FRST.txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by Patrick (administrator) on PATRICK-PC on 22-12-2014 06:06:16
Running from C:\Users\Patrick\Downloads
Loaded Profile: Patrick (Available profiles: Patrick & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ROCCAT GmbH) D:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(ROCCAT GmbH Co., Ltd.) D:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(hxxp://tortoisesvn.net) E:\Program Files\TortoiseSVN\bin\TSVNCache.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TuneUp Software) D:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(TuneUp Software) D:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(hxxp://tortoisesvn.net) E:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [RoccatIskuFX] => D:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-20] (Valve Corporation)
HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\MountPoints2: {33a40332-7eb0-11e4-8f58-20cf30f09cdc} - G:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
IFEO\AcroRd32.exe: [Debugger] "D:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "D:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hamachi-2-ui.exe: [Debugger] "D:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\zune.exe: [Debugger] "D:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk
ShortcutTarget: Roccat Talk.lnk -> C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe (Flexera Software LLC)
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-2601009374-1138354635-3863266767-1000] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {69EFBAC9-AC85-4CA4-A783-DE47C3D0C7C5} URL =
SearchScopes: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2601009374-1138354635-3863266767-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Patrick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2601009374-1138354635-3863266767-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-2601009374-1138354635-3863266767-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\searchplugins\google-maps.xml
FF Extension: Amazon-Icon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\Extensions\amazon-icon@giga.de [2013-11-11]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\Extensions\sparpilot@sparpilot.com [2014-09-29]
FF Extension: AntiGameOrigin - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\Extensions\antigameorigin@antigame.de.xpi [2013-09-25]
FF Extension: NoScript - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-08]
FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-13]
FF Extension: Greasemonkey - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-30]
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2013-07-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-05-23]
FF HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f6it2j0n.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR Profile: C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Patrick\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Patrick\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-10-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [807672 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-09] (Avira Operations GmbH & Co. KG)
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-03] ()
S4 Hamachi2Svc; E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2525008 2014-09-04] (LogMeIn Inc.)
R2 MBAMScheduler; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
S3 OpenVPNService; D:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-20] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-19] ()
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2010-07-08] (Softwareentwicklung Remus - ArchiCrypt) [File not signed]
S4 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-04-30] () [File not signed]
R2 TuneUp.UtilitiesSvc; D:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (TuneUp Software)
S4 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2009-10-06] (Tablet Driver) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2013-12-17] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15168 2012-03-10] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 PTSimBus; C:\Windows\System32\DRIVERS\PTSimBus.sys [28672 2007-06-07] (PenTablet Driver) [File not signed]
R3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2010-09-03] (Softwareentwicklung Remus - ArchiCrypt.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; D:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S0 easrmd; System32\drivers\tggpej.sys [X]
S0 lfsjj; System32\drivers\llmj.sys [X]
S0 melta; System32\drivers\etggkwq.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-22 06:06 - 2014-12-22 06:06 - 00021090 _____ () C:\Users\Patrick\Downloads\FRST.txt
2014-12-22 06:05 - 2014-12-22 06:06 - 00000000 ____D () C:\FRST
2014-12-22 06:05 - 2014-12-22 06:05 - 02122240 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2014-12-21 23:40 - 2014-12-21 23:40 - 00003480 ____N () C:\bootsqm.dat
2014-12-21 23:39 - 2014-12-21 23:39 - 00000000 __SHD () C:\found.004
2014-12-21 23:11 - 2014-12-21 23:11 - 00001628 _____ () C:\Users\Patrick\Desktop\mbam.txt
2014-12-21 23:05 - 2014-12-21 23:05 - 00009417 _____ () C:\Users\Patrick\Desktop\JRT.txt
2014-12-21 23:01 - 2014-12-21 23:01 - 01707646 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe
2014-12-21 23:01 - 2014-12-21 23:01 - 00000000 ____D () C:\Windows\ERUNT
2014-12-21 23:00 - 2014-12-21 23:00 - 02173952 _____ () C:\Users\Patrick\Downloads\AdwCleaner_4.106(1).exe
2014-12-21 22:47 - 2014-12-21 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-21 21:58 - 2014-12-21 21:58 - 00000000 ____D () C:\Users\Patrick\Documents\CAPCOM
2014-12-21 14:03 - 2014-12-21 14:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2014-12-21 14:01 - 2014-12-21 23:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\56C35C8D.sys
2014-12-19 21:37 - 2014-12-19 21:37 - 00359938 _____ () C:\Users\Patrick\Documents\ts3_clientui-win64-1407159763-2014-12-19 21_37_36.493616.dmp
2014-12-18 18:06 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 18:06 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 19:46 - 2014-12-15 19:46 - 00214242 _____ () C:\Users\Patrick\Downloads\SweetFX-Configurator_standalone_with_SweetFX_1.5.1.7z
2014-12-15 18:20 - 2014-12-15 18:20 - 00980041 _____ () C:\Users\Patrick\Downloads\Detailed Warframe v3 x64.zip
2014-12-15 18:18 - 2014-12-15 18:18 - 00019071 _____ () C:\Users\Patrick\Downloads\SweetFX_Settings_Warframe_Detailed Warframe v3.2 x64.txt
2014-12-15 17:41 - 2014-12-15 17:50 - 00000035 _____ () C:\Users\Patrick\Desktop\Weinachts Feier.txt
2014-12-14 21:40 - 2014-12-14 21:40 - 00000000 ____D () C:\Users\Patrick\Documents\Eigene Spiele
2014-12-13 19:56 - 2014-12-13 19:56 - 00002523 _____ () C:\Users\Patrick\Desktop\Profileditor.lnk
2014-12-13 18:28 - 2014-12-14 21:40 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Gas Powered Games
2014-12-13 17:32 - 2014-12-14 21:40 - 00035178 _____ () C:\Windows\DirectX.log
2014-12-11 16:35 - 2014-12-12 16:28 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\59B244E8.sys
2014-12-10 16:22 - 2014-12-10 16:22 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 07:26 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:26 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:26 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:26 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:26 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:26 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:26 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:26 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:26 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:26 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 06:58 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 06:58 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 06:58 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 06:58 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 06:58 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 06:58 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 06:58 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 06:58 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 06:58 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 06:58 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 06:58 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 06:58 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 06:58 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 06:58 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 06:58 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 06:58 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 06:58 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 06:58 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 06:58 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 06:58 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 06:58 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 06:58 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 06:58 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 06:58 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 06:58 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 06:58 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 06:58 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 06:58 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 06:58 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 06:58 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 06:58 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 06:58 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 06:58 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 06:58 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 06:58 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 06:58 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 06:58 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 06:58 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 06:58 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 06:58 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 06:58 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 06:58 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 06:58 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 06:58 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 06:58 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 06:58 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 06:58 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 06:58 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 06:58 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 06:58 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 06:58 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 06:58 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 06:58 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 06:58 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 06:57 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 06:57 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 06:57 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 06:57 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 06:57 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 06:52 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 06:52 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 06:52 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 06:52 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 06:52 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 06:52 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 06:52 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 06:52 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 06:52 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:52 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 06:52 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 06:52 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 06:52 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 06:52 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 18:28 - 2014-12-07 18:28 - 00000000 ____D () C:\Games
2014-12-07 18:03 - 2014-12-07 18:14 - 428322872 _____ () C:\Users\Patrick\Downloads\Generas_HD.rar
2014-12-07 01:42 - 2014-12-07 01:42 - 00048040 _____ () C:\Users\Patrick\Downloads\hideme_1149130.zip
2014-12-07 01:31 - 2014-12-07 01:31 - 01673304 _____ () C:\Users\Patrick\Downloads\openvpn-install-2.3.4-I002-i686.exe
2014-12-07 01:31 - 2014-12-07 01:31 - 00022631 _____ () C:\Users\Patrick\Downloads\steamkeys_config.zip
2014-12-07 01:15 - 2014-12-07 01:15 - 01174352 _____ () C:\Users\Patrick\Downloads\Hotspot Shield VPN - CHIP-Installer(1).exe
2014-12-07 01:14 - 2014-12-07 01:14 - 01174352 _____ () C:\Users\Patrick\Downloads\Hotspot Shield VPN - CHIP-Installer.exe
2014-12-06 15:24 - 2014-12-06 15:52 - 00064416 _____ () C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-06 13:59 - 2014-12-22 05:57 - 00019709 _____ () C:\Windows\setupact.log
2014-12-06 13:59 - 2014-12-07 15:06 - 00295392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 13:59 - 2014-12-06 13:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 13:58 - 2014-12-22 05:54 - 00053170 _____ () C:\Windows\PFRO.log
2014-12-06 13:50 - 2014-12-06 13:50 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-12-06 13:49 - 2014-12-06 13:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-12-06 04:45 - 2014-12-06 04:45 - 00000000 ____D () C:\Users\Patrick\Documents\Autodesk Application Manager
2014-12-06 04:29 - 2014-12-06 13:50 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Autodesk
2014-12-06 04:29 - 2014-12-06 04:29 - 00000000 ____D () C:\Users\Patrick\Documents\Inventor Server SDK ACAD 2015
2014-12-06 04:26 - 2014-12-06 04:26 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-12-06 04:26 - 2014-12-06 04:26 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-12-06 04:25 - 2014-12-06 16:10 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-12-06 04:25 - 2014-12-06 16:10 - 00000000 ____D () C:\Program Files\Autodesk
2014-12-06 04:11 - 2014-12-06 04:11 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-12-06 04:08 - 2014-12-06 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-12-06 02:53 - 2014-12-06 16:10 - 00000000 ____D () C:\ProgramData\Autodesk
2014-12-06 02:53 - 2014-12-06 15:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Autodesk
2014-12-06 02:49 - 2014-12-06 02:49 - 00000000 ____D () C:\Autodesk
2014-12-06 02:47 - 2014-12-06 02:48 - 15009304 _____ () C:\Users\Patrick\Downloads\AutoCAD_2015_German_Win_32-64bit_R1_wi_de-DE_Setup.exe
2014-12-04 22:18 - 2014-12-04 22:18 - 00001380 _____ () C:\Users\Public\Desktop\Command and Conquer Generals and Zero Hour.lnk
2014-12-04 22:18 - 2014-12-04 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Generals and Zero Hour
2014-12-04 21:16 - 2014-12-04 21:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-25 16:11 - 2014-11-26 16:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\235C5076.sys
2014-11-23 22:44 - 2014-11-23 22:44 - 00000000 ____D () C:\Users\Patrick\AppData\Local\4kdownload.com
2014-11-23 22:39 - 2014-11-23 22:39 - 00000913 _____ () C:\Users\Patrick\Desktop\4K Video Downloader.lnk
2014-11-23 22:39 - 2014-11-23 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2014-11-23 22:38 - 2014-11-23 22:39 - 24373248 _____ (Open Media LLC ) C:\Users\Patrick\Downloads\4kvideodownloader_3.4.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-22 06:05 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 06:05 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 06:01 - 2013-09-14 09:18 - 01274362 _____ () C:\Windows\WindowsUpdate.log
2014-12-22 05:59 - 2012-05-15 17:37 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{263F7BFB-456B-4395-8B14-60E623996FB7}
2014-12-22 05:58 - 2014-05-21 22:39 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-22 05:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-22 00:37 - 2012-05-15 18:05 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\TS3Client
2014-12-21 23:45 - 2012-05-26 17:55 - 00000000 ____D () C:\Users\Patrick\AppData\Local\TSVNCache
2014-12-21 22:47 - 2014-08-14 15:25 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-12-21 22:46 - 2014-04-07 20:03 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCsoft
2014-12-21 21:58 - 2014-10-02 20:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CAPCOM
2014-12-21 21:57 - 2013-03-27 23:11 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Warframe
2014-12-21 14:02 - 2013-12-04 17:10 - 00000000 ____D () C:\Program Files\Tablet
2014-12-21 03:48 - 2012-05-18 22:51 - 00011007 _____ () C:\Users\Patrick\Desktop\︻デ═一.txt
2014-12-20 20:32 - 2012-05-15 18:21 - 00000000 ____D () C:\ProgramData\Origin
2014-12-15 06:12 - 2014-09-27 13:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-14 13:58 - 2014-09-27 13:14 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 13:58 - 2013-08-22 17:16 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe
2014-12-14 13:58 - 2012-05-15 17:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-14 13:58 - 2012-05-15 17:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-13 05:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 04:34 - 2013-08-06 21:38 - 00000000 ___RD () C:\Users\Patrick\Dropbox
2014-12-13 04:34 - 2013-08-06 21:36 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Dropbox
2014-12-10 16:22 - 2014-05-06 06:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:31 - 2013-08-14 06:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:27 - 2012-05-19 01:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 05:46 - 2013-08-06 21:37 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-07 19:28 - 2014-05-10 17:22 - 00000000 ____D () C:\Users\Patrick\Documents\Command and Conquer Generals Zero Hour Data
2014-12-07 17:47 - 2012-11-02 18:46 - 00000000 ____D () C:\Users\Patrick\Documents\Command and Conquer Generals Data
2014-12-06 04:45 - 2013-04-19 06:28 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-06 02:50 - 2013-02-01 21:03 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Akamai
2014-12-04 21:21 - 2013-04-19 20:10 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\.minecraft
2014-12-04 21:11 - 2014-10-13 20:40 - 00000790 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-04 21:11 - 2014-05-21 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-04 20:16 - 2013-12-18 06:45 - 00000000 ____D () C:\Users\Patrick\AppData\Local\DayZ
2014-12-02 17:50 - 2013-08-06 01:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-02 15:22 - 2013-05-23 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-01 09:18 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-29 10:20 - 2012-05-15 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-26 07:32 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-11-26 07:32 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-11-26 07:32 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-25 23:36 - 2014-10-12 12:20 - 00000000 ____D () C:\Users\Patrick\Desktop\Daten
Files to move or delete:
====================
C:\ProgramData\hash.dat
Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-17 16:41
==================== End Of Log ============================
--- --- ---
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by Patrick at 2014-12-22 06:06:55
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\uTorrent) (Version: 3.4.1.30740 - BitTorrent Inc.)
4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.4.1500 - Open Media LLC)
AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome (HKLM-x32\...\Steam App 15560) (Version: - Dejobaan Games, LLC)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Agarest: Generations of War (HKLM-x32\...\Steam App 237890) (Version: - Idea Factory)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
ArcheAge (HKLM-x32\...\Steam App 304030) (Version: - XLGAMES)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.11.0 - Ask.com) <==== ATTENTION
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.3.30498 - Ask.com) <==== ATTENTION
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
Bastion (HKLM-x32\...\{7AF3D8F2-B2C2-4F8B-AFA4-C90001F56B1A}) (Version: 1.0.2 - Supergiant Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games)
Blade Symphony (HKLM-x32\...\Steam App 225600) (Version: - Puny Human Games)
Blades of Time (HKLM-x32\...\Steam App 208670) (Version: - Gaijin Entertainment Corporation)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cloudbuilt (HKLM-x32\...\Steam App 262390) (Version: - Coilworks)
Command & Conquer(TM) Generäle (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer(TM) Generäle (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Croixleur Sigma (HKLM-x32\...\Steam App 250640) (Version: - souvenir circ.)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Cubemen (HKLM-x32\...\Steam App 207250) (Version: - 3 Sprockets)
Curse Client (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{5BF96C31-7458-4C35-AD3F-96ED68C6A9E6}) (Version: 0.9.101 - Dotjosh Studios)
Dead Space (HKLM-x32\...\Steam App 17470) (Version: - EA Redwood Shores)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.948.0 - Electronic Arts)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DEFCON (HKLM-x32\...\Steam App 1520) (Version: - Introversion Software)
Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version: - Capcom)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version: - Ninja Theory)
Dragon Age™ II (HKLM-x32\...\{4D565319-8B91-41CB-961C-0DDC86101AC5}) (Version: 1.04.8524.0 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Fairy Bloom Freesia (HKLM-x32\...\Steam App 214590) (Version: - Edelweiss)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Bethesda Softworks)
FileZilla Client 3.7.0.2 (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\FileZilla Client) (Version: 3.7.0.2 - FileZilla Project)
Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version: - Red 5 Studios)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free System Utilities (HKLM-x32\...\{da17cad2-a06b-4a76-8625-b1d1a94aa675}) (Version: 1.0.0.16 - Covus Freemium GmbH)
Free SystemUtilities (x32 Version: 1.0.0.16 - Covus Freemium GmbH) Hidden
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - )
Full Mojo Rampage (HKLM-x32\...\Steam App 225280) (Version: - Over the Top Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - )
Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intake (HKLM-x32\...\Steam App 237760) (Version: - Cipher Prime Studios)
iPi Mocap Studio 2 (HKLM-x32\...\Steam App 221200) (Version: - )
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
Java(TM) 7 Update 4 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417004FF}) (Version: 7.0.40 - Oracle)
John's Background Switcher 4.8 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 4.8 - johnsadventures.com)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
LOGO!Soft Comfort V7.0 (Demo) (HKLM\...\LOGO!Soft Comfort V7.0 (Demo)) (Version: 7.0.0.0 - Siemens AG)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.1.4 - www.leaguereplays.com)
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version: - Vlambeer)
Magicite (HKLM-x32\...\Steam App 268750) (Version: - SmashGames)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro)
Marine Sharpshooter II: Jungle Warfare (HKLM-x32\...\Steam App 283370) (Version: - Jarhead Games)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)
Mars: War Logs (HKLM-x32\...\Steam App 232750) (Version: - Spiders)
Melody's Escape (HKLM-x32\...\Steam App 270210) (Version: - Icetesy SPRL)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.1.2 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version: - CyberConnect 2)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
Nuclear Dawn (HKLM-x32\...\Steam App 17710) (Version: - InterWave Studios)
NVIDIA 3D Vision Controller-Treiber 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{0b2610da-2995-40ab-bd87-b130b331626f}) (Version: latest - ppy Pty Ltd)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - Overkill)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - Indie Stone Studios)
Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)
Q.U.B.E. (HKLM-x32\...\Steam App 203730) (Version: - Toxic Games)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version: - Ubisoft)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version: - Volition)
Red Faction: Guerrilla (HKLM-x32\...\Steam App 20500) (Version: - Volition)
Resident Evil Revelations / Biohazard Revelations UE (HKLM-x32\...\Steam App 222480) (Version: - Capcom)
Revenge of the Titans (HKLM-x32\...\Steam App 93200) (Version: - Puppygames)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version: - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0002 - Roccat GmbH)
SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden
Shutdowner Version 2.0.2 (HKLM-x32\...\{08CF87BD-F3CD-4D6B-A0F1-9CE86DEF3407}_is1) (Version: 2.0.2 - Scriptinggamer)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - )
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - )
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version: - MinMax Games Ltd.)
Spacebase DF-9 (HKLM-x32\...\Steam App 246090) (Version: - Double Fine Productions)
Spiral Knights (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\Spiral Knights) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steganos Trace Destructor 12 (HKLM-x32\...\{D05DA216-EE7D-4967-98C0-8F7D990B95B9}) (Version: 12.0 - Steganos Software GmbH)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: - )
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version: - Gas Powered Games)
Supreme Commander: Forged Alliance (HKLM-x32\...\Steam App 9420) (Version: - Gas Powered Games)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TCCL version 1.2.0.6 (HKLM-x32\...\{6F932967-0DE4-4DDC-BCB3-7334A08306F8}_is1) (Version: 1.2.0.6 - Eikester)
TeamSpeak 3 Client (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
The Darkness II (HKLM-x32\...\Steam App 67370) (Version: - Digital Extremes)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version: - Tango Gameworks)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
TortoiseSVN 1.7.7.22907 (64 bit) (HKLM\...\{4371D69B-FB6A-4A61-8477-C1B919FB2311}) (Version: 1.7.22907 - TortoiseSVN)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.324 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.324 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.324 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2601009374-1138354635-3863266767-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-5a9289c4-b665-434d-aa91-5e5299491e34) (Version: - Epic Games, Inc.)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-2 - Wacom Technology Corp.)
Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version: - Yeti Trunk)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - )
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
YGOPro DevPro Version 1.9.8 r9 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.8 r9 - YGOPro DevPro Online)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{0fdfce74-dc6f-4b24-acfd-aebabd2a8e2b}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{4c6f080e-f754-4e7c-a751-538fb3d6a88d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2601009374-1138354635-3863266767-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
10-12-2014 07:25:47 Windows Update
13-12-2014 03:00:20 Windows Update
13-12-2014 17:32:00 DirectX wurde installiert
14-12-2014 21:39:09 DirectX wurde installiert
19-12-2014 17:02:32 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A75B449-11CE-48E8-A9FE-A7DBB241F026} - \BitGuard No Task File <==== ATTENTION
Task: {4CAAEBE6-A376-4402-B723-9AB9F0A263EF} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {653BB5A0-0CCD-431D-BE7E-0F7F1A9BE813} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {9FBC0563-E670-45CD-AFE4-DD8F4E8CD2F8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => D:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-06-16] (TuneUp Software)
Task: {CC66A0C0-DAAF-4DA0-BE60-479E46862819} - \EPUpdater No Task File <==== ATTENTION
Task: {E3847A98-A078-4E00-8A4F-FF294365F7F8} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {EA911D86-E70F-462A-B078-0E3FC11A6BE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14] (Adobe Systems Incorporated)
Task: {F14DC99F-FC63-4A05-ADC1-6E3E2D1A55BC} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-05-16 05:51 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-05-15 12:29 - 2012-05-15 12:29 - 00088968 _____ () E:\Program Files\TortoiseSVN\bin\libsasl.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-12-04 17:10 - 2013-12-17 02:17 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2012-05-16 04:50 - 2014-06-19 05:09 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-16 12:14 - 2014-06-16 12:14 - 00699704 _____ () D:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-08-29 13:22 - 2014-12-01 22:31 - 02396672 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 13:22 - 2014-12-01 22:31 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 13:22 - 2014-12-01 22:31 - 00479744 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 13:22 - 2014-12-01 22:31 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2014-12-10 07:04 - 2014-12-02 01:29 - 05002752 _____ () D:\Program Files (x86)\Steam\v8.dll
2014-12-10 07:04 - 2014-12-02 01:29 - 01612800 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2014-12-10 07:04 - 2014-12-02 01:29 - 01210368 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 23:15 - 2014-12-20 00:38 - 02226880 _____ () D:\Program Files (x86)\Steam\video.dll
2014-08-29 13:22 - 2014-12-01 22:31 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2012-09-26 19:56 - 2014-12-20 00:38 - 00696000 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-02-17 17:00 - 2012-07-08 16:31 - 00061440 _____ () D:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2012-05-15 11:54 - 2012-05-15 11:54 - 00070536 _____ () E:\Program Files\TortoiseSVN\bin\libsasl32.dll
2012-09-26 19:56 - 2014-12-20 00:38 - 34641288 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 11:46 - 2014-12-20 00:38 - 01709960 _____ () D:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2013-08-06 01:30 - 2014-12-02 15:22 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-14 13:58 - 2014-12-14 13:58 - 16843952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: BitGuard => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SystemStoreService => 2
MSCONFIG\Services: WinTabService => 2
MSCONFIG\startupfolder: C:^Users^Patrick^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
========================= Accounts: ==========================
Administrator (S-1-5-21-2601009374-1138354635-3863266767-500 - Administrator - Disabled)
Gast (S-1-5-21-2601009374-1138354635-3863266767-501 - Limited - Disabled)
Patrick (S-1-5-21-2601009374-1138354635-3863266767-1000 - Administrator - Enabled) => C:\Users\Patrick
UpdatusUser (S-1-5-21-2601009374-1138354635-3863266767-1004 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/22/2014 05:58:37 AM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
Error: (12/22/2014 05:58:25 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Program Files (x86)\Steam\steam.exe
Error: (12/21/2014 11:45:55 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Program Files (x86)\Steam\steam.exe
System errors:
=============
Error: (12/22/2014 05:59:09 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%1168.
Error: (12/22/2014 05:57:59 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
easrmd
lfsjj
melta
Error: (12/22/2014 05:57:59 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Autodesk Content Service" wurde nicht richtig gestartet.
Error: (12/22/2014 05:54:48 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%1168.
Error: (12/21/2014 11:49:57 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%1168.
Error: (12/21/2014 11:49:08 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%1168.
Error: (12/21/2014 11:44:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
easrmd
lfsjj
melta
Error: (12/21/2014 11:44:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Autodesk Content Service" wurde nicht richtig gestartet.
Error: (12/21/2014 11:42:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steganos Volatile Disk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/21/2014 11:42:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steganos Volatile Disk erreicht.
Microsoft Office Sessions:
=========================
Error: (12/22/2014 05:58:37 AM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
Error: (12/22/2014 05:58:25 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for D:\Program Files (x86)\Steam\steam.exe
Error: (12/21/2014 11:45:55 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for D:\Program Files (x86)\Steam\steam.exe
CodeIntegrity Errors:
===================================
Date: 2014-10-10 19:27:43.324
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 19:27:43.252
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:25:13.967
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:25:13.889
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:18:00.887
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:18:00.809
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:12:06.180
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:12:06.102
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 16:20:44.477
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 16:20:44.414
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\PTSimBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Percentage of memory in use: 22%
Total physical RAM: 12253.99 MB
Available physical RAM: 9523.27 MB
Total Pagefile: 24506.16 MB
Available Pagefile: 21560.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:85.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Spiele) (Fixed) (Total:585.84 GB) (Free:50.63 GB) NTFS
Drive e: (Sonstiges) (Fixed) (Total:150.16 GB) (Free:51.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08DC08DB)
Partition 1: (Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=150.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
