08 05:56 - 00000000 ____D C:\Windows\pss
2016-07-15 07:25 - 2014-12-08 05:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-15 07:25 - 2014-12-08 05:11 - 00000000 ____D C:\ProgramData\Adobe
2016-07-15 07:25 - 2014-12-08 05:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-15 07:25 - 2014-12-08 05:10 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-15 07:25 - 2014-12-08 04:59 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Adobe
2016-07-15 07:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2016-07-15 06:17 - 2014-12-08 05:26 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\TeamViewer
2016-07-14 23:36 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-07-10 12:52 - 2014-12-08 05:29 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\TS3Client
2016-07-09 06:56 - 2015-12-02 17:01 - 00000000 ____D C:\Users\Lukas\AppData\Local\Battle.net
2016-07-08 23:47 - 2014-12-08 15:05 - 00000000 ____D C:\Users\Lukas\AppData\Local\ElevatedDiagnostics
2016-07-07 09:43 - 2015-12-02 17:00 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-07 09:12 - 2014-12-08 03:44 - 00000000 ____D C:\Users\Lukas\AppData\Local\VirtualStore
2016-07-07 08:32 - 2015-03-30 20:38 - 00000000 ____D C:\Users\Lukas\AppData\Local\Chromium
2016-07-07 08:08 - 2014-12-08 05:18 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite
2016-07-07 02:16 - 2014-12-11 22:58 - 00282472 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-07-06 19:49 - 2015-09-09 17:07 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000Core.job
2016-07-05 12:34 - 2014-12-08 05:20 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Skype
2016-07-05 12:28 - 2014-12-08 05:20 - 00000000 ____D C:\ProgramData\Skype
2016-06-19 21:39 - 2015-10-28 21:49 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-19 21:39 - 2015-10-28 21:49 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-19 21:37 - 2016-03-05 00:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-17 15:19 - 2014-12-08 05:16 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-17 15:07 - 2014-12-08 05:42 - 00000000 ____D C:\Users\Lukas\Desktop\Uni
2016-06-15 00:18 - 2014-12-08 18:34 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2015-02-24 00:07 - 2015-02-25 15:14 - 0000124 _____ () C:\Users\Lukas\AppData\Roaming\WB.CFG
2015-02-25 15:13 - 2015-02-25 15:13 - 0274045 _____ () C:\Users\Lukas\AppData\Local\dsi1.dat
2015-02-25 15:13 - 2015-02-25 15:13 - 0161916 _____ () C:\Users\Lukas\AppData\Local\dsi2.dat
Files to move or delete:
====================
C:\Users\Lukas\laZagne.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-01 06:59
==================== End of FRST.txt ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
Ran by Lukas (2016-07-15 13:27:48)
Running from C:\Users\Lukas\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-08 01:44:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-764526889-93497828-4280948729-500 - Administrator - Disabled)
Guest (S-1-5-21-764526889-93497828-4280948729-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-764526889-93497828-4280948729-1002 - Limited - Enabled)
Lukas (S-1-5-21-764526889-93497828-4280948729-1000 - Administrator - Enabled) => C:\Users\Lukas
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Amazon Music (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.7.3 - CrystalIdea Software, Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ballance (HKLM-x32\...\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Borderlands - The Pre-Sequel (HKLM-x32\...\Borderlands - The Pre-Sequel_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Call of Duty Modern Warfare 3 (c) Activision version 1 (HKLM-x32\...\Call of Duty Modern Warfare 3 (c) Activision_is1) (Version: 1 - )
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cinergy C PCI HD Driver Installation (64 Bit) (HKLM-x32\...\{5A775CBD-03A6-4832-820C-20C0DC57E2E5}) (Version: 1.01.02.501 - TERRATEC Electronic GmbH)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version: - )
Dropbox (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains dotPeek 1.3 Update 1 (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\{ac382b74-501b-5db7-80b9-d3949a5a90e7}) (Version: 1 - JetBrains s.r.o.)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - )
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
OpenVPN 2.3.6-I001 (HKLM\...\OpenVPN) (Version: 2.3.6-I001 - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - Yager)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Spotify) (Version: 1.0.32.96.g3c8a06e6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.0.8232 - TeamViewer GmbH)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.25.6 - )
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Driver Package - TERRATEC Cinergy C PCI (11/18/2010 1.01.02.501) (HKLM\...\CB911E83C421B81249FF40C42D1544261A839B84) (Version: 11/18/2010 1.01.02.501 - TERRATEC )
Windows Driver Package - TERRATEC Cinergy C/S2 PCI Infrared (05/21/2010 1.00.03.201) (HKLM\...\8D0D8EE2347DC7FE9BD534792E76CD8F22681D44) (Version: 05/21/2010 1.00.03.201 - TERRATEC )
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04E2B065-B0A4-49FD-8882-027158F49538} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000Core => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-09] (Dropbox, Inc.)
Task: {0E378ECB-CA6D-46B5-936D-06A4E79DAAB1} - System32\Tasks\{CF8566FF-9782-4C77-B4DF-41528EAC16F4} => pcalua.exe -a "F:\Spiele\Spiele\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "F:\Spiele\Spiele\Call of Duty 4 - Modern Warfare"
Task: {1EB9D489-7E75-4158-9F22-3D3A847F701E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {3764B28E-5FFA-4634-A137-E4B1F286B898} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-09] (AVAST Software)
Task: {3CAAE072-C518-41C5-B0E5-3BF4192A5007} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {497FC118-AB17-4745-AC8A-CE7596848B3C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {4A828AA7-AB20-47CD-AC0D-BE3D18557319} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated)
Task: {9E77C808-C2C6-471A-9ABF-F2085FBD684B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.)
Task: {AFDD54C6-6F2F-4293-91A9-DB6404118FF4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {C1B2050A-AF93-4BAB-813F-39C449D131A4} - System32\Tasks\{FF71365C-48A8-4B6D-B5CC-0E32F84912ED} => pcalua.exe -a F:\Seagate\Setup.exe -d F:\Seagate
Task: {C44FE226-95A3-45E3-949D-72E07AAEC1D7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000UA => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-09] (Dropbox, Inc.)
Task: {C9559BD2-6326-4841-A83B-58617B119608} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DB5C643D-F959-4570-9353-5C9FB7BD98EC} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {EC9AFFC2-5538-44DA-A788-7E346812B9E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.)
Task: {F0BFD3FD-F090-471A-9B75-488871CE0DDF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F6FF1DBB-548F-4545-A0A2-382E95BA6AA2} - System32\Tasks\{52A3A8E2-8D99-4972-AB59-D401CA087447} => pcalua.exe -a C:\Users\Lukas\Downloads\aomwin200ea24us.exe -d C:\Users\Lukas\Downloads
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000Core.job => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000UA.job => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-04-01 17:49 - 2014-01-28 11:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2015-04-01 17:49 - 2014-10-09 15:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2015-01-04 21:42 - 2015-01-04 21:42 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () D:\Programme\Notepad++\NppShell_06.dll
2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () D:\Programme\lang\lang-1031.dll
2015-02-26 00:19 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-26 00:19 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-26 00:19 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-26 00:19 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-26 00:19 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-03-19 04:57 - 2015-03-19 04:57 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\582f6038931a9b63060e663814d293d0\PSIClient.ni.dll
2014-12-08 03:59 - 2012-07-18 07:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7871 more sites.
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123simsen.com -> www.123simsen.com
There are 7871 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-07-15 09:20 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-764526889-93497828-4280948729-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Lukas\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "D:\Programme\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: ESL Wire => "C:\Program Files\EslWire\wire.exe" --tray
MSCONFIG\startupreg: GoogleChromeAutoLaunch_F6D2C87DA1C5E1CD04E36E350E087CDA => "C:\Users\Lukas\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Lukas\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lukas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{44DB967C-6610-42AA-B55B-650D14881013}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{56950DEA-D48F-4BBD-B2A2-3E3685E463A4}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{052FDF99-F22E-42D8-AA99-0C5388051C93}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{77148A76-AFBB-46BC-ABD3-3965DE46F44A}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{A395AFE8-23FB-4D10-9B6B-E44AC1359173}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2935C15E-EC0B-4BB4-81F3-FAAD774D13CF}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{A1C23C7F-CACD-4AD5-807B-77C23CE1A361}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7990AF6A-A639-4D66-8C68-0351E54AF54B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{E468FFAF-AB0F-4078-ACC3-4DDA3F8F7471}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{75E8BAF3-C345-421E-BDD2-F98A2324FC2F}] => (Allow) D:\Programme\Terratec\CinergyDvr.exe
FirewallRules: [{05F4979D-F4B1-493A-A4B8-F669AAC3C397}] => (Allow) D:\Programme\Terratec\CinergyDvr.exe
FirewallRules: [{F83E01FE-A3E7-4C70-88FD-C5683E40F354}] => (Allow) D:\Programme\Terratec\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{E7650AE3-6D10-4BBF-8C19-DB42342A51B1}] => (Allow) D:\Programme\Terratec\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{EA883A98-3B12-4D71-B555-8EE0A801B533}] => (Allow) D:\Programme\Terratec\VersionCheck\VersionCheck.exe
FirewallRules: [{E68D81F0-EB99-4833-8708-13A8FD036E1F}] => (Allow) D:\Programme\Terratec\VersionCheck\VersionCheck.exe
FirewallRules: [{84E974FC-4310-4A81-B1F0-A7DC0B54F108}] => (Allow) C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A6974DC0-E3D9-45DD-A145-CE461686E649}] => (Allow) C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{90DB6EED-70B4-4019-B3D9-79CB92803BA7}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{F4F7DE0C-CC50-4E20-AC3E-328F1944B318}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{411B7511-8EA3-4F39-8852-0CE7FEB22D93}C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FEC578FB-EA77-4071-A58F-F04375BC217E}C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C5911614-43B1-4441-ACC4-82DAD690887F}] => (Allow) D:\Games\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{368FC244-6266-4D46-8AEA-79D38FF80976}] => (Allow) D:\Games\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{25F43864-9031-47CC-9D04-F08466A5F581}] => (Allow) D:\Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C8E723A1-A044-43D4-89A0-410BBF3146C1}] => (Allow) D:\Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{83DA8F47-C5FE-483B-A799-E914BBF4CFFB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{717C12FF-31C3-451B-B0C2-04BEC3FD713C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8AB6B9EE-A628-40BF-B18D-4931656C9731}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5E20F050-8160-458F-8816-9EEDD109D813}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{11CDE5AF-7230-45CA-9779-9CC284A790C5}] => (Allow) D:\Games\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{AD55BAFF-69F2-40D4-A6C8-1A92C9733407}] => (Allow) D:\Games\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{A8DC4377-0CD0-4781-94F5-7337B9CC4031}] => (Allow) D:\Games\BF4\Battlefield 4\bf4.exe
FirewallRules: [{B80E16E7-7D79-487B-B47F-11510F8532D2}] => (Allow) D:\Games\BF4\Battlefield 4\bf4.exe
FirewallRules: [{A4619CBC-44DE-41A8-9926-0D5E94B7ED55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DD2A46A-D7AB-4AE2-9EA4-2FA29D540EE2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DA6F928C-AACA-4399-8FEC-5380FF083CB4}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{7C4AC428-D8BB-4018-8F9E-A00BB152DF0C}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{C4535119-50D3-443D-97A2-99D18978AF1B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4856A6CB-BD51-451E-9F9C-FFE8E3EE0979}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{C809D949-AB88-4DE9-B3B4-D2BAE58F49E9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3EABBC38-5371-499C-AFD3-FB5CBDB80B09}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{359AF6C6-8367-4727-BAA4-64034537647B}] => (Allow) D:\Games\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{2962AE22-E39C-414F-B9FE-4D8CF4796E39}] => (Allow) D:\Games\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [TCP Query User{C68D481E-EBE1-4829-A303-B4F3C5198A9A}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A41E19EA-FEDA-4594-8A8E-9D7BF015C3BC}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{89299151-2BC0-4C29-B853-2D7D78A7AF57}] => (Allow) D:\Games\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{90F8EDAA-1E6C-40F5-95B4-D6DD820E84AC}] => (Allow) D:\Games\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{D0CFC8CC-4CCF-499D-AFA3-F9BDE82D9263}] => (Allow) D:\Games\Steam\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{CA2665CF-A8E1-42D7-AF02-D0D33FAC2F72}] => (Allow) D:\Games\Steam\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{4A97858F-1233-4454-8555-7239376E783A}] => (Allow) C:\Users\Lukas\AppData\Local\Temp\{A9BDBA73-AC07-47C0-9A95-2D53315F6A37}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [{AC45EBE3-E9B1-4E1D-A227-3CF987726BE1}] => (Allow) C:\Users\Lukas\AppData\Local\Temp\{A9BDBA73-AC07-47C0-9A95-2D53315F6A37}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [TCP Query User{33D91F5C-B98D-4CA9-B97C-3A15168765DE}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1CA44424-7A5F-4097-92DD-EEBC741C94E9}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F0889343-6695-4F6C-99E8-ECF4A56BA367}] => (Allow) D:\Games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C1568127-0F94-4BFE-A404-F6C28F073187}] => (Allow) D:\Games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{29F074DE-388D-4AB5-AF74-2F56193E5E57}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EFC36B5C-155F-479F-9DE7-C4EC6BD26A65}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{4F809EB2-F531-41BD-A6AE-4CEB0642AC6E}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{909E9F74-EDC4-4FB1-A2BA-75760DD9FED9}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{AB9C3771-21E6-464B-94F0-6E4BDD36CD7F}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{17784E5F-AC92-4D33-A4D9-2FC1A1E26BDF}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [TCP Query User{B1B05BCB-D607-445C-BF99-6517217B8415}D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BD781373-9B4F-4911-83BF-4074F19C9631}D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2C6BE9E2-67B6-4C9C-86A1-00424692177F}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5CD69650-D53C-48F7-A10D-C442136B62E6}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{DB9791A8-A254-4337-A1A3-37CA68E83153}D:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E4C49202-6DCD-4B48-B9F8-3C522B57269C}D:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{8B9B81C9-ABCC-43A9-A2CD-A1D6596C26FF}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Block) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{0CE4DAED-A7EF-4610-BB40-967D5B7D596E}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Block) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{8C1AAD0E-3B64-40ED-88E2-FEAA4BDBFB8A}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{F9DA5F8D-012D-4ABA-9B08-1678F94544AD}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6644A8DF-A109-4F62-96FA-B0E5AA21BC31}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E192567A-BCFE-4C96-9B18-9290EACA6951}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [TCP Query User{B6160239-4B08-43A8-99E0-A595BC53A8A7}D:\games\steam\steamapps\common\half-life\hl.exe] => (Block) D:\games\steam\steamapps\common\half-life\hl.exe
FirewallRules: [UDP Query User{0231D583-37C8-4EF2-A6FE-75000090CBA5}D:\games\steam\steamapps\common\half-life\hl.exe] => (Block) D:\games\steam\steamapps\common\half-life\hl.exe
FirewallRules: [TCP Query User{6389019D-EDDD-481E-869A-4EFD994E8D6A}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{9264488E-59A1-4BC5-B70D-17BC32D51937}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [TCP Query User{83526243-0025-40C2-9276-93837A6C99B8}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{BECAFFDF-403E-41EA-9AC6-2B9530E43FB6}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{2F10602E-91A2-44D6-A7A4-531EEABD9CA8}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{5961E1D5-1739-4A3A-A1C9-8EB3687A22EA}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{810A4EDD-29C6-4553-BD82-082217B251B1}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F20EAE0B-ACC9-44A5-8377-95D7DA394337}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{09FB7925-7745-4D47-B773-30940FBF711D}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{491286E2-C919-4CF8-95F0-49061FC04F7F}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{28A4F5C6-6E07-4049-BF1A-2ABC7870CB7F}] => (Allow) D:\Games\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{CF32CB95-70FC-44B7-897C-BD5D35505C84}] => (Allow) D:\Games\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{84430685-EC57-467C-BD29-B2DBEC942BCD}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{45F61ED1-B471-49A2-9ACE-21708EDF839D}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{6742EEB0-AE7C-4CB0-8A49-1AE1696E5F29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0D777D57-142F-41B6-9021-6C3D40F83C22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CBB8FEE2-A4A8-4CB9-98FC-3B5F37F433EC}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{FE8D3252-3EE5-4693-A66E-53859557F27F}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [TCP Query User{33960166-2E90-499B-A36F-FBE3D729FF61}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B29216CE-282F-4C42-B144-C3643FAB6889}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{BC1BA297-E805-427C-9B03-C9771D153D8F}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{EA70EF93-ADFE-4F33-B456-6F096D351779}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{980711DA-0546-434E-BB0F-1A298F0E8BCB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{F061B973-EA33-4DCB-9699-4855A6B773AD}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{A8E343F0-1596-4746-A5E5-388BF2DD50C9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{F9DBEBE3-5F79-466D-BD97-C2D07DC14FF8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{2963F8CD-C5C3-4A58-8B12-FC1AA0D734D4}I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{CE278F71-86D6-4735-9938-234BA3CD100F}I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{1A8A1BAA-5E2C-4750-8AC3-FE27A56454F0}D:\games\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\games\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{38DCE337-3792-42D1-A297-068DF0B07368}D:\games\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\games\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{BE8A200C-FA9B-453A-AD54-E8115A23F1BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FE91EFB-E541-44EB-B177-16A39D718E2C}] => (Allow) D:\Games\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{559A0623-8E09-46B1-BE47-8A73F0B37306}] => (Allow) D:\Games\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{3A3D889E-D283-4400-BC82-AACEBD69EC8A}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{44CF4D80-BD98-494E-AA93-3A214463AAB8}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{CD5E678D-C079-42A3-92FC-008CF48F6C31}] => (Allow) C:\Users\Lukas\AppData\Local\Chromium\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
15-07-2016 07:35:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
15-07-2016 07:36:02 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
15-07-2016 12:42:14 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/15/2016 12:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2016 11:17:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2016 09:22:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2016 09:07:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x4859a219
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55afd843
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00032973
ID des fehlerhaften Prozesses: 0x143c
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3
Error: (07/15/2016 08:37:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2016 08:35:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2016 07:43:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17923, Zeitstempel: 0x55945dbd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55b02e88
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004ac04
ID des fehlerhaften Prozesses: 0x1b18
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Error: (07/15/2016 07:32:04 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (avast! antivirus system restore point). Zusätzliche Informationen: 0xc0000022.
Error: (07/15/2016 07:31:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2016 07:31:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl) konnten nicht installiert werden. Der Fehlercode ist das erste DWORD im Datenbereich.
System errors:
=============
Error: (07/15/2016 12:40:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player Network Sharing Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (07/15/2016 12:40:19 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50 = Die Anforderung wird nicht unterstützt.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (07/15/2016 12:40:19 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Restart the service) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (07/15/2016 12:39:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/15/2016 12:39:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/15/2016 12:39:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/15/2016 12:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.
Error: (07/15/2016 12:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.
Error: (07/15/2016 12:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation Font Cache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Restart the service.
Error: (07/15/2016 12:39:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Restart the service.
CodeIntegrity:
===================================
Date: 2016-07-15 09:22:10.982
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-15 09:22:10.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-15 05:55:54.028
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-15 05:55:53.982
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-14 23:36:55.122
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-14 23:36:55.091
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-14 23:20:38.966
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-14 23:20:38.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-14 22:33:09.122
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-07-14 22:33:09.075
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3550 CPU @ 3.30GHz
Percentage of memory in use: 36%
Total physical RAM: 8087.39 MB
Available physical RAM: 5107.77 MB
Total Virtual: 16172.99 MB
Available Virtual: 13448.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:50.27 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:41.74 GB) NTFS
Drive f: (Transcend) (Fixed) (Total:931.51 GB) (Free:402.69 GB) NTFS
Drive i: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:151.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0404ACF5)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3FB1493D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 0289ED2A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0056091B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
|
Malwarebytes Anti-Malware 
SecurityCheck und: