Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2014
Ran by Tristan at 2014-11-20 21:54:00
Running from C:\Users\Tristan\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi (x32 Version: 1.5.1717_38186 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8031 - CyberLink Corp.) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7 Days to Die - Alpha version 0.9.1 (HKLM-x32\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 0.9.1 - The Fun Pimps LLC)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
applicationupdater (HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\SOE-C:/Users/Tristan/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version: - Sony Online Entertainment)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0400}) (Version: 12.4.0.1130 - APN, LLC)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C3100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c3100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version: - Dark Byte)
clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.2212.35 - CyberLink Corp.)
clear.fi (x32 Version: 1.5.2212.35 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Command & Conquer 3 Kane's Wrath(TM) Worldbuilder (HKLM-x32\...\{44C934E4-6610-43D4-8E9B-49F30785013A}) (Version: 1.0 - Electronic Arts)
Command & Conquer 3 Tiberium Wars(TM) Worldbuilder (HKLM-x32\...\{F428768A-BA63-43A5-86E9-7F0CFD174944}) (Version: 1.0 - Electronic Arts)
Command & Conquer™ 3: Kanes Rache (HKLM-x32\...\{CC2422C9-F7B5-4175-B295-5EC2283AA674}) (Version: 1.00.0000 - Ihr Firmenname)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
Google Chrome (HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingdoms Rise (HKLM-x32\...\Steam App 248630) (Version: - Flyleap Studios Pty. Ltd.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-72fe2fd2-5bfa-4e4d-bec6-ef07137cc7ae) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-8abab691-448b-492f-b977-47361c8914e3) (Version: - Epic Games, Inc.)
MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140708.88005 - Square Enix Ltd)
NVIDIA 3D Vision Controller-Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlanetSide 2 (HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\SOE-PlanetSide 2 PSG) (Version: - Sony Online Entertainment)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2125.1 - Hi-Rez Studios)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
The Binding Of Isaac Version 1.0 (HKLM-x32\...\{66D8D1B9-0B6F-423F-950A-1E6B0B7482C4}_is1) (Version: 1.0 - Headup Games)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.4.2 - Palit Microsystems Ltd.)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.8.10 - Electronic Arts)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unreal Development Kit: 2012-10 (HKLM\...\UDK-233d5133-a8a0-4aef-b238-5238a5fce737) (Version: - Epic Games, Inc.)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-5f6ab2c3-0b61-4972-9a87-961e2ec2b50a) (Version: - Epic Games, Inc.)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-70f979e0-5b88-4381-b228-3cb66014fef6) (Version: - Epic Games, Inc.)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-8d663535-2e1d-443d-b2e0-d8f7008e3fc0) (Version: - Epic Games, Inc.)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-cde87bcb-23e7-45a2-8f94-b2a4ab21ea45) (Version: - Epic Games, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
uRage Vendetta Wireless (HKLM-x32\...\uRage Vendetta Wireless) (Version: - )
USB Dual Vibration PAD (HKLM-x32\...\{56DD3770-2EF5-42D0-BA5A-A8135E9D4A9E}) (Version: 2004.07.09 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
YGOPro DevPro Version 1.8.6 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.8.6 - YGOPro DevPro Online)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
01-11-2014 05:46:12 Windows Update
08-11-2014 10:02:00 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {16468E0B-85D9-40B1-A438-966A669A7251} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink)
Task: {2649DA77-9018-478D-9A8C-FAED4D7CF42C} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.)
Task: {26A34FD3-6EBD-4AC2-A79D-271418F03499} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000Core => C:\Users\Tristan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30] (Google Inc.)
Task: {2DBA5741-246D-4383-BE3A-252400E23155} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {2FE1CE3A-CDCB-4D78-B58F-10B65BFC0454} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {349466C7-7EE0-4205-B1C1-B48F38E5C154} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000UA => C:\Users\Tristan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30] (Google Inc.)
Task: {4112EEDE-2399-4DE9-A255-985E8341B2B0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {4F8DAA6B-F8E2-4A4C-A531-319992F58D77} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated)
Task: {569BBF81-98F7-4798-8582-56BDA35AEDD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11] (Google Inc.)
Task: {69D4C54F-2D16-4EBE-9B36-CBEF5CE06796} - \Advanced System Protector No Task File <==== ATTENTION
Task: {71D499A4-E14F-450F-9033-321BCA1069D8} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {87DB137A-514D-4B62-8C58-21067946CA27} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{FFD63928-2190-41C0-8103-A738764E7174}.exe
Task: {8F8B4A97-072A-4B68-BDE5-20C3A3976813} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{6B8C1687-B3D2-4396-92C6-581D911AB378}.exe
Task: {AA15A831-4623-4431-A292-0272D70CCF20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11] (Google Inc.)
Task: {DFECE80C-4D5D-49F8-83B3-B1D523FCFFFF} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-05-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{6B8C1687-B3D2-4396-92C6-581D911AB378}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{FFD63928-2190-41C0-8103-A738764E7174}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000Core.job => C:\Users\Tristan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000UA.job => C:\Users\Tristan\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-11-03 12:39 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-11 04:58 - 2011-08-11 04:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2013-11-09 19:05 - 2013-09-30 13:40 - 03587584 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
2012-12-27 19:16 - 2014-01-17 04:05 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-21 20:18 - 2014-10-08 19:16 - 00613944 _____ () C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-06-12 17:11 - 2014-08-16 19:35 - 01294336 _____ () D:\League of legends\RADS\system\rads_user_kernel.exe
2014-08-16 19:37 - 2014-11-20 13:36 - 02436600 _____ () D:\League of legends\RADS\projects\lol_launcher\releases\0.0.0.227\deploy\LoLLauncher.exe
2014-11-20 13:37 - 2014-11-20 13:37 - 04247544 _____ () D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\LoLPatcher.exe
2014-08-16 20:13 - 2014-08-16 20:13 - 00074752 _____ () D:\League of legends\RADS\projects\lol_air_client\releases\0.0.1.119\deploy\LolClient.exe
2014-09-21 20:18 - 2014-10-08 19:16 - 36966968 _____ () C:\Users\Tristan\AppData\Roaming\Spotify\Data\libcef.dll
2011-08-11 04:57 - 2011-08-11 04:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2011-11-22 23:46 - 2011-10-12 11:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-11-09 19:05 - 2013-09-30 13:39 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Lang.dll
2013-11-09 19:05 - 2013-01-29 16:15 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\hiddriver.dll
2014-09-21 20:18 - 2014-10-08 19:16 - 00867896 _____ () C:\Users\Tristan\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-09-21 20:18 - 2014-10-08 19:16 - 00886840 _____ () C:\Users\Tristan\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-09-21 20:18 - 2014-10-08 19:16 - 00108600 _____ () C:\Users\Tristan\AppData\Roaming\Spotify\Data\libegl.dll
2013-12-17 13:46 - 2013-12-17 13:46 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\eb4812681f6ab4406053f3a1803e6da0\IsdiInterop.ni.dll
2011-11-22 23:35 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-20 13:37 - 2014-11-20 13:37 - 43366400 _____ () D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\libcef.dll
2014-11-20 13:37 - 2014-11-20 13:37 - 01564160 _____ () D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\icui18n.dll
2014-11-20 13:37 - 2014-11-20 13:37 - 01246208 _____ () D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\icuuc.dll
2014-11-20 13:37 - 2014-11-20 13:37 - 05081088 _____ () D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\v8.dll
2014-11-20 13:37 - 2014-11-20 13:37 - 01629176 _____ () D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\RiotLauncher.dll
2014-11-20 13:37 - 2014-11-20 13:37 - 01707520 _____ () D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\RiotRadsIO.dll
2014-08-16 20:12 - 2014-08-16 20:12 - 04774248 _____ () D:\League of legends\RADS\projects\lol_air_client\releases\0.0.1.119\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-08-16 20:12 - 2014-08-16 20:12 - 16032616 _____ () D:\League of legends\RADS\projects\lol_air_client\releases\0.0.1.119\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2014-03-13 18:37 - 2014-03-13 18:37 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-03-13 18:37 - 2014-03-13 18:37 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-13 18:37 - 2014-03-13 18:37 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-07-30 15:13 - 2014-08-12 08:24 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2012-07-30 15:13 - 2014-08-12 08:24 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-03-13 18:37 - 2014-03-13 18:37 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-13 18:37 - 2014-03-13 18:37 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-07-30 15:13 - 2014-08-12 08:24 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-18 14:25 - 2014-08-12 08:24 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-13 18:37 - 2014-03-13 18:37 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-10-28 14:28 - 2014-10-22 05:04 - 01042760 _____ () C:\Users\Tristan\AppData\Local\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 14:28 - 2014-10-22 05:04 - 00211272 _____ () C:\Users\Tristan\AppData\Local\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 14:28 - 2014-10-22 05:04 - 08910664 _____ () C:\Users\Tristan\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 14:28 - 2014-10-22 05:04 - 01681224 _____ () C:\Users\Tristan\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-28 14:28 - 2014-10-22 05:05 - 14902600 _____ () C:\Users\Tristan\AppData\Local\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Desura => C:\Program Files (x86)\Desura\desura.exe -autostart
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: Logitech G35 => C:\Program Files (x86)\Logitech\G35\G35.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-1001276524-3305491395-1145697322-500 - Administrator - Disabled)
Gast (S-1-5-21-1001276524-3305491395-1145697322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1001276524-3305491395-1145697322-1002 - Limited - Enabled)
Tristan (S-1-5-21-1001276524-3305491395-1145697322-1000 - Administrator - Enabled) => C:\Users\Tristan
==================== Faulty Device Manager Devices =============
Name: WeOnlyDo Network Adapter 2.5
Description: WeOnlyDo Network Adapter 2.5
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: WeOnlyDo Network Provider
Service: wod0205
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/20/2014 07:34:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/20/2014 07:33:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/20/2014 01:13:36 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (11/20/2014 01:13:36 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (11/20/2014 01:13:35 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (11/17/2014 01:52:06 PM) (Source: LMS) (EventID: 2) (User: NT-AUTORITÄT)
Description: Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen.
Error: (11/15/2014 01:11:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 16.13.42.0, Zeitstempel: 0x5418ec0a
Name des fehlerhaften Moduls: NvBackend.exe, Version: 16.13.42.0, Zeitstempel: 0x5418ec0a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007b023
ID des fehlerhaften Prozesses: 0x8d0
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3
Error: (11/14/2014 01:50:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.18150, Zeitstempel: 0x518c8c81
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004af449
ID des fehlerhaften Prozesses: 0x960
Startzeit der fehlerhaften Anwendung: 0xwmprph.exe0
Pfad der fehlerhaften Anwendung: wmprph.exe1
Pfad des fehlerhaften Moduls: wmprph.exe2
Berichtskennung: wmprph.exe3
Error: (11/11/2014 09:12:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 8b0
Startzeit: 01cffd8729fba9fd
Endzeit: 2
Anwendungspfad: C:\Users\Tristan\Desktop\League of Legends public beta\RADS\system\rads_user_kernel.exe
Berichts-ID: 70a593ca-697a-11e4-a8d5-386077b0f491
Error: (11/09/2014 03:18:44 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1972) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.
System errors:
=============
Error: (11/20/2014 01:12:59 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/19/2014 02:53:51 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/19/2014 02:53:49 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/19/2014 02:53:46 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/19/2014 02:53:44 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/18/2014 02:59:19 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/18/2014 02:59:16 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/18/2014 02:59:14 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/18/2014 02:59:11 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (11/17/2014 01:47:36 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 45%
Total physical RAM: 8172.26 MB
Available physical RAM: 4421.54 MB
Total Pagefile: 16342.7 MB
Available Pagefile: 11796.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:137.07 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:319.61 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1311065B)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-11-2014
Ran by Tristan (administrator) on PC-XD on 20-11-2014 21:52:53
Running from C:\Users\Tristan\Downloads
Loaded Profile: Tristan (Available profiles: Tristan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Akamai Technologies, Inc.) C:\Users\Tristan\AppData\Local\Akamai\netsession_win.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tristan\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Akamai Technologies, Inc.) C:\Users\Tristan\AppData\Local\Akamai\netsession_win.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
() C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() D:\League of legends\RADS\system\rads_user_kernel.exe
() D:\League of legends\RADS\projects\lol_launcher\releases\0.0.0.227\deploy\LoLLauncher.exe
() D:\League of legends\RADS\projects\lol_patcher\releases\0.0.0.11\deploy\LoLPatcher.exe
() D:\League of legends\RADS\projects\lol_air_client\releases\0.0.1.118\deploy\LolClient.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Users\Tristan\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tristan\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tristan\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tristan\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2013-09-30] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Tristan\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [Google Update] => C:\Users\Tristan\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-30] (Google Inc.)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2158888 2013-05-24] (Palit Microsystems Ltd.)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [GoogleChromeAutoLaunch_58918049696FFD10F7847AFE5A3C2754] => C:\Users\Tristan\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [NetLimiter] => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [Spotify] => C:\Users\Tristan\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-08] (Spotify Ltd)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [Spotify Web Helper] => C:\Users\Tristan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-08] (Spotify Ltd)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\MountPoints2: {4b9ceea8-0bb8-11e2-ac8d-386077b0f491} - L:\setup.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000 -> DefaultScope {5200D6A5-5274-412E-818D-2B01ACCA19C6} URL = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=961
SearchScopes: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000 -> {5200D6A5-5274-412E-818D-2B01ACCA19C6} URL = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=961
SearchScopes: HKU\S-1-5-21-1001276524-3305491395-1145697322-1000 -> {B6769F50-6513-477D-8482-0BBD17402737} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=2EF97557-6D98-47BA-95BE-5CD865AD626C&apn_sauid=4DFD4E36-F882-4586-8ED6-B4D9DC09CE0E
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Tristan\AppData\Roaming\Mozilla\Firefox\Profiles\2i87mwsk.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1001276524-3305491395-1145697322-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Tristan\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKU\S-1-5-21-1001276524-3305491395-1145697322-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1001276524-3305491395-1145697322-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tristan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1001276524-3305491395-1145697322-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tristan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1001276524-3305491395-1145697322-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Avira Browser Safety - C:\Users\Tristan\AppData\Roaming\Mozilla\Firefox\Profiles\2i87mwsk.default\Extensions\abs@avira.com [2014-11-13]
FF Extension: Adblock Plus - C:\Users\Tristan\AppData\Roaming\Mozilla\Firefox\Profiles\2i87mwsk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-05]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-11]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-10-17]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-10-17]
FF HKU\S-1-5-21-1001276524-3305491395-1145697322-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2014-06-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (ProxMate) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-11-02]
CHR Extension: (Google Wallet) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Profile: C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-12]
CHR Extension: (YouTube) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-12]
CHR Extension: (Adblock Plus) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-17]
CHR Extension: (Google-Suche) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-12]
CHR Extension: (Tampermonkey) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-03-23]
CHR Extension: (AdBlock) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-11-17]
CHR Extension: (Stealthy) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2012-12-10]
CHR Extension: (Speed Dial 2) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2012-11-17]
CHR Extension: (Wajam) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2012-11-12]
CHR Extension: (AVG Security Toolbar) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-11-12]
CHR Extension: (Google Mail) - C:\Users\Tristan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-12]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-09-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [993584 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-09-12] (APN LLC.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-12] (EasyAntiCheat Ltd)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-01-17] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-10-14] (Razer Inc)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)
S3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 sclbl; \??\C:\AeriaGames\ScarletBlade\avital\scarbt64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 21:52 - 2014-11-20 21:53 - 00028634 _____ () C:\Users\Tristan\Downloads\FRST.txt
2014-11-20 21:52 - 2014-11-20 21:52 - 00000000 ____D () C:\FRST
2014-11-20 21:21 - 2014-11-20 21:22 - 02117632 _____ (Farbar) C:\Users\Tristan\Downloads\FRST64.exe
2014-11-20 19:34 - 2014-11-20 21:14 - 00004430 _____ () C:\Windows\SysWOW64\detekt.log
2014-11-20 19:34 - 2014-11-20 19:34 - 00000164 _____ () C:\Users\Tristan\Downloads\detekt.log
2014-11-20 19:32 - 2014-11-20 19:33 - 27810288 _____ () C:\Users\Tristan\Downloads\detekt.exe
2014-11-19 02:14 - 2014-11-19 02:14 - 00000000 _____ () C:\Users\Tristan\Desktop\decke isolieren.txt
2014-11-13 23:44 - 2014-11-13 23:44 - 00000000 _____ () C:\Users\Tristan\Desktop\1 mysterie gift.txt
2014-11-13 12:26 - 2014-11-13 12:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-13 10:45 - 2014-11-14 12:43 - 00001101 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-11 18:39 - 2014-11-11 18:39 - 00000222 _____ () C:\Users\Tristan\Desktop\The Binding of Isaac Rebirth.url
2014-11-08 12:34 - 2014-11-08 12:34 - 00338067 _____ () C:\Users\Tristan\Desktop\maokai
2014-11-08 12:33 - 2014-11-08 12:33 - 00338067 _____ () C:\Users\Tristan\Desktop\image
2014-11-07 03:45 - 2014-09-12 19:06 - 00175136 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-10-29 01:40 - 2014-10-29 01:40 - 00950988 _____ () C:\Users\Tristan\Desktop\SinglePlayerCommands-MC1.5.2_V4.8.zip
2014-10-23 02:11 - 2014-10-23 02:12 - 26190717 _____ () C:\Users\Tristan\Desktop\AMV Happy!.mp4
2014-10-23 02:08 - 2014-10-23 02:08 - 03266807 _____ () C:\Users\Tristan\Desktop\Gorillaz - Clint Eastwood.m4a
2014-10-23 02:07 - 2014-10-23 02:07 - 02766199 _____ () C:\Users\Tristan\Desktop\Gorillaz - Feel Good Inc (Animatic).m4a
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 21:52 - 2012-05-05 14:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-20 21:33 - 2012-08-30 09:07 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000UA.job
2014-11-20 21:33 - 2012-08-30 09:07 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000Core.job
2014-11-20 21:32 - 2013-04-11 11:25 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 21:31 - 2012-05-04 16:38 - 00000000 ____D () C:\Users\Tristan\AppData\Roaming\Skype
2014-11-20 20:32 - 2014-09-21 20:17 - 00000000 ____D () C:\Users\Tristan\AppData\Roaming\Spotify
2014-11-20 18:07 - 2012-08-06 14:38 - 00000000 ____D () C:\Users\Tristan\AppData\Roaming\TS3Client
2014-11-20 16:32 - 2013-04-11 11:25 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-20 15:04 - 2011-11-22 23:28 - 01518922 _____ () C:\Windows\WindowsUpdate.log
2014-11-20 13:20 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-20 13:20 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-20 13:19 - 2011-11-19 19:33 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-11-20 13:19 - 2011-11-19 19:33 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-11-20 13:19 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 13:13 - 2014-09-21 20:18 - 00000000 ____D () C:\Users\Tristan\AppData\Local\Spotify
2014-11-20 13:13 - 2012-05-04 16:37 - 00000000 ____D () C:\ProgramData\clear.fi
2014-11-20 13:13 - 2009-07-14 05:51 - 00428496 _____ () C:\Windows\setupact.log
2014-11-20 13:12 - 2013-06-08 13:38 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-11-20 13:12 - 2013-06-03 20:06 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-11-20 13:12 - 2011-11-22 23:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-20 13:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-19 00:04 - 2014-10-17 00:48 - 00000000 ____D () C:\Users\Tristan\Desktop\rito style
2014-11-18 18:41 - 2012-05-04 17:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-15 20:08 - 2013-08-14 16:18 - 00000000 ____D () C:\Users\Tristan\Desktop\memes
2014-11-15 19:10 - 2014-05-15 14:18 - 00000000 ____D () C:\Users\Tristan\Desktop\Playlist
2014-11-14 12:44 - 2013-08-11 19:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-14 12:43 - 2013-09-17 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-14 12:43 - 2013-09-17 22:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-14 12:41 - 2012-06-09 20:40 - 00000000 ____D () C:\Users\Tristan\AppData\Local\Akamai
2014-11-14 12:36 - 2014-04-12 01:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-13 21:28 - 2012-08-30 09:07 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000UA
2014-11-13 21:28 - 2012-08-30 09:07 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1001276524-3305491395-1145697322-1000Core
2014-11-13 10:45 - 2013-09-17 22:29 - 00000000 ____D () C:\ProgramData\Avira
2014-11-12 16:27 - 2013-04-11 11:25 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 16:27 - 2013-04-11 11:25 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 14:52 - 2012-05-05 14:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 14:52 - 2012-05-05 14:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 14:52 - 2011-07-11 05:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 18:51 - 2012-05-04 16:26 - 00000000 ____D () C:\Users\Tristan
2014-11-11 18:39 - 2012-05-04 17:32 - 00000000 ____D () C:\Users\Tristan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-02 09:59 - 2013-12-06 23:21 - 00000000 ____D () C:\Users\Tristan\AppData\Local\Razer
2014-11-02 09:59 - 2013-12-06 23:21 - 00000000 ____D () C:\ProgramData\Razer
2014-11-02 09:59 - 2013-12-06 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-11-02 09:59 - 2013-12-06 23:21 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-10-31 09:29 - 2012-10-06 15:02 - 00000000 ____D () C:\ProgramData\Origin
2014-10-31 09:29 - 2012-10-06 15:00 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-30 13:52 - 2014-03-08 19:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-30 13:52 - 2011-07-11 04:41 - 00000000 ____D () C:\ProgramData\Skype
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-25 04:21 - 2014-04-01 10:48 - 00001146 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-10-25 04:16 - 2011-07-11 04:45 - 00264070 _____ () C:\Windows\DirectX.log
2014-10-25 02:51 - 2013-07-07 18:19 - 00000000 ____D () C:\Users\Tristan\AppData\Roaming\.minecraft
Some content of TEMP:
====================
C:\Users\Tristan\AppData\Local\Temp\AskSLib.dll
C:\Users\Tristan\AppData\Local\Temp\AutoRun.exe
C:\Users\Tristan\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Tristan\AppData\Local\Temp\AVG.exe
C:\Users\Tristan\AppData\Local\Temp\avgnt.exe
C:\Users\Tristan\AppData\Local\Temp\avguidx.dll
C:\Users\Tristan\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Tristan\AppData\Local\Temp\BrokerMediumIntegrity.exe
C:\Users\Tristan\AppData\Local\Temp\COMAP.EXE
C:\Users\Tristan\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Tristan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Tristan\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Tristan\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Tristan\AppData\Local\Temp\drm_dyndata_7390006.dll
C:\Users\Tristan\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Tristan\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Tristan\AppData\Local\Temp\EAInstall.dll
C:\Users\Tristan\AppData\Local\Temp\eauninstall.exe
C:\Users\Tristan\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe
C:\Users\Tristan\AppData\Local\Temp\FreemakeVideoDownloader_3.5.4.0.exe
C:\Users\Tristan\AppData\Local\Temp\FreemakeYoutubeMp3Converter_3.5.4.0.exe
C:\Users\Tristan\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Tristan\AppData\Local\Temp\GUninstaller.exe
C:\Users\Tristan\AppData\Local\Temp\Gw2.exe
C:\Users\Tristan\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Tristan\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Tristan\AppData\Local\Temp\i4jdel1.exe
C:\Users\Tristan\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Tristan\AppData\Local\Temp\installerdll10830088.dll
C:\Users\Tristan\AppData\Local\Temp\installhelper.dll
C:\Users\Tristan\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.6-R0.1-b2561jnks.dll
C:\Users\Tristan\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.6-R0.3-b2586jnks.dll
C:\Users\Tristan\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Tristan\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.1-R0.1-21-g49b0699-b2754jnks.dll
C:\Users\Tristan\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R0.1-1-g53734d2-b2774jnks.dll
C:\Users\Tristan\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R0.1-b2771jnks.dll
C:\Users\Tristan\AppData\Local\Temp\jansi-32-git-MCPC-unknown.dll
C:\Users\Tristan\AppData\Local\Temp\jline_git-Bukkit-0_0_0-700-gf3ae4c3-b733jnks.dll
C:\Users\Tristan\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Tristan\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Tristan\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tristan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tristan\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Tristan\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Tristan\AppData\Local\Temp\Nexus%20Mod%20Manager-0.45.7.exe
C:\Users\Tristan\AppData\Local\Temp\Nexus%20Mod%20Manager-0.51.0.exe
C:\Users\Tristan\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Tristan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Tristan\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Tristan\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Tristan\AppData\Local\Temp\nvStInst.exe
C:\Users\Tristan\AppData\Local\Temp\oi_{E5A4DB61-A98C-470E-B24E-79C158988072}.exe
C:\Users\Tristan\AppData\Local\Temp\ose00000.exe
C:\Users\Tristan\AppData\Local\Temp\patchw32.dll
C:\Users\Tristan\AppData\Local\Temp\Quarantine.exe
C:\Users\Tristan\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Tristan\AppData\Local\Temp\SHSetup.exe
C:\Users\Tristan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tristan\AppData\Local\Temp\sonarinst.exe
C:\Users\Tristan\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Tristan\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Tristan\AppData\Local\Temp\su-setup.exe
C:\Users\Tristan\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Tristan\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\Tristan\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Tristan\AppData\Local\Temp\Tsu-0728.dll
C:\Users\Tristan\AppData\Local\Temp\uninst1.exe
C:\Users\Tristan\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Tristan\AppData\Local\Temp\Uninstaller-3828.exe
C:\Users\Tristan\AppData\Local\Temp\Uninstaller-5916.exe
C:\Users\Tristan\AppData\Local\Temp\Uninstaller-6340.exe
C:\Users\Tristan\AppData\Local\Temp\Uninstaller-6436.exe
C:\Users\Tristan\AppData\Local\Temp\Uninstaller-6720.exe
C:\Users\Tristan\AppData\Local\Temp\Uninstaller-6964.exe
C:\Users\Tristan\AppData\Local\Temp\UnityWebPlayer5247953315609684129.exe
C:\Users\Tristan\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Tristan\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\Tristan\AppData\Local\Temp\WSSetup.exe
C:\Users\Tristan\AppData\Local\Temp\YgoUpdater.exe
C:\Users\Tristan\AppData\Local\Temp\_is409A.exe
C:\Users\Tristan\AppData\Local\Temp\_is7CC.exe
C:\Users\Tristan\AppData\Local\Temp\_is9D6F.exe
C:\Users\Tristan\AppData\Local\Temp\_isD174.exe
C:\Users\Tristan\AppData\Local\Temp\_isF4AC.exe
C:\Users\Tristan\AppData\Local\Temp\_isF64F.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 17:26
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- |
So funktioniert es: