| sonny696 | 27.11.2014 19:13 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Sonny (administrator) on SONNY-PC on 27-11-2014 22:58:13
Running from C:\Users\Sonny\Desktop
Loaded Profiles: Sonny & UpdatusUser & postgres (Available profiles: Sonny & UpdatusUser & postgres & LogMeInRemoteUser)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Microsoft Corporation) C:\Windows\System32\DFDWiz.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dell) C:\Users\Sonny\AppData\Local\Apps\2.0\DKK74V8N.W12\K5GVQJP1.ZOZ\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Waterfox Ltd) C:\Program Files\Waterfox\waterfox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-12-11] (LogMeIn, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-01] (Intel Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\Run: [SkyDrive] => C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-26] (Microsoft Corporation)
HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\Run: [GoTrusted] => C:\Program Files (x86)\GoTrusted.com\GoTrusted Secure Tunnel v2.3.7.5\GoTrusted Secure Tunnel.exe [216224 2014-07-21] (GoTrusted.com)
HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\Run: [DellSystemDetect] => C:\Users\Sonny\AppData\Local\Apps\2.0\DKK74V8N.W12\K5GVQJP1.ZOZ\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-10] (Dell)
HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\MountPoints2: {6759b240-637b-11e4-9f89-ba6b178e6f2b} - E:\SISetup.exe
HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\MountPoints2: {8ec812da-6a3c-11e4-9cf0-9bfa9ddc622a} - E:\AutoRun.exe
Startup: C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Vito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2286107830-123670605-936515880-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-2286107830-123670605-936515880-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {30289222-1788-427B-8E9B-98F8AB1A67A9} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {30289222-1788-427B-8E9B-98F8AB1A67A9} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2286107830-123670605-936515880-1000 -> 7FA97DCF88FE42789FA1A83937DB82A3 URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2286107830-123670605-936515880-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2286107830-123670605-936515880-1000 -> {AD73211A-3FF7-40F4-B9D7-83A01515B0B7} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=1a9ce509-05b9-42cc-9cee-cfb6c4485d00&apn_sauid=60D6BE16-C589-4EC2-BFD8-45E35815191C
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.101.254
FireFox:
========
FF ProfilePath: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default\searchplugins\google-maps.xml
FF Extension: DownloadHelper - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-09]
FF Extension: Evernote Web Clipper - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-03-17]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-07-18]
FF Extension: Quick Translator - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-03-17]
FF Extension: Adblock Plus - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\bxn4copm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-17]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-03-17]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-17]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-03-17]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\anti_banner@kaspersky.com [2014-03-17]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\online_banking@kaspersky.com [2014-03-17]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376168 2014-10-31] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-10-31] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-12-11] (LogMeIn, Inc.)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-04-14] (The OpenVPN Project)
R2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AppleCamera; C:\Windows\System32\DRIVERS\AppleCamera.sys [1793664 2013-12-04] (Apple Inc.)
R3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [12288 2013-09-06] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [39424 2013-09-06] (Apple Inc.)
S3 AppleODD; C:\Windows\System32\DRIVERS\AppleODD.sys [8704 2012-12-23] (Apple Inc.)
S3 AppleSDR; C:\Windows\System32\DRIVERS\AppleSDR.sys [12800 2013-09-04] (Apple Inc.)
R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFD.sys [56720 2013-10-17] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\System32\DRIVERS\CSUFD.sys [11928 2013-10-17] (Cirrus Logic Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-17] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-03-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-03-17] (Kaspersky Lab ZAO)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-31] (Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 22:58 - 2014-11-27 22:58 - 00022020 _____ () C:\Users\Sonny\Desktop\FRST.txt
2014-11-27 22:57 - 2014-11-27 22:58 - 00000000 ____D () C:\FRST
2014-11-27 22:57 - 2014-11-27 22:57 - 02117632 _____ (Farbar) C:\Users\Sonny\Desktop\FRST64.exe
2014-11-27 20:35 - 2014-11-27 20:42 - 73930975 _____ () C:\Users\Sonny\Desktop\AdvancedPLO.zip
2014-11-25 18:57 - 2014-11-25 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-11-25 18:04 - 2014-11-25 18:04 - 00017432 _____ () C:\Users\Sonny\Desktop\PHIL Abrechnungen marko 1.ods
2014-11-23 23:51 - 2014-11-23 23:51 - 00024620 _____ () C:\Users\Sonny\Desktop\141123_Omaha__Wahrscheinlichkeiten.xlsx
2014-11-22 21:23 - 2014-11-22 21:23 - 00008344 _____ () C:\Users\Sonny\Desktop\thailand pro contra.xlsx
2014-11-22 14:09 - 2014-11-11 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-22 14:09 - 2014-11-11 10:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-22 14:09 - 2014-11-11 09:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-22 14:09 - 2014-11-11 09:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-21 12:54 - 2014-11-21 13:28 - 796523383 _____ () C:\Users\Sonny\Desktop\Secrets Of Social Conditioning & Becoming Who You Really Are!(720p_H.264-AAC).mp4
2014-11-19 15:25 - 2014-11-23 21:53 - 00009755 _____ () C:\Users\Sonny\Desktop\Thailand abrechnung.xlsx
2014-11-18 00:33 - 2014-11-18 00:39 - 00000071 _____ () C:\Users\Sonny\Documents\oddsOracleMacros.csv
2014-11-16 16:49 - 2014-11-23 18:18 - 00001956 _____ () C:\Users\Public\Desktop\Stars Modded.lnk
2014-11-16 16:10 - 2014-11-16 16:10 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tiltbuster - PokerStars Table Mods
2014-11-16 16:02 - 2014-11-16 16:10 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-11-16 16:01 - 2014-11-16 16:02 - 09948826 _____ (Bar Nuthin
2014-11-15 00:02 - 2014-11-15 00:02 - 00027251 _____ () C:\Users\Sonny\Desktop\PLO ANDI Oracle.xlsx
2014-11-14 00:16 - 2014-11-14 00:18 - 00027758 _____ () C:\Users\Sonny\Desktop\141113_Oil_Invest_Matrix_Marko.xlsx
2014-11-13 15:32 - 2014-11-13 15:32 - 00017104 _____ () C:\Users\Sonny\Desktop\141113_HRO_Vertrag.odt
2014-11-12 19:26 - 2014-11-12 19:26 - 00001724 _____ () C:\Users\Public\Desktop\AIS 3G Pocket Wifi.lnk
2014-11-12 19:26 - 2014-11-12 19:26 - 00001160 _____ () C:\Users\Public\Desktop\Online Service.lnk
2014-11-12 19:26 - 2014-11-12 19:26 - 00000000 ____D () C:\ProgramData\MobileBrServ
2014-11-12 19:26 - 2014-11-12 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIS 3G Pocket Wifi
2014-11-12 09:55 - 2014-11-12 09:56 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\TableNinja.v2
2014-11-12 09:55 - 2014-11-12 09:55 - 00003025 _____ () C:\Users\Sonny\Desktop\TableNinja v2.lnk
2014-11-12 09:55 - 2014-11-12 09:55 - 00002985 _____ () C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-11-12 09:55 - 2014-11-12 09:55 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-11-12 09:52 - 2014-11-12 09:52 - 04307456 _____ () C:\Users\Sonny\Downloads\TN2Update2.3.173.msi
2014-11-12 07:00 - 2014-10-28 03:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:00 - 2014-10-28 03:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:00 - 2014-10-28 03:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:00 - 2014-10-28 03:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:00 - 2014-10-28 03:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:00 - 2014-10-28 03:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:00 - 2014-10-28 03:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 07:00 - 2014-10-28 03:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:00 - 2014-10-28 03:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:00 - 2014-10-28 03:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 07:00 - 2014-10-28 03:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:00 - 2014-10-28 03:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:00 - 2014-10-28 03:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:00 - 2014-10-28 03:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:00 - 2014-10-28 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:00 - 2014-10-28 03:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:00 - 2014-10-28 03:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:00 - 2014-10-28 03:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:00 - 2014-10-28 03:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 07:00 - 2014-10-28 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 07:00 - 2014-10-28 03:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 07:00 - 2014-10-28 02:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:00 - 2014-10-28 02:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:00 - 2014-10-28 02:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:00 - 2014-10-28 01:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:00 - 2014-10-28 01:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:00 - 2014-10-28 01:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:00 - 2014-10-28 01:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 07:00 - 2014-10-28 01:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:00 - 2014-10-28 01:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:00 - 2014-10-28 01:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 07:00 - 2014-10-28 01:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:00 - 2014-10-28 01:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:00 - 2014-10-28 01:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:00 - 2014-10-28 01:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:00 - 2014-10-28 01:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:00 - 2014-10-28 01:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:00 - 2014-10-28 01:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:00 - 2014-10-28 01:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 07:00 - 2014-10-28 01:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 07:00 - 2014-10-28 01:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 07:00 - 2014-10-28 01:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:00 - 2014-10-14 09:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:00 - 2014-10-14 09:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:00 - 2014-10-14 09:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:00 - 2014-10-14 09:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:00 - 2014-10-14 09:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:00 - 2014-10-14 08:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:00 - 2014-10-14 08:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:00 - 2014-10-14 08:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:00 - 2014-10-14 08:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:00 - 2014-08-21 13:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:00 - 2014-08-21 13:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:00 - 2014-08-21 13:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:00 - 2014-08-21 13:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:00 - 2014-08-12 09:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:00 - 2014-08-12 08:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 06:55 - 2014-10-25 08:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 06:55 - 2014-10-25 08:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 06:55 - 2014-10-18 09:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 06:55 - 2014-10-18 08:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 06:55 - 2014-10-10 07:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 06:55 - 2014-10-03 09:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 06:55 - 2014-10-03 09:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 06:55 - 2014-10-03 09:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 06:55 - 2014-10-03 09:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 06:55 - 2014-10-03 09:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 06:55 - 2014-10-03 08:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 06:55 - 2014-10-03 08:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 06:55 - 2014-10-03 08:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 06:55 - 2014-09-19 16:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 06:55 - 2014-09-19 16:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 06:55 - 2014-09-19 16:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 06:55 - 2014-09-19 16:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 06:55 - 2014-09-19 16:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 06:55 - 2014-09-19 16:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 06:55 - 2014-09-19 16:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 06:55 - 2014-09-19 16:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 06:55 - 2014-09-19 16:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 06:55 - 2014-09-19 16:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 06:55 - 2014-09-19 16:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 06:55 - 2014-09-19 16:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-10 04:20 - 2014-11-10 04:20 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-11-10 04:12 - 2014-11-10 05:19 - 00000000 ____D () C:\Users\Sonny\AppData\Local\Deployment
2014-11-10 04:12 - 2014-11-10 04:12 - 00000000 ____D () C:\Users\Sonny\AppData\Local\Apps\2.0
2014-11-10 04:11 - 2014-11-10 04:12 - 00417064 _____ () C:\Users\Sonny\Downloads\DellSystemDetect.exe
2014-11-08 01:46 - 2014-11-08 01:47 - 174569431 _____ () C:\Users\Sonny\Desktop\video_2Fpublic_2Frestricted_2FTackleberry_Darth_Vader_The_Ne.mp4
2014-11-08 01:46 - 2014-11-08 01:46 - 25564477 _____ () C:\Users\Sonny\Desktop\Sie_nannten_es_GTO_V3_QS_hdr.mp4
2014-11-08 01:45 - 2014-11-08 01:46 - 115159219 _____ () C:\Users\Sonny\Desktop\CREV_Basics_Part_2.mp4
2014-11-08 01:45 - 2014-11-08 01:45 - 74047327 _____ () C:\Users\Sonny\Desktop\FCREV_Basics_DE_Part_1_hdr.mp4
2014-11-08 01:44 - 2014-11-08 01:45 - 107242463 _____ () C:\Users\Sonny\Desktop\CREV_Basics_Part_3_hdr.mp4
2014-11-08 00:39 - 2014-11-08 00:39 - 00000000 ____D () C:\Users\Sonny\Documents\Fax
2014-11-08 00:11 - 2014-11-08 00:11 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-11-08 00:11 - 2012-03-14 12:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL
2014-11-07 23:49 - 2014-11-07 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-11-07 23:49 - 2014-11-07 23:49 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-11-07 23:48 - 2014-11-07 23:48 - 49819216 _____ () C:\Users\Sonny\Downloads\mpnx_4_0-win-4_03-ea23_2.exe
2014-11-07 12:51 - 2014-11-07 12:52 - 67856800 _____ () C:\Users\Sonny\Downloads\Deine Mutter.wav
2014-11-05 12:44 - 2014-11-05 12:44 - 00110589 _____ () C:\Users\Sonny\Downloads\Accommodation Research - Thailand (November) v.6.xlsx
2014-11-05 03:51 - 2014-11-05 03:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_mvusbews_01009.Wdf
2014-11-05 03:51 - 2014-11-05 03:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-05 03:51 - 2012-09-27 07:30 - 00126880 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2014-11-05 03:51 - 2012-08-31 22:03 - 01696256 _____ () C:\Windows\system32\HP1100SM.EXE
2014-11-05 03:51 - 2012-08-31 22:03 - 00288768 _____ () C:\Windows\system32\HP1100LM.DLL
2014-11-05 03:50 - 2014-11-05 03:50 - 00000000 ____D () C:\Program Files\HP
2014-11-05 03:50 - 2012-09-26 12:45 - 00082944 _____ () C:\Windows\system32\mvusbews.dll
2014-11-05 03:50 - 2012-09-26 12:45 - 00056832 _____ () C:\Windows\system32\HP1100SMs.dll
2014-11-05 03:50 - 2012-09-26 12:45 - 00020480 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys
2014-11-05 03:50 - 2012-08-31 14:10 - 00350720 _____ () C:\Windows\system32\mvhlewsi.dll
2014-11-02 06:16 - 2014-11-10 00:35 - 00000000 ____D () C:\Users\Sonny\Desktop\Versicherung
2014-11-02 06:04 - 2014-11-02 06:05 - 00000000 ____D () C:\Users\Sonny\Desktop\Jonas
2014-11-01 14:39 - 2014-11-01 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2014-11-01 08:46 - 2014-11-23 00:34 - 00000000 ____D () C:\Users\Sonny\Documents\My Kindle Content
2014-11-01 08:46 - 2014-11-01 08:46 - 00002197 _____ () C:\Users\Sonny\Desktop\Kindle.lnk
2014-11-01 08:46 - 2014-11-01 08:46 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-11-01 08:46 - 2014-11-01 08:46 - 00000000 ____D () C:\Users\Sonny\AppData\Local\Amazon
2014-11-01 08:45 - 2014-11-01 08:45 - 38157960 _____ (Amazon.com) C:\Users\Sonny\Downloads\KindleForPC-installer.exe
2014-10-31 23:52 - 2014-10-31 23:52 - 00000000 ____D () C:\Program Files (x86)\Winamax Poker
2014-10-31 23:48 - 2014-10-31 23:48 - 00063919 _____ () C:\Users\Sonny\Desktop\My HUD.xml
2014-10-31 22:45 - 2014-10-31 22:55 - 00000000 ____D () C:\Users\Sonny\Desktop\Abrechnungen
2014-10-31 12:22 - 2014-11-05 03:21 - 00000000 ____D () C:\Users\Sonny\Desktop\tai lopez
2014-10-30 11:28 - 2014-10-30 11:28 - 00114251 _____ () C:\Users\Sonny\Desktop\Accommodation Research - Thailand (November) v.5.xlsx
Tiltbuster.com) C:\Users\Sonny\Desktop\MightyMouse-Stars.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 22:56 - 2014-03-17 03:45 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Skype
2014-11-27 22:27 - 2014-04-30 00:30 - 00005136 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Sonny-PC-Sonny Sonny-PC
2014-11-27 22:15 - 2014-04-21 04:02 - 00000000 ___RD () C:\Users\Sonny\OneDrive
2014-11-27 22:14 - 2009-07-14 11:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-27 22:14 - 2009-07-14 11:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-27 22:11 - 2014-03-16 17:32 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 22:11 - 2014-03-16 17:32 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 22:11 - 2009-07-14 12:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-27 22:10 - 2014-03-16 08:40 - 01365278 _____ () C:\Windows\WindowsUpdate.log
2014-11-27 22:07 - 2014-03-17 01:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-27 22:07 - 2014-03-17 00:34 - 00000000 ____D () C:\Users\postgres.Sonny-PC
2014-11-27 22:07 - 2014-03-16 08:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-27 22:07 - 2009-07-14 12:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-27 22:07 - 2009-07-14 11:51 - 00077189 _____ () C:\Windows\setupact.log
2014-11-27 20:46 - 2014-10-08 05:05 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\HoldemManager
2014-11-27 20:46 - 2014-03-17 18:18 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\KeePass
2014-11-27 20:45 - 2014-03-17 00:48 - 00000000 ____D () C:\Users\Sonny\AppData\Local\PokerStars.EU
2014-11-23 21:23 - 2013-11-22 02:27 - 00147456 _____ () C:\Users\Sonny\Desktop\Preflop-Chart Omaha allsheets (2).xls
2014-11-21 19:05 - 2014-03-17 01:03 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker.Eu
2014-11-21 17:14 - 2014-03-17 17:38 - 00000000 ____D () C:\Users\Sonny\AppData\Local\PokerStars.FR
2014-11-16 16:26 - 2014-03-17 00:48 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-11-16 06:23 - 2012-05-23 04:08 - 00000000 ____D () C:\HM2Archive
2014-11-15 21:50 - 2010-11-21 10:47 - 00053990 _____ () C:\Windows\PFRO.log
2014-11-15 11:57 - 2014-04-21 03:49 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-14 22:36 - 2013-07-31 23:15 - 00000000 ____D () C:\Users\Sonny\Desktop\runnitonce
2014-11-12 14:58 - 2009-07-14 10:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 14:21 - 2009-07-14 11:45 - 00339048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 10:01 - 2014-03-17 22:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 10:00 - 2014-03-17 22:51 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 09:43 - 2014-10-08 05:02 - 00001096 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-11-12 09:43 - 2014-10-08 05:02 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-11-11 22:45 - 2009-07-14 10:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-09 13:24 - 2014-04-01 22:42 - 00000000 ____D () C:\Users\Sonny\AppData\Local\AuxClient
2014-11-09 09:01 - 2013-10-30 18:34 - 00000000 ____D () C:\Users\Sonny\Desktop\programme
2014-11-08 01:00 - 2013-10-30 18:34 - 00000000 ____D () C:\Users\Sonny\Desktop\fotos
2014-11-07 15:40 - 2014-03-18 22:31 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-11-06 21:44 - 2014-03-17 01:03 - 00000000 ____D () C:\Users\Sonny\AppData\Local\FullTiltPoker.eu
2014-11-06 17:48 - 2014-03-18 22:32 - 00001012 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-11-06 17:48 - 2014-03-18 22:31 - 00000996 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-11-05 04:36 - 2013-12-09 11:15 - 00004510 _____ () C:\Users\Sonny\Documents\NewDatabase.kdbx
2014-11-05 02:12 - 2013-10-30 19:38 - 00000000 ____D () C:\Users\Sonny\Desktop\poker
2014-11-05 00:07 - 2014-03-17 03:45 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-05 00:07 - 2014-03-17 03:45 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 14:30 - 2010-11-21 10:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 04:56 - 2014-03-18 22:31 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-11-03 04:46 - 2014-03-17 17:38 - 00000000 ____D () C:\Program Files (x86)\PokerStars.FR
2014-11-02 06:33 - 2014-09-11 20:33 - 00000000 ___RD () C:\Users\Sonny\Desktop\musik
2014-11-02 06:28 - 2014-03-17 00:42 - 00011735 _____ () C:\Users\Sonny\Desktop\plo txt.odt
2014-11-02 06:23 - 2012-05-23 03:55 - 00000000 ____D () C:\Users\Sonny\Desktop\rest
2014-11-02 06:22 - 2014-03-17 02:36 - 00000000 ____D () C:\BestPokerClassic
2014-11-01 14:39 - 2014-03-17 00:38 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2014-11-01 14:39 - 2014-03-17 00:38 - 00001531 _____ () C:\Users\Sonny\Desktop\partypoker.lnk
2014-11-01 14:39 - 2009-07-14 12:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-31 23:52 - 2014-05-05 07:32 - 00000941 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamax Poker.lnk
2014-10-31 23:52 - 2014-05-05 07:32 - 00000929 _____ () C:\Users\Public\Desktop\Winamax Poker.lnk
2014-10-31 22:49 - 2014-04-21 22:13 - 01461101 _____ () C:\Users\Sonny\Desktop\Marko_Excel.xlsx
2014-10-31 18:55 - 2014-03-18 22:32 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2014-10-31 18:54 - 2014-03-18 22:32 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2014-10-31 18:54 - 2014-03-18 22:31 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2014-10-31 12:12 - 2014-03-17 00:13 - 00000000 ____D () C:\Program Files\Waterfox
2014-10-29 08:19 - 2014-03-17 00:13 - 00000000 ____D () C:\Users\Sonny\AppData\Local\Mozilla
Some content of TEMP:
====================
C:\Users\Sonny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpntr1dn.dll
C:\Users\Sonny\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Sonny\AppData\Local\Temp\i4jdel0.exe
C:\Users\Sonny\AppData\Local\Temp\siinst.exe
C:\Users\Sonny\AppData\Local\Temp\SIInvoker.exe
C:\Users\Sonny\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sonny\AppData\Local\Temp\strings.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 02:21
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Sonny at 2014-11-27 22:58:35
Running from C:\Users\Sonny\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bestpoker Classic 1.0.0 (HKLM-x32\...\Bestpoker Classic_is1) (Version: 1.0.0 - bestpoker_classic)
Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.1.5640 - Apple Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Dell System Detect (HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\73f463568823ebbe) (Version: 5.12.0.3 - Dell)
Dropbox (HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\Dropbox) (Version: 2.8.3 - Dropbox, Inc.)
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 5.6.20.WIN.FullTilt.EU - )
GoTrusted Secure Tunnel v2.3.7.5 (HKLM-x32\...\{450AB3A8-679B-431D-AF52-FFA7A7EBD345}) (Version: 2.3.0075 - GoTrusted.com)
HMA! Pro VPN 2.8.6.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.6.0 - Privax Ltd)
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)
LogMeIn (HKLM-x32\...\{F8511796-1457-4A92-BEF7-71080FCF297A}) (Version: 4.1.4132 - LogMeIn, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Excel 2013 - de-de (HKLM\...\ExcelRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2286107830-123670605-936515880-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.01.127 - Huawei Technologies Co.,Ltd)
NVIDIA 3D Vision Treiber 332.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.28 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Package: Mighty Mouse Theme for PokerStars (HKLM-x32\...\MightyMouseThemeforPokerStars41) (Version: 1003.06.24.2014 - Bar Nuthin | Tiltbuster.com)
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version: - PokerStars.fr)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
ProPokerTools Odds Oracle 2.2.6 (HKLM\...\5992-1726-3179-3433) (Version: 2.2.6 - ProPokerTools)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
TN2 (HKLM-x32\...\{CD363783-DE26-4E13-91EE-BC0CBF00D942}) (Version: 2.3.173 - PASG)
Waterfox 32.0.3 (x64 en-US) (HKLM\...\Waterfox 32.0.3 (x64 en-US)) (Version: 32.0.3 - Mozilla)
Winamax Poker (HKLM-x32\...\wameu.04351C371E530C3762CBA45FA283ED972DCDEFB6.1) (Version: 3.2.1.1414419332 - Winamax)
Winamax Poker (x32 Version: 3.2.1 - Winamax) Hidden
Windows-Treiberpaket - Apple Inc. (AppleCamera) Image (11/21/2013 5.0.22.0) (HKLM\...\1FCF3C93707C46D648F0B00E216A55E96DEB5A17) (Version: 11/21/2013 5.0.22.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/10/2014 5.0.8.0) (HKLM\...\ABCCA6C3F97A148D7C69114CB55DFA9D46053BEA) (Version: 01/10/2014 5.0.8.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom)
Windows-Treiberpaket - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA (10/03/2013 6.6001.3.13) (HKLM\...\9EBC96DD99F2C854D540FBF6A16A557BADDBC228) (Version: 10/03/2013 6.6001.3.13 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows-Treiberpaket - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows-Treiberpaket - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows-Treiberpaket - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows-Treiberpaket - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows-Treiberpaket - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2286107830-123670605-936515880-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
18-11-2014 10:06:14 Windows Update
22-11-2014 07:09:17 Windows Update
23-11-2014 03:13:16 Windows Update
25-11-2014 11:57:01 Installed Evernote v. 5.7.2
26-11-2014 04:20:49 Windows Update
27-11-2014 13:42:31 Windows-Sicherung
27-11-2014 13:46:38 Windows-Sicherung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 09:34 - 2009-06-11 04:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {06B1EBBC-2BDA-49EE-8753-C9B4D014EDFB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {15444C07-DCE9-457F-A46B-075A2163A0B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {586E298A-9039-40AA-BB08-5B3980093C71} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Sonny-PC-Sonny Sonny-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-23] (Microsoft Corporation)
Task: {CFF7C8FB-2711-4429-BD8C-B7052483D00B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E7972875-D36C-46C1-ACFD-8EB5D17DAC5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {F5D3782F-3F75-4602-AB08-C69042D9F882} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
==================== Loaded Modules (whitelisted) =============
2014-11-05 03:51 - 2012-08-31 22:03 - 00288768 _____ () C:\Windows\System32\HP1100LM.DLL
2014-11-05 03:51 - 2012-08-31 22:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2014-02-06 18:36 - 2014-02-06 18:36 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe
2014-03-16 08:51 - 2013-12-25 03:49 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-21 03:49 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-12 19:26 - 2014-02-15 13:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2014-03-17 00:34 - 2012-09-21 14:55 - 00217600 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll
2014-03-17 00:34 - 2012-08-14 19:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll
2014-03-17 00:13 - 2014-10-28 09:11 - 07638816 _____ () C:\Program Files\Waterfox\mozjs.dll
2013-06-17 18:35 - 2013-06-17 18:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 20:52 - 2013-05-08 20:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2014-09-26 01:12 - 2014-09-26 01:12 - 00081056 _____ () C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-09-26 01:12 - 2014-09-26 01:12 - 00081056 _____ () C:\Users\Sonny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-11-19 22:14 - 2014-11-19 22:14 - 00438336 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-11-19 22:14 - 2014-11-19 22:14 - 00320064 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-03-16 08:55 - 2014-01-31 23:54 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-15 11:56 - 2014-11-15 11:56 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2286107830-123670605-936515880-500 - Administrator - Disabled)
Gast (S-1-5-21-2286107830-123670605-936515880-501 - Limited - Disabled)
LogMeInRemoteUser (S-1-5-21-2286107830-123670605-936515880-1003 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
postgres (S-1-5-21-2286107830-123670605-936515880-1002 - Limited - Enabled) => C:\Users\postgres.Sonny-PC
Sonny (S-1-5-21-2286107830-123670605-936515880-1000 - Administrator - Enabled) => C:\Users\Sonny
UpdatusUser (S-1-5-21-2286107830-123670605-936515880-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2014 10:14:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Dropbox.exe, Version 2.8.3.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: eb0
Startzeit: 01d00a53d2c596f1
Endzeit: 0
Anwendungspfad: C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
Berichts-ID: 042a77ac-7648-11e4-bdbc-f73433b1b52d
Error: (11/27/2014 10:08:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/27/2014 08:47:28 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Zugriff verweigert (0x80070005)"
Error: (11/27/2014 08:43:20 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Zugriff verweigert (0x80070005)"
Error: (11/27/2014 11:17:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/24/2014 02:10:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/23/2014 06:46:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PPT Odds Oracle.exe, Version: 0.0.0.0, Zeitstempel: 0x50129648
Name des fehlerhaften Moduls: awt.dll, Version: 6.0.230.5, Zeitstempel: 0x4cdef4ce
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000000f9e9d
ID des fehlerhaften Prozesses: 0xcd8
Startzeit der fehlerhaften Anwendung: 0xPPT Odds Oracle.exe0
Pfad der fehlerhaften Anwendung: PPT Odds Oracle.exe1
Pfad des fehlerhaften Moduls: PPT Odds Oracle.exe2
Berichtskennung: PPT Odds Oracle.exe3
Error: (11/23/2014 06:46:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PPT Odds Oracle.exe, Version: 0.0.0.0, Zeitstempel: 0x50129648
Name des fehlerhaften Moduls: awt.dll, Version: 6.0.230.5, Zeitstempel: 0x4cdef4ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000f9e9d
ID des fehlerhaften Prozesses: 0xcd8
Startzeit der fehlerhaften Anwendung: 0xPPT Odds Oracle.exe0
Pfad der fehlerhaften Anwendung: PPT Odds Oracle.exe1
Pfad des fehlerhaften Moduls: PPT Odds Oracle.exe2
Berichtskennung: PPT Odds Oracle.exe3
Error: (11/23/2014 02:25:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2014 00:57:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/27/2014 10:07:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (11/27/2014 10:07:02 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video8CMDre 00000000 00000454 01200000 00000004 00000010
Error: (11/27/2014 11:15:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (11/27/2014 11:15:23 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video8CMDre 00000000 00000454 01200000 00000004 00000010
Error: (11/25/2014 10:31:19 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\000000adCMDre 00000000 00000454 01200000 00000004 00000010
Error: (11/24/2014 02:08:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (11/24/2014 02:08:18 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video8CMDre 00000000 00000454 01200000 00000004 00000010
Error: (11/23/2014 11:51:09 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video8CMDre 00000000 00000454 01200000 00000004 00000010
Error: (11/23/2014 02:23:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (11/23/2014 02:23:40 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video8CMDre 00000000 00000454 01200000 00000004 00000010
Microsoft Office Sessions:
=========================
Error: (11/27/2014 10:14:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Dropbox.exe2.8.3.0eb001d00a53d2c596f10C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe042a77ac-7648-11e4-bdbc-f73433b1b52d
Error: (11/27/2014 10:08:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/27/2014 08:47:28 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Zugriff verweigert (0x80070005)
Error: (11/27/2014 08:43:20 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Zugriff verweigert (0x80070005)
Error: (11/27/2014 11:17:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/24/2014 02:10:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/23/2014 06:46:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PPT Odds Oracle.exe0.0.0.050129648awt.dll6.0.230.54cdef4cec000041d00000000000f9e9dcd801d0070d0c3e45f7C:\Program Files\PPTOddsOracle\PPT Odds Oracle.exeC:\Program Files\PPTOddsOracle\jre\bin\awt.dll597bf2b0-7306-11e4-b4be-e2a09da6ef2b
Error: (11/23/2014 06:46:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PPT Odds Oracle.exe0.0.0.050129648awt.dll6.0.230.54cdef4cec000000500000000000f9e9dcd801d0070d0c3e45f7C:\Program Files\PPTOddsOracle\PPT Odds Oracle.exeC:\Program Files\PPTOddsOracle\jre\bin\awt.dll58200c10-7306-11e4-b4be-e2a09da6ef2b
Error: (11/23/2014 02:25:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2014 00:57:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-10-15 16:20:38.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 16:20:38.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 16:20:38.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 16:20:38.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 16:20:38.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 16:20:38.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 06:30:21.689
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 06:30:21.689
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 06:30:21.679
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 06:30:21.679
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4960HQ CPU @ 2.60GHz
Percentage of memory in use: 21%
Total physical RAM: 16292.68 MB
Available physical RAM: 12800.09 MB
Total Pagefile: 32583.54 MB
Available Pagefile: 25035.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (BOOTCAMP) (Fixed) (Total:486.15 GB) (Free:292.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Macintosh HD) (Fixed) (Total:444.89 GB) (Free:187.85 GB) HFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.8 GB) (Disk ID: 45030B1F)
Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=444.9 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=486.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit